GET /validatesignature¶

Allows the merchant to check if their API key and signing process are valid.

Example URLs:

https://api.laterpay.net/validatesignature (EU Production)
https://api.sandbox.laterpaytest.net/validatesignature (EU Sandbox)
https://api.uselaterpay.com/validatesignature (US Production)
https://api.sandbox.uselaterpaytest.com/validatesignature (US Sandbox)

Available via

HTTPS

Applicable SLA

LaterPay API

Parameters¶

salt (required): Random string added for security, should be different on each request.
cp, hmac, ts (required): Common Parameters

Response¶

/validatesignature returns a JSON response with (some of) the following keys:

status: 'ok' if the request was handled correctly and signature is valid, or 'error' if some problem occurred.
message: If there was a problem, there may be an additional 'message' value explaining the problem.
is_valid: true if signature is valid and and no problems with merchant’s account were detected, otherwise false.

Example responses:

HTTP/1.1 200 OK
Content-Type: application/json

{
    "status"      : "ok",
    "is_valid"    : true
}

Signature is invalid (either API key or signing process is at fault):

HTTP/1.1 400 Bad Request
Content-Type: application/json

{
    "status"      : "error",
    "message"     : "Signature does not match.",
    "is_valid"    : false
}

Merchant account defined by cp parameter is disabled:

HTTP/1.1 403 Forbidden
Content-Type: application/json

{
    "status"      : "error",
    "message"     : "This account is disabled.",
    "is_valid"    : false
}

Merchant account defined by cp parameter does not exist:

HTTP/1.1 404 Not Found
Content-Type: application/json

{
    "status"      : "error",
    "is_valid"    : false
}