PAYONE Documentation Platform | PAYONE Link - Authorization + Linkstatus

To create and manage PAYONE Links we provide the following API.

Authorization takes place via the Authorization header in the HTTP request and is subject to the following schema:

---end

Authorization header example
`Authorization: payone-hmac-sha256 VP35q2dC855VYEs0nzqTCbAx2BAUq1+oO1yByuvPcl4=`

---end

Create/Update Link

---end

The total amount is calculated as follows from the shopping cart:

shoppingCart
`"shoppingCart": [ { "type": "goods", "number": "article1", "price": 25, "quantity": 2, "vatRate": 7 }, { "type": "goods", "number": "article2", "price": 50, "quantity": 1, "vatRate": 7 } ]`

---end

Total amount calculation
`article1.price * article1.quantity + article2.price * article2.quantity = totalAmount`

---end

The token is now calculated in the following way:

Concatenating principle
`merchantId + accountId + portalId + mode + reference + totalAmount + currency = dataToBeSigned`

---end

Concatenating example
`18333 + 18334 + 2111222 + LIVE + uniqueReference + 100 + EUR = 18333183342111222LIVEuniqueReference100EUR`

---end

HmacSAH256 principle
`HmacSHA256(dataToBeSigned, portalKey) = signature`

---end

HmacSHA256 example
`HmacSHA256(18333183342111222LIVEuniqueReference100EUR, superSecret) = signature`

---end

Base64 principle
`Base64(signature) = token`

---end

Base64 example
`Base64(signature) = cBSvOHskJqf0Si/5ZP+mlM8lCm0zvT/YbH6MvvQWNBs=`

---end

Finally we put the result in the header and get the request header:

Example header
`Authorization: payone-hmac-sha256 cBSvOHskJqf0Si/5ZP+mlM8lCm0zvT/YbH6MvvQWNBs=`

---end

The principle remains the same the data to be signed is now: linkId

Example get single link
`Base64(HmacSHA256(linkId, portalKey))`

---end

The principle remains the same:

Get all links
`Base64(HmacSHA256(merchantId + accountId + portalId + mode, portalKey))`