Guides
Start typing to search…

Getting Started with Bear Pay

Introduction

This document outlines the technical details for interacting with the Transaction Endpoint API,
which allows users to create new transactions and receive callbacks.

API Key

To use the Transaction Endpoint, you need to contact us and obtain an API Key for your organization.
This key will be used to authenticate all API requests made by your organization.

API Request

To create a new transaction, you must make a POST request to the Transaction Endpoint URL,
including the defined parameters in the request body and X-API-Key header with ApiKey.

X-API-Key

Consists of Key and Signature separated by a comma. (Key=API_KEY,Signature=SIGNATURE)
Key is always the same for all requests. It's your public key.
Signature is a hash of the request body and your private key for requests with body.
Or hash of query string and your private key for requests without body.
query string is a string of path (without host) and all query parameters separated by & symbol.

message := ctx.Request().Body()
// if body is empty.
if len(message) == 0 {
  // path + ? + query string.
  message = ctx.Request().URI().PathOriginal()
  if len(ctx.Request().URI().QueryString()) > 0 {
    message = append(message, append([]byte(`?`), ctx.Request().URI().QueryString()...)...)
  }
  
  // URL = https://bearpay.io/bearpay/api/v1/currencies?type=crypto
  // message = /bearpay/api/v1/currencies?type=crypto
}


myPrivateKey := "YOUR_PRIVATE_KEY"
hash := sha256.Sum256(append(message, []byte(myPrivateKey)...))
signature := hex.EncodeToString(hash[:])

Callback Definition

A callback is a mechanism through which the API server can send information to your server about a particular
transaction.
When a transaction is processed, the server will send a POST request to the specified callback URL.
Each callback request will include an X-Hash header, which is a unique identifier for the callback,
and a callback_example body, which is a JSON object that contains information about the transaction.

Note: The callback definition is fixed and cannot be modified.

Security

To ensure security and prevent unauthorized access, we recommend that you validate the X-Hash header on every callback
request received from the API server.
This header contains a unique hash value generated by the API server, which can be used to verify the authenticity of
the callback.

Conclusion

The Transaction Endpoint API is a simple and powerful tool for creating new transactions and receiving callbacks for
different stages of transaction processing.
To get started, please contact us and obtain an API Key for your organization.

Updated 6 months ago