Home
Guides
Alchemy Pay

Submit form

Suggest Edits

Introduction

This API is used to upload users' payment account information.

API Description

Request Method: POST

Request Path: /open/api/v4/merchant/payment/account/create

Request Parameters

Header Parameters:

ParameterRequiredTypeDescription
access-tokenYstringToken for no-login access, obtained from the no-login token API
appidYstringUnique identifier for the application
timestampYstringCurrent UTC 13-digit timestamp, valid for 5 minutes
signYstringSignature, refer to here

Body Parameters:

ParameterRequiredDescription
payWayCodeYPayment method code(credit card:10001, apple pay:501, google pay:701)
fiatYCurrency code, e.g., USD
sideYonramp: BUY / offramp: SELL
formDataYForm fields obtained from the payment-method-form-query, AES encrypted here

Onramp Example:

{
    "payWayCode": "10001",
    "fiat": "USD",
    "side": "BUY",
    "formData": { 
        "firstName": "8GKayC4glgkm1FLYTnWABA==",
        "lastName": "7AaakfM3yYa6cKLfMfPrKA==",
        "cardNumber": "vRiCGA2er2uAnTjZclG8eNKyfzr3f4knee0a2WUICZQ=",
        "cardExpireYear": "f66exC/oSmldbTH1Y/MKLw==",
        "cardExpireMonth": "YY4WKHYhzkehZdzOGRgynQ==",
        "cardCvv": "3QuPKpNgSSqVppgQP56TOg==",
        "country": "U7umtG41RPdUlDQGNF+UZQ==",
        "state": "smIOTJQqtc30HwGO05WkOQ==",
        "city": "JRfOQJdgjIv5KTQ0URHP7w==",
        "postcode": "vfLvOorGDB4rxYAdpddaUQ==",
        "address": "a+7p1pewEBvGC4KL/hb96Q=="
    }
}

Offramp Example:

{
    "payWayCode": "94100",
    "fiat": "USD",
    "side": "SELL",
    "formData": { 
        "givName": "8GKayC4glgkm1FLYTnWABA==",
        "surName": "7AaakfM3yYa6cKLfMfPrKA==",
        "country": "+k9tf411qmfdCrdUPc+nYQ==",
        "address": "iGJtleVXc45y4N+PVRg5Mp/WRms/Sz/4UFbzAmuk6rTrYz/Mn/zKLPuPZY5M5w+zkkAD6RJLY9iSZrwLZprRRL4DbKc84/RzouJimbI+qLU=",
        "area": "/ET6RnTOnu1BTC5Abxj2mg==",
        "phone": "21NAxYvDwi1BADiE8aPS2Q==",
        "locationId": "ZKpeTo//iTUQu794AfkNcQ==",
        "bankId": "ZKpeTo//iTUQu794AfkNcQ==",
        "accountNo": "8Pr/qusk+R3XhR8g+ebe4w=="
    }
}

Response Parameters

Example:

{
	"success": true,
	"returnCode": "0000",
	"returnMsg": "SUCCESS",
	"extend": "",
	"data": {
		"userAccountId": 16784,
		"cardBrand": "MASTER_CARD", // Credit card type returned: MASTER_CARD, VISA (payWayCode=10001)
		"firstSixDigits": "******", // First 6 digits of the credit card returned (payWayCode=10001)
		"lastFourDigits": "****" // Last 4 digits of the credit card returned (payWayCode=10001)
	},
	"traceId": "67298861a81a9572d84df2b4c00e10a3"
}

Note

  • After user successfully paid with one credit card (payWayCode=10001) , save userAccountId, can't request Submit form interface with the same card again.
  • Using userAccountId instead of calling Submit form interface for create new order. You can refer to the page design:

AES Encrypted

For security purposes, the payment form data must be encrypted with AES before submission. The encryption method is as follows:

public class AESUtil {

    public static String encrypt(String plainText, String secretKeyData)  {
        try {
            byte[] plainTextData = plainText.getBytes(StandardCharsets.UTF_8);
            byte[] secretKey = secretKeyData.getBytes(StandardCharsets.UTF_8);
            String iv = new String(secretKey).substring(0, 16);

            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");

            byte[] dataBytes = plainTextData;
            int plaintextLength = dataBytes.length;
            byte[] plaintext = new byte[plaintextLength];
            System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length);

            SecretKeySpec keyspec = new SecretKeySpec(secretKey, "AES");
            IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());

            cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
            byte[] encrypted = cipher.doFinal(plaintext);

            return new String(Base64.getEncoder().encode(encrypted));

        } catch (Exception e) {
            log.error("AES encrypting exception , msg is {}" , e.toString(), e);
        }
        return null;
    }

    public static String decrypt(String cipherText, String secretKeyData) {
        try {

            byte[] cipherTextData = cipherText.getBytes(StandardCharsets.UTF_8);
            byte[] secretKey = secretKeyData.getBytes(StandardCharsets.UTF_8);
            String iv = new String(secretKey).substring(0, 16);

            byte[] encrypted = Base64.getDecoder().decode(cipherTextData);

            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
            SecretKeySpec keyspec = new SecretKeySpec(secretKey, "AES");
            IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());

            cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);

            byte[] original = cipher.doFinal(encrypted);
            String originalString = new String(original);
            return originalString;
        } catch (Exception e) {
            log.error("AES decrypting exception: msg is {}" , e.toString(), e);
        }
        return null;
    }
}

Updated about 2 months ago