Introduction

ZoodPay wants to provide its payment solution to every online business who may be interested in it. Merchant Account API v0 is the latest version which offers our latest features.

Please contact to our account manager who helps you to create a ZoodPay account. Please collect the Sandbox and Production keys to start the integration process.

API Environments

Please check API Environments as mentioned below:

Production

https://accountapi.zoodpay.com

Sandbox

https://sandbox-accountapi.zoodpay.com

ZoodPay Service Models

ZoodPay offers their merchants a choice of two different service models.

1. ZoodPay Installment (ZPI)

This service model completes the payment approval, starts the consumer's payment plan (installments), and settles the order value with the merchant's nominated bank account.

API Architecture

REST

The Merchant Account API is organised around REST. The API attempts to use predictable, resource-oriented URLs and to use HTTP status codes to indicate errors.

HTTPS

The Merchant Account API requires all communications to be secured using TLS 1.2 or greater.

Request Headers

Clients must send appropriate headers with all requests.

HTTP Headers

Authentication

Merchant Account API uses Basic HTTP Authentication, a simple authentication scheme as explained below and specified by RFC 7617

All API endpoints require this form of authentication except Healthcheck On wrong/incorrect authentication API request will result into "401 Unauthorised" response.

For Example

**Note

In conventional HTTP terms, "Merchant Key" is the username and "Secret Key" is the password.

How to create basic auth?

The Authorization header can then be formed by including the word Basic, followed by a single space character, followed by the base64-encoded credential pair.

Healtcheck

This endpoint can be used to check whether ZoodPay service is available and reachable.

              
                GET https://{environment}.zoodpay.com/healthcheck

                curl --request GET \
                --url https://sandbox-accountapi.zoodpay.com/healthcheck \
                --header 'content-type: application/json'     
              
            

Signature/Checksum Generation Logic

Merchant Logic to create Signature

Merchant will use the sha512 to create the signature. Fields will be used as mentioned [NOTE: we have different signature logic for both APIs transaction and refund as below] :

              
                string = merchant_key|merchant_reference_no|amount|currency|market_code|salt

                transaction signature = sha512(string) 
                

                string = merchant_key|merchant_reference_no|refund_amount|transaction_id|salt
  
                refund signature = sha512(string) 
              
            

Note: Each field will be separated by delimiter "|".

Merchant will send the signature in request payload to ZoodPay. Zoodpay will validate the signature and will return error Checksum provided is invalid if signature is invalid.

ZoodPay Logic to create Signature

ZoodPay will use the sha512 to create the signature. Fields will be used in reverse order as mentioned :

              
                string = market_code|currency|amount|merchant_reference_no|merchant_key|transaction_id|salt

                transaction signature = sha512(string) 
              
            

It will send in response payload to Merchant. Merchant will validate the signature and update transaction status accordingly if signature is invalid. Or they can also use our Get Transaction Status API to check the status of transaction.

Note: Salt will be provided at the time of account creation.

Note: Each field will be separated by delimiter "|".

Zoodpay will send the signature in refund callback request payload to Merchant. Merchant will validate the signature and update refund status accordingly if signature is invalid.

API Simulator

Please click here it will be open in a new page

Errors

Merchant Account API indicates success or failure of a request via HTTP status codes.