For any request initiated by the merchant, we request the merchant to pass certain data in headers of the request. This helps us validate that the request truly originated from a trust worthy entiry.
The header should consist of the following keys :
| Key | Value | Description | Optional |
|---|---|---|---|
| Zamp-Merchant-Id | This will be shared for each merchant by the Zamp Onboarding team | This UUID uniquely identifies the merchant on our platform | N |
| Zamp-Signature | This is a Base64 encoding of the SHA256 Hash of apiKey:merchantSecret. Both of these paraments will be shared to the merchant by the Zamp Onboarding team | This helps Zamp authenticate any particular incoming requests | N |
| Zamp-Version | 1.0.0 | The version of the Zamp APIs being used by the merchant. A new version will only be released when there is a backward incompatible change | N |
| Idempotency-Key | string | Unique Key which will make all POST requests Idempotent. In absence of this key, idempotency will not be checked for. | Y |