Create Payment Link
To create a payment link, you can use the following API endpoint. This allows you to initiate a payment process for a specified amount and currency.
HTTP Request
POST https://outdoor.kasroad.com/wallet/createPaymentLink
Headers
x-api-key
: Your API keyContent-Type
: application/json
Request Body
{
"amount": "YOUR_AMOUNT_HERE",
"currency": "USD",
"email": "YOUR_EMAIL_HERE",
"ref": "YOUR_UNIQUE_REFERENCE",
"redirectUrl": "https://yourwebsite.com?kazawallet=success"
}
cURL Example
curl -X POST 'https://outdoor.kasroad.com/wallet/createPaymentLink' \\
-H 'x-api-key: XXXXXXXXXX' \\
-H 'Content-Type: application/json' \\
-d '{
"amount": "YOUR_AMOUNT_HERE",
"currency": "USD",
"email": "YOUR_EMAIL_HERE",
"redirectUrl": "https://yourwebsite.com?kazawallet=success"
}'
Webhook Notification
To receive a notification when a user completes a payment, you must set up a webhook URL in your profile. Once the payment is made, a POST request with the payment details will be sent to your webhook URL ONLY ONE TIME.
Webhook Payload
The webhook will send a POST request with the following information:
order_id
: The Id of the payment linksecret
: A secret code for verificationamount
: The amount paidref
: Sent with the payload, for example you can use it to Reference the user id in your systemstatus
: Can be "fulfilled" or "timed_out", this will indicate whether the link is paid or not.currency
: The code of used currency.
Security Verification
To verify the authenticity of the webhook request, you need to calculate a verification code and compare it with the secret
received from the API. Below is a PHP example of how to perform this verification.
PHP Example
<?php
$amount = 'your_amount'; // Replace with the actual amount
$order_id = 'your_order_id'; // Replace with the actual payment link ID
$kazawalletApiKey = 'your_kazawallet_api_key'; // Replace with the actual kazawallet API key
$kazawalletApiSecret = 'your_kazawallet_api_secret'; // Replace with the actual kazawallet API secret
// Create the secret string by concatenating the amount, order_id, and kazawalletApiKey
$secretString = $amount . ':::' . $order_id . ':::' . $kazawalletApiKey;
// Generate a SHA-256 hash of the secret string
$hashDigest = hash('sha256', $secretString, true);
// Generate an HMAC-SHA512 hash of the SHA-256 hash using the kazawalletApiSecret
$hmacDigest = hash_hmac('sha512', $hashDigest, $kazawalletApiSecret, true);
// Encode the HMAC-SHA512 hash in Base64
$hmacDigestBase64 = base64_encode($hmacDigest);
// Output the Base64-encoded HMAC-SHA512 signature
echo $hmacDigestBase64;
?>
Verification Process
To ensure the security of the webhook notification, perform the following steps:
- Receive the webhook POST request with the
order_id
,secret
,status
andamount
. - The provided PHP code is just a dummy example to demonstrate how to calculate the HMAC-SHA512 signature based on the received
order_id
,status
andamount
, along with yourkazawalletApiKey
andkazawalletApiSecret
. - Compare the calculated HMAC-SHA512 signature with the
secret
received from the webhook. - If they match, the request is authentic, and you can proceed with processing the payment confirmation.
Please ensure that your API key and secret are kept confidential and are not exposed in client-side code.