Request format

Requests are to be sent via HTTP 2 or HTTP 1.1 using SSL (HTTPS) to the following address:<method>

Format of request parameters:

  • Key/value pairs, packed as HTTP 1.1 POST request parameters.
  • MIME type: application/x-www-form-urlencoded.
  • Character encoding: UTF-8.

Best security practices:

  • All API queries must be sent over HTTPS, plain HTTP requests will be refused.
  • Your application should verify the validity of the server's SSL certificate. If the SSL certificate did not pass the verification, connection must be aborted immediately to prevent an unauthorized access.

Sign requests with your secret_hash

Every request must contain correct secret_hash parameter.

A secret_hash contains the SHA-1 hash function value from packing ALL notification parameters together with your secret.

secret_hash = sha1(string&secret)

To check the integrity and authenticity of the received notification, compute the hash using the algorithm below.

Example format for the /getinvoice method


Example string


Example format for the /createinvoice method


Example string