FYI: we are still updating it. But you can start integrating.

• All merchants need to be registered with KESS first, then we’ll provide
1. merchant id
2. merchant secret key
3. an api username
4. and password
5. RSA2 Certificate (a private key and a public key file). If you want to generate your own RSA2 certificate, you need to provide us with a private/public key for decryption.
• All POST/PUT/PATCH APIs are required form sign (sign_type = RSA2 and sign params)!!!
• All rest api required header
1. merchant-id = (Your merchant id provide by KESS)
2. merchant-secret-key = (Your merchant secret key provided by KESS)
• By default, KESS will use your private key to decrypt sensitive fields when you call the api. So you need to use the public key to encrypt the fields.
• You’ll see fields that need to be encrypted in the api).
• So KESS doesn’t encrypt data for the response.
• To sign
1. Prepare post params for sign
1. Remove empty value params
2. Cleaned params and sort params key as ascending
3. Build url query for the params ( no ? at the beginning and & at the end of the string)
4. If the param’s value is an array, it must be encoded and put in [ ]
5. The string will be used to pass to your RSA2 method to sign.
2. Use your private key for RSA2 (in case KESS use your public key to decrypt)
3. Set Encryption Mode to ENCRYPTION_PKCS1
4. Set Signature Mode to SIGNATURE_PKCS1
5. RSA encrypts the string content
6. Do base64 encode for the encrypted string, then the bas64 string is our sign content.

(We have sample for php, you can check rsa2Sign() method in KESS_RSA.php)

API_BASE_URL =

Dev url base:https://clientdev.kesspay.io/partnerapi/v1/

• user_name = (Your merchant api user name provided by KESS)
• password = (Your merchant api password provided by KESS)