Prerequisites
To start to process Collaborative card authorization model, your system must respond to a request sent by the NIUM platform.
These are the prerequisite steps:
Step 1: Integration
You need to provide URL [format: <your URL>/api1/v1/authorization
]. NIUM will send an RHA authorization request payload and receive a response payload with this URL.
Step 2: Security
API will be in HTTPS protocol. You need to whitelist NIUM’s IP address to ensure only NIUM is only the authorized API’s sender. Aside from HTTPS, there are encryption keys that need to be shared between you and NIUM.
API Action | Description |
---|---|
API Request | You provide a public key to NIUM used to encrypt the API’s request. |
API Response | NIUM will provide a public key to you that is used to encrypt API response. |
NIUM will encrypt the API Request using the public key and clients are expected to decrypt the payload using their private key. In addition, API response should be encrypted using NIUM's public key and NIUM will decrypt it using NIUM's private key.
PGP commands
- Generate a PGP key:
gpg --full-generate-key
- List PGP secret keys:
gpg --list-secret-keys
- Export public key:
gpg --output clientfile-public.pgp --armor --export [[email protected]](mailto:[email protected])
- Export private key:
gpg --output clientfile-secret.pgp --armor --export-secret-key [[email protected]](mailto:[email protected])
Steps to generate PGP Key:
The following steps will help you to generate a PGP key. The below key is generated using Git-Bash on Windows.
2.1. Generate PGP key:
$ gpg --full-generate-key
gpg (GnuPG) 2.2.13-unknown; Copyright (C) 2019 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gpg (GnuPG) 2.2.13-unknown; Copyright (C) 2019 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA(default)
(2) DSA and Elgamal
(3) DSA(sign only)
(4) RSA(sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 2048
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name: Cards Admin
Email address: [email protected]
Comment: Cards PGP Key
You selected this USER-ID: "Cards Admin (RHA key for NIUM) <[email protected]>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: /c/Users/manishrupapara/.gnupg/trustdb.gpg: trustdb created
gpg: key E200BEEDA96DA984 marked as ultimately trusted
gpg: directory '/c/Users/manishrupapara/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/c/Users/manishrupapara/.gnupg/openpgp-revocs.d/6C731BB2916CF8188B511722E200BEEDA96DA984.rev'
public and secret key created and signed.
pub rsa2048 2023-01-06 [SC]
6C731BB2916CF8188B511722E200BEEDA96DA984
uid Cards Admin (RHA key for NIUM) <[email protected]>
sub rsa2048 2023-01-06 [E]
2.2. List generated key:
$gpg --list-secret-keys
/c/Users/nium/.gnupg/pubring.kbx
------------------------------------------
sec rsa2048 2023-01-06 [SC]
6C731BB2916CF8188B511722E200BEEDA96DA984
uid [ultimate] Cards Admin (RHA key for NIUM) <[email protected]>
ssb rsa2048 2023-01-06 [E]
2.3. Export public key(to be shared with NIUM):
$gpg --output company-pgp-public-key.pgp --armor --export [email protected]
This will generate file under user home directory: company-pgp-public-key.pgp
2.4.Export private key(not to be shared with NIUM):
$gpg --output company-pgp-private-key.pgp --armor --export-secret-key [email protected]
This will generate file under user home directory: company-pgp-private-key.pgp
Step 3: Payload
The payload consists of the API request or API response body parameters. NIUM platform sends RHA authorization requests to your system with all the information (e.g., Transaction Data, Merchant Data) so that you can decide to authorize or decline the request.
You will receive the following transaction types:
- Authorization as DEBIT
- Authorization cancellation or Refund transaction as REVERSAL
Updated 3 days ago