Netzme vSNAP
  • Introducing
  • Getting Started
  • API Reference
    • Toko Netzme
      • Credentials & Signature
      • Authentication
      • Create pin
      • Forgot pin
      • Get Balance Detail
      • Get Transaction List
      • Get Merchant Detail
      • Withdraw Inquiry
      • Get Information Withdraw
      • Get QRIS Acquire Transaction
      • Create Invoice
      • Create Invoice Transaction
      • Create Invoice QR MPM
      • Get Invoice Transaction
      • Payment Success Callback (Invoice)
      • Payment Success Callback (QRIS Non Invoice )
      • Payment Success Callback V2
        • Payment Success Callback QRIS
        • SNAP Payment Success Callback QRIS
      • Withdraw Status Notification
      • Deduct Deposit and Split Fee
      • Deposit
        • Create Invoice Transaction Topup Deposit
        • Inquiry Withdraw Deposit
        • Withdraw Deposit
        • Get Information Withdraw Deposit
        • Get Deposit Transaction
        • Get Balance Deposit
      • Withdraw Process
      • SNAP Asymmetric Signature
    • Netzme
      • Connect to Netzme
      • Credentials & Signature
      • Authentication
      • Get Account Status
      • Get Balance
      • Get History
      • Get Fixed Topup VA
      • Get Detail Qris
        • QRIS Static
        • QRIS Static With Amount & Percentage Fee
        • QRIS Dynamic
        • QRIS Dynamic with Fee
      • QRIS Payment
      • QRIS Payment Notification
      • Payment Bill
      • Payment Bill Notification
      • Payment Netzme Seamless
      • Upgrade Account Notification
      • Upgrade Account
Powered by GitBook
On this page
  1. API Reference
  2. Netzme

Credentials & Signature

PreviousConnect to NetzmeNextAuthentication

Last updated 10 months ago

To start integrating with Netzme API make sure you already have all secret keys

Netzme team will provide you the secrets via email.

Key Name
Value
Description

CLIENT_ID

e.g: NetmeClientId

Identifier, provided to you by Netzme

CLIENT_SECRET

e.g: f013bc2810be469790dc99773c08812e

Secret Identifier, provided to you by Netzme

Private_Key

e.g: MIIBOQIBAAJBAJalQt9eQzzNLvaNRA7WM1nUuFFc06T9TmeIl5Di3VI5IH1Fn//hVqgbCVf9FWPU/hrc0wZzr4dP53o2CnMLqHsCAwEAAQJAcGKB7Rnpl2aLbqwc5eSvEok7qJdT3XaME3k3eYOGEVwf91LUrR9soDJV9QAJA1Vg3vhCbyBwTdjCvnzJNUH1AQIhAMXvclXRO1xPEnSToHEDPv9WT9Q5j5AfYDFeIBC4C/LhAiEAwtZx5kzJUouj1CBhQp0KAOxWs2ecec9PnIUaJR2xItsCIEkdv32F8ciSiP25Ps4gZdgKeSirLqYNgQobe/rREdDhAiBywKiu0lTUiCgCfNurxyAoMQpTedfAKmiiMAaZC6bTdwIgNW0qKB9+h2+v5j3x8BrbQbf80xZRqsBcUyZWr5uGs5U=

Private RSA KEY, provided to you by Netzme

x-callback-token

e.g: Z3kwbFV5bTZnSTNjSmhlNDhDa2d0UjRORk1abW5NSmVZbTJpbldtbFhUczlnWVBXbG9xdU1mS2d4cWxwUkhJVEcycWx5d0lLRmxsNW8yYURKQlc4YVJYNzE3c0lqVXk1a0Rxdg==

Your Netzme unique callback token to verify the origin of the callback. This parameter will be provided on every callback, e.g

1. Signature Authentication

X-SIGNATURE parameter contains Signature for ensure that the data in every request and response cannot be hijacked and imitated by unauthorized users. You will need to provide the parameters on .

How to compute the authentication signature

stringToSign = CLIENT_ID + "|" + X-TIMESTAMP
X-SIGNATURE = SHA256WithRSA(Private_Key, stringToSign)

Key
Value

Private_Key

e.g: MIIBOQIBAAJBAJalQt9eQzzNLvaNRA7WM1nUuFFc06T9TmeIl5Di3VI5IH1Fn//hVqgbCVf9FWPU/hrc0wZzr4dP53o2CnMLqHsCAwEAAQJAcGKB7Rnpl2aLbqwc5eSvEok7qJdT3XaME3k3eYOGEVwf91LUrR9soDJV9QAJA1Vg3vhCbyBwTdjCvnzJNUH1AQIhAMXvclXRO1xPEnSToHEDPv9WT9Q5j5AfYDFeIBC4C/LhAiEAwtZx5kzJUouj1CBhQp0KAOxWs2ecec9PnIUaJR2xItsCIEkdv32F8ciSiP25Ps4gZdgKeSirLqYNgQobe/rREdDhAiBywKiu0lTUiCgCfNurxyAoMQpTedfAKmiiMAaZC6bTdwIgNW0qKB9+h2+v5j3x8BrbQbf80xZRqsBcUyZWr5uGs5U=

CLIENT_ID

e.g: NetmeClientId

X-TIMESTAMP

Client's current local time in yyyy-MM-ddTHH:mm:ssTZD

See the

2. Signature Service

How to compute the transactional signature

stringToSign = HTTPMethod + ":" + EndpointUrl + ":" + AccessToken + ":" + Lowercase(HexEncode(SHA256(minify(RequestBody)))) + ":" + X-TIMESTAMP
X-SIGNATURE = HMAC_SHA512(CLIENT_SECRET, stringToSign)

1. Authentication Signature

Sample Code (Java)

public void generateSignatureForAuthentication() {

    String clientId = "NetmeClientId";
    String timeStamp = "2022-08-10T00:00:00+07:00";
    String privateKey = "MIIBOQIBAAJBAJalQt9eQzzNLvaNRA7WM1nUuFFc06T9TmeIl5Di3VI5IH1Fn//hVqgbCVf9FWPU/hrc0wZzr4dP53o2CnMLqHsCAwEAAQJAcGKB7Rnpl2aLbqwc5eSvEok7qJdT3XaME3k3eYOGEVwf91LUrR9soDJV9QAJA1Vg3vhCbyBwTdjCvnzJNUH1AQIhAMXvclXRO1xPEnSToHEDPv9WT9Q5j5AfYDFeIBC4C/LhAiEAwtZx5kzJUouj1CBhQp0KAOxWs2ecec9PnIUaJR2xItsCIEkdv32F8ciSiP25Ps4gZdgKeSirLqYNgQobe/rREdDhAiBywKiu0lTUiCgCfNurxyAoMQpTedfAKmiiMAaZC6bTdwIgNW0qKB9+h2+v5j3x8BrbQbf80xZRqsBcUyZWr5uGs5U=";
    String stringToSign = clientId + "|" + timeStamp;

    try {
        byte[] decodeBase64 = org.apache.commons.codec.binary.Base64.decodeBase64(privateKey);
        java.security.PrivateKey key = readPkcs1PrivateKey(decodeBase64);
        java.security.Signature privateSignature = java.security.Signature.getInstance("SHA256withRSA");
        privateSignature.initSign(key);
        privateSignature.update(stringToSign.getBytes(StandardCharsets.UTF_8));
        byte[] s = privateSignature.sign();
        String result = java.util.Base64.getEncoder().encodeToString(s);

        //print out :CzXuT1rNLkteTuwMY5tWyg/4lxRLJChag8swpDOiO0IqtwMm8x5O7G+foD7Ufv509Xm6wJJ1lMvBA/pooiM4zQ==
        System.out.println("X-SIGNATURE " + result);
    } catch (java.security.GeneralSecurityException e) {
        e.printStackTrace();
    }
}

private java.security.PrivateKey readPkcs8PrivateKey(byte[] pkcs8Bytes) throws java.security.GeneralSecurityException {

    java.security.KeyFactory keyFactory = java.security.KeyFactory.getInstance("RSA", "SunRsaSign");
    java.security.spec.PKCS8EncodedKeySpec keySpec = new java.security.spec.PKCS8EncodedKeySpec(pkcs8Bytes);
    try {
        return keyFactory.generatePrivate(keySpec);
    } catch (java.security.spec.InvalidKeySpecException e) {
        throw new java.lang.IllegalArgumentException("Unexpected key format!", e);
    }
}

private java.security.PrivateKey readPkcs1PrivateKey(byte[] pkcs1Bytes) throws java.security.GeneralSecurityException {

    int pkcs1Length = pkcs1Bytes.length;
    int totalLength = pkcs1Length + 22;

    byte[] pkcs8Header = new byte[]{
    0x30, (byte) 0x82, (byte) ((totalLength >> 8) & 0xff), (byte) (totalLength & 0xff), // Sequence + total length
    0x2, 0x1, 0x0, // Integer (0)
    0x30, 0xD, 0x6, 0x9, 0x2A, (byte) 0x86, 0x48, (byte) 0x86, (byte) 0xF7, 0xD, 0x1, 0x1, 0x1, 0x5, 0x0, // Sequence: 1.2.840.113549.1.1.1, NULL
    0x4, (byte) 0x82, (byte) ((pkcs1Length >> 8) & 0xff), (byte) (pkcs1Length & 0xff) // Octet string + length
    };

    byte[] pkcs8bytes = joinByte(pkcs8Header, pkcs1Bytes);

    return readPkcs8PrivateKey(pkcs8bytes);
}

private static byte[] joinByte(byte[] byteArray1, byte[] byteArray2) {
    byte[] bytes = new byte[byteArray1.length + byteArray2.length];
    System.arraycopy(byteArray1, 0, bytes, 0, byteArray1.length);
    System.arraycopy(byteArray2, 0, bytes, byteArray1.length, byteArray2.length);
    return bytes;
}

2. Transactional Signature

Sample code (Java)

public void generateTransactionalSignature() {
    javax.crypto.Mac hmac512;
    String xSignature;
    String httpMethod = "GET";
    String endpointUrl = "/v1.0/transaction-history-list";
    String accessToken = "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2Njc4MTM1MjcsImlhdCI6MTY2NzgxMjYyNywiaXNzIjoicmFoeWFuX3N0ZyJ9.nMvam42YO7k40ZfZDjl1b24SPcS79Ic6qrhFEx7pEYyDQ8b1EsjHsWpR4DMi_zFLmQB8tJG7-YOmlFfBeKhacg";
    String timeStamp = "2022-08-10T00:00:00+07:00";
    String rawJsonBody = "{\"body\":{\"limit\":2,\"seqId\":0,\"userId\":\"WXhj9BiA\"},\"requestId\":\"bitdna202106281235010001\",\"type\":\"aggregator_transaction_history\"}";
    String secret = "86f03ec237644c61842e970010d453f8";

    try {
        java.security.MessageDigest digest = java.security.MessageDigest.getInstance("SHA-256");
        byte[] hash256 = digest.digest(rawJsonBody.getBytes(StandardCharsets.UTF_8));
        String encodedBodyRaw = org.apache.commons.codec.binary.Hex.encodeHexString(hash256).toLowerCase();
        String stringToSign = httpMethod + ":" + endpointUrl + ":" + accessToken + ":" + encodedBodyRaw + ":" + timeStamp;
        final byte[] byteKey = secret.getBytes(StandardCharsets.UTF_8);
        hmac512 = javax.crypto.Mac.getInstance("HmacSHA512");
        javax.crypto.spec.SecretKeySpec keySpec = new javax.crypto.spec.SecretKeySpec(byteKey, "HmacSHA512");
        hmac512.init(keySpec);
        byte[] macData = hmac512.doFinal(stringToSign.getBytes(StandardCharsets.UTF_8));
        xSignature = org.apache.commons.codec.binary.Hex.encodeHexString(macData);
      
        //print out : 0a8577a4a93fe19663ea0b367806ff44ca1695994c3b4719bb95f004e64359248defa0e31888013a89fc7c1fc3ba3906d131af3acc0ae9e3f97cb145747fed1b
        System.out.println("X-SIGNATURE " + xSignature);
    } catch (java.security.InvalidKeyException | java.security.NoSuchAlgorithmException e) {
        // Error generate signature.
        e.printStackTrace();
    }
}

X-SIGNATURE parameter contains Signature for ensure that the data in every request and response cannot be hijacked and imitated by unauthorized users. You will need to provide the parameters on every transactional endpoint (e.g: , , etc).

Key
Value

CLIENT_SECRET

e.g: f013bc2810be469790dc99773c08812e

HTTPMethod

Http Method, e.g: POST, GET, PUT, PATCH

EndpointUrl

Endpoint to hit. e.g:

AccessToken

accessToken value from

RequestBody

Your RAW request body(must be minified). e.g:

See the

Get Balance
Get History
sample code
Authentication endpoint
sample code
Qris Payment Notification
/v1.0/api/transaction-history-list
transaction history request
Authentication