Initiate API Integration

Using the API, if you can provide end-users information - such as email address, receiving address, etc., Alchemy Pay will respond with a unique order ID and fiat checkout page - making the end-users experience smoother with lesser input compared to Page Mode.

# General

API route: --test environment --production environment

All the request and response context are json format with the corresponding application/json head.

If return error, the response context is also a json object with error code and more detailed choosable attributes.

All the request have a limited rate, the request rate from the same IP in the test environment is 20/second, and 15/second in the production environment.

# IP White List

If you want to use our APIs, you need to report the server's IP address to us. You can use our APIs only after we add your IP address into our white lis.

All The Request Require Timestamp And Sign

You need to add appId, timestamp and sign to the request head.

Please use the appId assigned by AlchemyPay.
The timestamp is based on UTC+8, the difference between the passed timestamp and current timestamp is no more than 5 minutes, otherwise the request will not be accepted.

Sign demo for initiate API

public class MerSignCheckUtil {

    private static final char[] HEX_DIGITS = { '0', '1', '2', '3', '4', '5',
        '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };

    public static String getMerSign(String appId, String appSecret, String timestamp) {
        return encode("sha1", appId  + appSecret + timestamp);

    private static String encode(String algorithm, String value) {
        if (value == null) {
            return null;
        try {
            MessageDigest messageDigest
                = MessageDigest.getInstance(algorithm);
            return getFormattedText(messageDigest.digest());
        } catch (Exception e) {
            throw new RuntimeException(e);
    private static String getFormattedText(byte[] bytes) {
        int len = bytes.length;
        StringBuilder buf = new StringBuilder(len * 2);
        for (int j = 0; j < len; j++) {
            buf.append(HEX_DIGITS[(bytes[j] >> 4) & 0x0f]);
            buf.append(HEX_DIGITS[bytes[j] & 0x0f]);
        return buf.toString();

// 生成时间戳 和sign
public static void main(String[] args) {
        String timestamp = String.valueOf(System.currentTimeMillis());
        System.out.println("timestamp = "+ timestamp);
        System.out.println(MerSignCheckUtil.getMerSign("f83Is2**********", "4Yn*************", timestamp)); 
//node v14.15.1
const sha1 = require('js-sha1');

function getMerSign(appId, appSecret, timestamp) {
  return sha1(appId + appSecret + String(timestamp));
#Python 3.7.4 
import hashlib
from time import time

def getMerSign(appId, appSecret, timestamp):
    strr = appId + appSecret + str(timestamp)
    encoded_str = strr.encode()
    hash_obj = hashlib.sha1(encoded_str)
    hexa_value = hash_obj.hexdigest()
    return hexa_value

timestamp = int(time() * 1000)
print("timestamp = ", timestamp)
res = getMerSign("f83Is2**********", "4Yn*************", timestamp)
//PHP 8.0.7
function getMerSign($appId, $appSecret, $timestamp){
  $str = $appId.$appSecret.strval($timestamp);
  return sha1($str);
$timestamp = floor(microtime(true) * 1000);
printf("timestamp = %d\n", $timestamp);
$res = getMerSign("f83Is2**********", "4Yn*************", $timestamp);
//go version go1.18.2
package main

import (

func getMerSign(appId string, appSecret string, timestamp int64) string {
    s := appId + appSecret + strconv.FormatInt(timestamp, 10)
    h := sha1.New()
    //io.WriteString(h, s)
    return hex.EncodeToString(h.Sum(nil))

Error Code And Detail

Error codeError remarks
10005Invalid Request Parameters!
70006Session expire,Please login!
810002AppId doesn't exist
810003Invalid Merchant Sign
99999System Error

Samples Of Error Code

  • Success request
    "success": true,
    "returnCode": "0000",
    "returnMsg": "SUCCESS",
    "extend": "",
    "data": {
        "orderNo": "1000974004706615296",
        "payUrl": ""
  • Error code 10005
    "success": false,
    "returnCode": "10005",
    "returnMsg": "Invalid Request Parameters!",
    "extend": "",
    "data": null
  • Error code 81003
    "success": false,
    "returnCode": "81003",
    "returnMsg": "Invalid Merchant Sign",
    "extend": "",
    "data": null