Replace VPN with Public Key Infrastructure
These methods must be developed with PKI,(Contis has used x509 certificates to implement PKI. There will be 2 pairs of PKI certificates (Public & Private)
- Client certificates.
- Contis certificates
Client must share their certificate/public key with Contis, the certificate can be provided by you, alternatively Contis can generate the certificate pair. Contis will encrypt the sensitive field data using client’s public key and then whole request payload will be used to generate digital signature using Contis’ private key. This signature will be passed in request header as “x-signature” field.
Contis will share certificate/public key to client(s) to verify the signature generated & passed in each request by Contis. This public key will be used to verify the digital signature which can be found in request header as “x-signature” field at client end. This key can be used to encrypt any sensitive field(s) such as password, OTP etc. if it is passed in response. If any such fields found in response, Contis will decrypt those using Contis’ private key for further use.
For example:
Client certificate pair:
-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAhsPMmR2RizzAE63kdKJRCjn/MZH8memnxJUEsvP/pvIChZMM xXY7sSHUQa+zb0iR0kZrHx/QuHQAea/E1QAHzo9U3dM0I5+bEXObuVkJq9owJ//Q eZxXrpSyccFX3pdSLQuIdg1QVCvZrSxVvIna4sa5qBNbdR7nQhxoVdLi3Hv9uyyI 3tk4bK1d/klyY9XP7cL/3JeCZf/kbOfyb3KcgKuB2bi/fgdJhifvJGMj4ayVmBfe gJEfCu9SXZQvJJ/ZPuO0HVWMRVV65rJvhtgovezbYHErBqtwarvG4zyz9S60VOYC maA4OzvejgjU86MY/sALVcDvv3I+ekq1QW8EPwIDAQABAoIBADsqVjZ41U+4bamW JCESrBqdyMyWB7z46Kd1Nxlr5zb/tBy5qRc+J8nGDN6DyXbXePHE6b3B5Yw9nYHP Kc7L0yGcKsmysobbSSS5yUnv7b+NrKu682eYvKQQc2Fe3XmDnNfa4t/VS4mQsOIG /2MlcLw0PAku6m26khQjzai0S9Y5U7xVBLujMZSX9htxXA3vBOsae4V/ZT/kFOeK eIBc5MHYDRco4ePjRU/8XLj9GofAWSGHIDTz931TvF3jQjV7T3fmv1OltVeO3zYY t+HMUQG3psUFs7HXbLptFg2uGnAH5HOKf6J06J0ZSC1XHjfkAdSuyddOrSPKxUh0 XwkF/YkCgYEAys+Rp2ZbbU+bOAr6LV19sMvtYkNEfDTbfJHh1m+SRmqBanjeKd2e XqciP4HWFCW6+a/H9VshsT8p6q9Es6vZOoJQ68eYi2tJZr6zweqhiq17Fr73xoEk 4qB285WLx5YRPvNPUKzVDfJz56FSKjn4p8YqhaxHjWiOf8j2nzjJq9cCgYEAqhu4 RKqNnGwGohweJ/V4PO/zvtk/kV8HC8+fe2vGnOTw++oolTy2lLlzkkU9wkd9z4Nu avMQzR/YTkcbzQ3gyIRQM47oewGKb97pj3c5o8xdWmhkrXiJ7ys60Oc8gAANbzqw kk3XaWuKKAqlazYRJ/nfzmElrG7DGYdOA4GDHdkCgYEAtX37Qmr+9lt+9DAeoepA SK61yHGaH+zNXjTOfS9rH0jAd5+icKS6zMmUhHCUO4NoR3le39ql1BBKWpJuULtA snNcJyN/B4UDMscF5ksqNQf6Vuieoy1+7K/cwy7Y38sTs9nY6MFCCDEoN+jNtqwa MUnNU8JQZeNjYkddLC+NihECgYEAnT3qY27UYBdrOkaLiZxafNnBklT3ccVJmh1d 6pSBj14BdJvKz8jDbU7QChF/OSsknMF9O9dbXIFnTVRl2nJNqozEJiSfubR+51JC y58F5OdwE7YT+lZGCpMHVzuorRlfUcYKmfLigEwr9T+CEUx1J2LPAtLCJFZuehac gpkhPmECgYB/euG3LxhlwG/J9RKg8s/56Zw1+mfKrGKlfIYBOeeLadS90cyZLVp/ jttfbgTJ3CDLxA3haMHODR7ghLGgcfyp+8uVLWSZ4nVmOwuMXyttNb1DkB+ANx4R KOZ54R6PHnH/dBIQtxEikNzEjDoIyqKJfJKRTdWzVz2b47eQrIaqtA== -----END RSA PRIVATE KEY----- -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsPMmR2RizzAE63kdKJR Cjn/MZH8memnxJUEsvP/pvIChZMMxXY7sSHUQa+zb0iR0kZrHx/QuHQAea/E1QAH zo9U3dM0I5+bEXObuVkJq9owJ//QeZxXrpSyccFX3pdSLQuIdg1QVCvZrSxVvIna 4sa5qBNbdR7nQhxoVdLi3Hv9uyyI3tk4bK1d/klyY9XP7cL/3JeCZf/kbOfyb3Kc gKuB2bi/fgdJhifvJGMj4ayVmBfegJEfCu9SXZQvJJ/ZPuO0HVWMRVV65rJvhtgo vezbYHErBqtwarvG4zyz9S60VOYCmaA4OzvejgjU86MY/sALVcDvv3I+ekq1QW8E PwIDAQAB -----END PUBLIC KEY-----
Contis certificate pair:
-----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAnsaZAhnm+x+2UvABvNdfkp/yOG5A6jvGakRR781Qij+flg2o R3jwgWekUmNExsddVPWfjDFRUbtzxkg8wlRMaU61/Wcdi8MUNGGsFVmz1yDpg7um y7sW3Nev+/spHN/kbZqBf8P5z1C+d/hcPHYxEKM71b60gS5+SCVP+x54AlE2U0cC 2WPqXjCgHrQFF/x+XsRoIhvlyngn/uBLumV3m2DFBYb6BB7QflLdSBd74KLxr80F UGB0r7tSLi9brHJf4sa4HPCf+x0UV4UZiA0nI564Iy+qmOfWAfd6Tdn1o2ZK2pDM dg28cUKX06C4pgN4fV2JFZe0Xk2vUsyAa0D68QIDAQABAoIBABgmZHEDoBSrzOde DqGaz7RlZCoNqQ2HpIUW2bCkFb9FcKBZ+PHQFSLVsRJ/+17RxaItzwP7n18TaEdt RuKXAF1XJcrCk6WluS3DenFv6LEM1j/de8AKt65FF0U4PVdhPaUnJlHY7OcJ5MKq MdtXbdyWO3xmKp3ohLg0Bq+PQZk2ZDsivFBsSIbulo+kOlFMRnR8FrCadYeoDPBO S8l6N3qIkWkjA36NyXkBbIB1fmE2YxUwuGGTpCWcz53AO3yPtYUpiyLSZrgdxTml WzTT0vyWTAUbaGNPKxmLOsz74fQkE+qhELj5QyuIFyZjkdIgNT6Eb4uJ5XbdTPwT NdJN3f0CgYEAzDb8iuT899ShffUQFvbI05WJOUJ41rw5TmivOHGTQnC77ao4Q5LS UNYo+9EyMfA1b2lto3+ipK5bfSDH74EVgqYYigaJO/cqM/GHvnIfF93Uudldd20s W//kJDJltRYLVsiUR5QqYV0PgAbJdWThQgktuyYdfBSzl3j9ROyFXQUCgYEAxwnY kn4UD8BAXKcjfCrN6Q6fH+9RcIBTxyhOpS5A48tsB1gCY+M1XyssmKqtGgz3SGL/ 7atfzlET/SB2rX0/7o5dhP2qSJs54jevCzLSJGXgk9WdLjPJ2QY74O+n7M3XQCWB PRhVVu/GxsM5UoEWG3GlZGXYWwCTekWndFCpaf0CgYEAk4GcRQ9GEhVKWNrstkmn of0/U1bKRgFLO3GuLw0Km1EmzXLIlTa2J6GplMr0gNHLJyB2C0UkS+ONPgKxqDQL P4WN8BTsh53uo/pwXIW+I9Ud1OhG9P6srf9V4Tdt87Fqm1LimBlTy2QW0BkW527o rnRGzgmn/npNhrnj5ycY5akCgYAxyHyq524NIoD2q7dsbyhhio6yZiFwiihqP+Kr 3g3M7CxxCcpPQZ0v2JSm+smhIm0XZeutfpfP+ueNAHmumw1KlcE+alQVJP4tXtAh dOyqvfCWCW/vBnUOG0kO0eKmkDWujbLtnRB7Vi3ZuSq1QCRPaPV9Txv2ZwZ8Jr/j j+lP4QKBgBVDTqWIe0e6OYsBY1m4epUq9malh+L3434JJ88YzwE/Ue81WhkaHcWP OAcpKMPTRbBOeH5irzaJ64si+/NiAseFFZle8aTV0MRbhGweguprDbZYFwLSeX2C p3kGkLTXJbDpjiUhsphVCuSCfxRnnF6SCuRQmv6bY2QkVt5yCKrZ -----END RSA PRIVATE KEY----- -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsaZAhnm+x+2UvABvNdf kp/yOG5A6jvGakRR781Qij+flg2oR3jwgWekUmNExsddVPWfjDFRUbtzxkg8wlRM aU61/Wcdi8MUNGGsFVmz1yDpg7umy7sW3Nev+/spHN/kbZqBf8P5z1C+d/hcPHYx EKM71b60gS5+SCVP+x54AlE2U0cC2WPqXjCgHrQFF/x+XsRoIhvlyngn/uBLumV3 m2DFBYb6BB7QflLdSBd74KLxr80FUGB0r7tSLi9brHJf4sa4HPCf+x0UV4UZiA0n I564Iy+qmOfWAfd6Tdn1o2ZK2pDMdg28cUKX06C4pgN4fV2JFZe0Xk2vUsyAa0D6 8QIDAQAB -----END PUBLIC KEY-----
- Contis will encrypt OTP = “12345678” using client public key will be
Z4aLdv/PDodBy2rQvHICPu52Xv8LxUpt/DH3n01V9uWIbUpWREkoayT0kDizogkvu
O+aDogiVxbWDyDV4u2ua/u24O0KSG6gqRSjL9aOkuFSgQl9yy3MVcHcMRyuylFWTT
IH9GAw0c+ghKBvXtq4caUe3IrSKUNIbx7E3b7bpmHrlEVQs1PXl8OAg62Nk4b/3ya
6tfmNpzdYIrR+k6m50zHqGHInA1IE6/4vwmmBI0IUILWz1Kk7PRcgl5Wcnewi8Yqk
CKB1Wo7hGrKosuqNRyZz0rooK0a9MtLnbmJTxmpG9c8+aXnSqvj0UGpeI6RPW+aUK
oSf0nz70YkXsoV5zw==
- This value will be passed in request data field OTPCode. Which client need to decrypt using their associated private key.
- To generate signature, Contis will use their private key.
For example request,
Username: testUser
Password: testPassword
Password will be encrypted with client public key. So client can decrypt it with private key at their end.
So here, as per above Public/Private keys set.
Password will be a,
JwhxoahH+qH0DT3bF4JgzfdM33aIKXwdmv+NZNK+EE4Vigp26ShiQ4W+GOh+gKISF7L2B
UhP0F4lNVxSUqJtuL6uWLkZG3ExNNDdqG17/Qw28udxe0hj0y//JXmB7reLC15SN68cJr
6wUATC0R4oGmZ4/NoEM3xtvtMfh9ar/WYGpR1vEYEX3wpq/z6id5N7ISuxepJDNpv6cFI
5Rhae0IWEMqsE6T9PXo4py/cArclfFZ+fec3oSR4gQ1spTc+4cSjrW2KtUyZxhddLJlWw
3CcQyXirasZW5DM6SUyuQPq/DA3Y829OuqNi5MM/r/R/qkEGgnFBH2NNjpxWxf20zg==
{
"Username": "testUser",
"Password": "JwhxoahH+qH0DT3bF4JgzfdM33aIKXwdmv+NZNK+EE4Vigp26ShiQ
4W+GOh+gKISF7L2BUhP0F4lNVxSUqJtuL6uWLkZG3ExNNDdqG17/Q
w28udxe0hj0y//JXmB7reLC15SN68cJr6wUATC0R4oGmZ4/NoEM3x
tvtMfh9ar/WYGpR1vEYEX3wpq/z6id5N7ISuxepJDNpv6cFI5Rhae
0IWEMqsE6T9PXo4py/cArclfFZ+fec3oSR4gQ1spTc+4cSjrW2KtU
yZxhddLJlWw3CcQyXirasZW5DM6SUyuQPq/DA3Y829OuqNi5MM/r/
R/qkEGgnFBH2NNjpxWxf20zg==",
"RequestReference": "Test Request"
}- Signature of the above request will be
bozrGbY3qz/TpYtImKAaxdJapzmzqTRKOljTKbQCPLxlvf9LHTwC43+LIK48CaqhLBkzK
k0UGBPqMwgCEZzi8m9y86O/A1tT1aHSAthFldndTjtj/HjKhh2Dk3luf4tuW+UkfZgmI6
vBmfTGRKslMFWm/q3X4zP5ktjmRMwmpmzz5DbSx/hFzDEqLZpBscANR5U50by+d+0RU/k
HS3M4PqKp2bZDVSSwFZ1eGJOIcHy2yy2qya1+SIoq4sSBI1dE3SB5WpMKSWu6pC1M/oki
bsEOCHnnZbYHmGF8PQDVmUSKQBkz6nW/8U3znh5su1MbzPAuCi9B9OQagPXm+JoT9w==
- which will be passed in request header in “x-signature” request header.
Similarly, contis will generate and pass digital signature for each request. In response, client has to generate the signature using client’s private key of response payload which will be verified by contis at their end using client’s public key. If any sensitive data fields are there in response, client has to encrypt it using contis’ public key and then need to generate signature of response payload.
Specifications:
M = Mandatory O= Optional
Client API
VerifyConsumerCredential
Client is responsible to block the Consumer Login, when consumer is failed to provide correct username and password.
Request object: VerifyConsumerCredentialReq
| DataMember | Type | Required M/O | Remarks |
| Username | string (100) | M | Consumer username |
| Password | string (400) | M | This input will be encrypted using client public key. |
| RequestReference | string (50) | M | Unique Reference number associated with API request. Should provide reference number in each API request for tracking/auditing purpose of actions performed at contis platform. |
Response object: VerifyConsumerCredentialRes
| DataMember | Type | Required M/O | Remarks |
| ConsumerID | integer | M | ConsumerID provided by Contis at time of creating new Consumer. |
| ResponseCode | enum | M | Any of response code provided by Contis. |
| ResponseMessage | string (200) | O | Response message in case of error/success description. |
| RequestReference | string (50) | M | Should provide reference number in each API request for tracking/auditing purpose of actions performed at contis platform. |
Custom Enum DataType:
| Enum | ResponseCode |
| 0 | Success |
| 200 | Invalid Credential |
| 500 | Internal Error |
| 400 | Invalid Request |
| 404 | Consumer Not Found |
BlockConsumerLogin
Contis will call this method to block consumer login at client end, when consumer will be failed to provide correct OTP.
Request object: BlockConsumerLoginReq
| DataMember | Type | Required M/O | Remarks |
| ConsumerID | integer | M | ConsumerID returned during successful VerifyConsumerCredential request. |
| RequestReference | string (50) | M | Unique Reference number associated with API request. Should provide reference number in each API request for tracking/auditing purpose of actions performed at contis platform. |
Response object: BlockConsumerLoginRes
| DataMember | Type | Required M/O | Remarks |
| ResponseCode | enumresponsecode | M | Any of response code provided by Contis. |
| ResponseMessage | string (200) | O | Response message in case of error/success description. |
| RequestReference | string (50) | M | Should provide reference number in each API request for tracking/auditing purpose of actions performed at contis platform. |
Contis API
Once, Consumer has approved the access consent of their account(s), Contis is allowing their Consumer to revoke the access any time they wish.
To achieve this function Contis has developed Consent APIs.
For more detail of implementation, please follow the link below,
https://apireference.contis.com/docs/API/Consent
VerifyConsumerCredential
Request:
{
"Username": "testUser",
"Password": "JwhxoahH+qH0DT3bF4JgzfdM33aIKXwdmv+NZNK+EE4Vigp26ShiQ4W+GOh+gKISF7L2BUhP0F4lNVxSUqJtuL6uWLkZG3ExNNDdqG17/Qw28udxe0hj0y//JXmB7reLC15SN68cJr6wUATC0R4oGmZ4/NoEM3xtvtMfh9ar/WYGpR1vEYEX3wpq/z6id5N7ISuxepJDNpv6cFI5Rhae0IWEMqsE6T9PXo4py/cArclfFZ+fec3oSR4gQ1spTc+4cSjrW2KtUyZxhddLJlWw3CcQyXirasZW5DM6SUyuQPq/DA3Y829OuqNi5MM/r/R/qkEGgnFBH2NNjpxWxf20zg==",
"RequestReference": "Test Request"
}
Signature of the above request will be
bozrGbY3qz/TpYtImKAaxdJapzmzqTRKOljTKbQCPLxlvf9LHTwC43+LIK48CaqhLBkzKk0UGBPqMwg
CEZzi8m9y86O/A1tT1aHSAthFldndTjtj/HjKhh2Dk3luf4tuW+UkfZgmI6vBmfTGRKslMFWm/q3X4z
P5ktjmRMwmpmzz5DbSx/hFzDEqLZpBscANR5U50by+d+0RU/kHS3M4PqKp2bZDVSSwFZ1eGJOIcHy2y
y2qya1+SIoq4sSBI1dE3SB5WpMKSWu6pC1M/okibsEOCHnnZbYHmGF8PQDVmUSKQBkz6nW/8U3znh5s
u1MbzPAuCi9B9OQagPXm+JoT9w==
Response:
{
"ConsumerID": 55320,
"ResponseCode": 0,
"ResponseMessage": "Valid consumer details.",
"RequestReference": "Test Request"
}
Signature of the above response will be
EJ2DKOV0ddgOGBsskLt9V8eHAIpu/dalD3elh8AtKf3l3wwPONSY0fY1vrdDqUFuU1udNHWlLXFjib
FXptlnM4JQ6R9S/vs406BYEkBV4D4Y0WW1D7KQgamKnceyV8YZ+pMkQsSuMB/szrmI5YzcMit+0Ret
B6snhN4tR2Qet1oTIC0xV3d9ydwLPW4Q+oMuZQtl9pchWECMGQcS0Y78gnBNizCR7OLCJCYW29lhmC
0GOzX7a6ZDJF3Gmkd03GlQ+f7+Jjf0zqXO/HytTtnIUmyWTDcbr527ivS+X7FEoiE/KEfQzPqq+J4M
3AASn4YJ5j4Wry2Hd4Q4gzkNytaW2g==
BlockConsumerLogin
Request:
{
"ConsumerID": 55320,
"RequestReference": "Test Request"
}
Signature of the above request will be
Yy+7ExranzyJNn3BmlB0mXbTOqqdCMA/Svo1qS30aAYbRwWR+fWlSabPB9BuDrt7cwvCj3AcTDLUVhT
JYMYmTErtcD92wtrzhaWny7KMXSyggwE156BgUO4KhLO4S5dKNh4nMA4JGdf3dOk+RgrIFpd9/gyygx
LBqi6zmrOnclUFFzB7V1iB/h72fyI2WSk9I+BLYysF/ZlqB1iG4lnT8Dn+tAJS6X/ofxBqQCdy5c32d
QDRbzBdoyDKnTq/AdjHIV7NjhPYwT7GiteiwFOCCEKL/O/AdO0bahTKBpF5LJ1aK9yG7iFQfSaM+5ev
WtdZ759YYXCBTDEzFksxo2+Yvw==
Response:
{
"ResponseCode": 0,
"ResponseMessage": "User blocked.",
"RequestReference": "Test Request"
}
Signature of the above response will be
f0+9Ev1F055Ih2p6y84mM8oIjhVtnFRzKuixTcVfHohJvN72Q3LwbfMQ9eLL1y/OtMF93Gn1G92TUL
YBR7wp3Uw7MwDNAR/5XpbzchYfIdxGgUmUZaLF4McSmRzhfGHUDpMeAcVyakgEaNHbdFOMheq1zNcM
a+HzdJlmSz2aGAEz/YJr18+Tth9CrQGPP83MxSmSyAAGE7FXguLEzxpuuzKMNhYfhKjxOCqhggZkj5
G+A2EmTiCcOhXeWiD5nyJtLK8t7Ku5fiM/Uj07jdhKw18O5SiigMMT1oS4sXJAV8U1Gm8lKo2FYTMz
m3AW/ixYCiF7XRevj9PftqLip4T23w==
OTP Webhook
066|55320|OpenBanking-VerifyPSU-OTP|12345678|SecurityHash
OTP : 12345678 Encrypted OTP : ZWoIGl34dh5rvF8dH8iecjLomv1sV3TZzt238Y+6b772m6m+l3RKhOIyIm7PQF0
634ddCVT1nBK6fqUPiTHMzv4xKRiTISCv70n0yxEvPcNZZRtvrSZqTvnKiRkHI4
Q4q/OiY75C7azZX79aoKc8yEvp5Kv8UbaFjMLM7W+dcUWio1JLPtsmLisLeUXph
FLnHHP+nlUD9KjzcyNfRfNceEL7Um6NLOn5NB1JxLOVQ/j1qVFix8rScNFOJTmw
YCGDT8J39rHluicBQnRRa4vMQrW86FuZV9b0+O6eTLIzD/9o9noKEcHcTtoIe7s
TVS8n6pVHn3qVUUkjkKm4ngPGsQ== 066|55320|OpenBanking-VerifyPSU-OTP|ZWoIGl34dh5rvF8dH8iecjLomv1
sV3TZzt238Y+6b772m6m+l3RKhOIyIm7PQF0634ddCVT1nBK6fqUPiTHMzv4xKR
iTISCv70n0yxEvPcNZZRtvrSZqTvnKiRkHI4Q4q/OiY75C7azZX79aoKc8yEvp5
Kv8UbaFjMLM7W+dcUWio1JLPtsmLisLeUXphFLnHHP+nlUD9KjzcyNfRfNceEL7
Um6NLOn5NB1JxLOVQ/j1qVFix8rScNFOJTmwYCGDT8J39rHluicBQnRRa4vMQrW
86FuZV9b0+O6eTLIzD/9o9noKEcHcTtoIe7sTVS8n6pVHn3qVUUkjkKm4ngPGsQ
==|SecurityHash security key to generate Hash : 883986C0F101EC37FE366D61952F907E8BBE0060C2069CB3BD8E018053EA3DF1 HashString : 066&55320&OpenBanking-VerifyPSU-OTP&ZWoIGl34dh5rvF8dH8iecjLomv1sV3
TZzt238Y+6b772m6m+l3RKhOIyIm7PQF0634ddCVT1nBK6fqUPiTHMzv4xKRiTISCv
70n0yxEvPcNZZRtvrSZqTvnKiRkHI4Q4q/OiY75C7azZX79aoKc8yEvp5Kv8UbaFjM
LM7W+dcUWio1JLPtsmLisLeUXphFLnHHP+nlUD9KjzcyNfRfNceEL7Um6NLOn5NB1J
xLOVQ/j1qVFix8rScNFOJTmwYCGDT8J39rHluicBQnRRa4vMQrW86FuZV9b0+O6eTL
IzD/9o9noKEcHcTtoIe7sTVS8n6pVHn3qVUUkjkKm4ngPGsQ==
Request:
{
"NotificationType": "066",
"ConsumereID": "55320",
"OTPType": "OpenBanking-VerifyPSU-OTP",
"OTPCode": "ZWoIGl34dh5rvF8dH8iecjLomv1sV3TZzt238Y+6b772m6m+l3RKhOIyIm7PQF06
34ddCVT1nBK6fqUPiTHMzv4xKRiTISCv70n0yxEvPcNZZRtvrSZqTvnKiRkHI4Q4
q/OiY75C7azZX79aoKc8yEvp5Kv8UbaFjMLM7W+dcUWio1JLPtsmLisLeUXphFLn
HHP+nlUD9KjzcyNfRfNceEL7Um6NLOn5NB1JxLOVQ/j1qVFix8rScNFOJTmwYCGD
T8J39rHluicBQnRRa4vMQrW86FuZV9b0+O6eTLIzD/9o9noKEcHcTtoIe7sTVS8n
6pVHn3qVUUkjkKm4ngPGsQ==",
"SecurityHash": "9cefdb39651bc8e039149ce78cbad0e456074af6d8433538badf447be62d49fc"
}
Signature of the above request will be
m/7zYTjcHUGtjFeDNYfxjaHxQOsTT0wDtj6ZTr1QfjKo4w1PQcV18o32iEPLulHwTPIzzwNG4b8l3YcG
0PkT5CzcKVGZ9M3Ohf9PKiYJkJ0N3Y0nxvFKPv12YRSEl9QkeMcPvv6G2i6iAq4TNEu1Q2vD4twV6FjT
Wqm5ErKoCbDt9ka/hh3cx78JwsWVZGzmrY0k35Orut1R8nQt7WMJusny+HB9LF2VPHrsoLXAcJgvj4i+
rUetvmWMsKNx/W6WEElKDqITUxnyURmv/j63nfFAu9ZdhyA2Pm3nRwcKIYnF4Qbuaiw7uNTyA5G2Emdd
czSxVUDghMPdS+2LfDr2mg==
Webhook
OTPWebHook to receive OTP
Request data field OTPCode will be encrypted using Client Public Key.
Contis will send signature in request header name “x-signature”.
Format:
NotificationType|ConsumerID|OTPType|OTPCode|SecurityHash
| Sr No | Items | Remarks |
| 1 | NotificationType | Unique code to identify the notification. Fixed value: 066 |
| 2 | ConsumerID | ConsumerID for which OTP sent |
| 3 | OTPType | Meaning full description. e.g. OpenBanking-VerifyPSU-OTP |
| 4 | OTPCode | 8-digit OTP This input will be encrypted using client public key. |
E.g. 066|12345678|OpenBanking-VerifyPSU-OTP|12345678|SecurityHash