Request Authentication

The following header is sent in the HTTP request to allow verification of its integrity and authenticity:

PayPay-Signature: hash=14d06cc11e0479c2ffe138d963462bc0f0ad94e8e006cf4f1f494c5e30bd1830,ts=1615826436

The header consists of the signature hash and the timestamp ts. To verify if the request is valid, the following hash must match the hash in the header:

hash_hmac("SHA256", [payload] + [ts], [Password/Private Key])