Integrating a payment gateway into your application doesn't have to be complicated. In this comprehensive tutorial, we'll walk you through the process of integrating the JAYAPAY API into your website or application, from initial setup to processing your first transaction.
Prerequisites
Before you begin, make sure you have:
- A JAYAPAY merchant account - Register at merchant.jayapayment.com
- Your API credentials and RSA key pair
- Google Authenticator for security verification
- Basic knowledge of RESTful APIs and HTTP POST requests
- A development environment for testing
1API Configuration Overview
JAYAPAY API uses a unified request mode with the following specifications:
- Request Method: HTTP POST
- Content Type: Application/Json
- Response Encoding: All responses are in JSON format and encoded in UTF-8 characters (Content-Type: application/json; charset=utf-8)
2Generate RSA Key Pair
Before configuring your API, you need to generate an RSA key pair for secure communication. Use the official key generation tool:
RSA Key Pair Generation Address:
http://pay.hehebo.com:15082/index-rsa.jsp
Follow these steps:
1. Visit the RSA key generation page
2. Generate your public and private key pair
3. Save both keys securely
4. Keep your private key confidential
3Configure Your Public Key
After generating your RSA key pair, you need to configure your public key in the merchant portal:
- Log in to merchant.jayapayment.com
- Navigate to: Receiving & Receiving Configuration → API Configuration
- Fill in your public key information
- Click Save to complete configuration
4Set Up Google Verification
For enhanced security, JAYAPAY requires Google Authenticator verification. Here's how to set it up:
- Log in to the merchant portal
- Go to: Personal Center → Security Information
- Use Google Authenticator app to scan the QR code on the page
- Your account is now bound with Google Authenticator
Google Authenticator Setup:
1. Download Google Authenticator app
2. Open the app and scan QR code
3. Enter the 6-digit verification code to confirm
4. Save your backup codes in a secure location
5Available API Endpoints
JAYAPAY provides comprehensive API endpoints for various operations. All endpoints use HTTP POST method with Application/Json content type:
Core API Functions
- Generate Interface Signature: Create secure signatures for API requests
- Fiat Currency Collection: Accept payments in traditional currencies
- Fiat Currency Payment: Process fiat currency payouts
- Digital Currency Collection: Accept cryptocurrency payments
- Digital Currency Payment: Process cryptocurrency payouts
- Inquiry of Collection and Payment Orders: Query transaction status
- Check Your Bank Account: Verify bank account details
- Check Your Account Balance: View current balance
- Order Status and Bank Code: Get order information and bank codes
Example API Request Structure:
POST [API_ENDPOINT]
Content-Type: application/json; charset=utf-8
Headers:
{
"signature": "your_generated_signature",
"timestamp": "1234567890",
"merchant_id": "your_merchant_id"
}
Body:
{
// Request parameters based on specific endpoint
}
Response (UTF-8 encoded JSON):
{
"code": 200,
"message": "success",
"data": {
// Response data
}
}
6Signature Generation
All API requests must include a valid signature for security. The signature is generated using your RSA private key:
Signature Generation Process:
1. Prepare request parameters in alphabetical order
2. Concatenate parameters into a string
3. Sign the string with your RSA private key
4. Include the signature in request headers
Example (Node.js):
const crypto = require('crypto');
function generateSignature(params, privateKey) {
// Sort parameters alphabetically
const sortedParams = Object.keys(params)
.sort()
.map(key => `${key}=${params[key]}`)
.join('&');
// Sign with RSA private key
const sign = crypto.createSign('RSA-SHA256');
sign.update(sortedParams);
return sign.sign(privateKey, 'base64');
}
7Querying Order Status
You can inquire about collection and payment orders using the dedicated query endpoint:
POST [API_ENDPOINT]/order/query
Content-Type: application/json; charset=utf-8
Headers:
{
"signature": "your_signature",
"merchant_id": "your_merchant_id"
}
Body:
{
"order_id": "ORDER-12345",
"query_type": "collection" // or "payment"
}
Response:
{
"code": 200,
"message": "success",
"data": {
"order_id": "ORDER-12345",
"status": "success",
"amount": 100.00,
"currency": "USD",
"payment_method": "bank_transfer",
"created_at": "2025-11-24T10:30:00Z",
"completed_at": "2025-11-24T10:35:00Z"
}
}
8Checking Account Balance
Monitor your merchant account balance in real-time:
POST [API_ENDPOINT]/account/balance
Content-Type: application/json; charset=utf-8
Headers:
{
"signature": "your_signature",
"merchant_id": "your_merchant_id"
}
Response:
{
"code": 200,
"message": "success",
"data": {
"available_balance": 50000.00,
"pending_balance": 1000.00,
"currency": "USD",
"last_updated": "2025-11-24T12:00:00Z"
}
}
Best Practices
- Secure your RSA private key: Never expose your private key in client-side code or public repositories
- Verify signatures properly: Always validate request and response signatures for security
- Use HTTPS only: All API communications must use secure HTTPS protocol
- Implement idempotency: Use unique order IDs to prevent duplicate transactions
- Store transaction records: Keep detailed logs of all API requests and responses
- Enable Google Authenticator: Add an extra layer of security to your merchant account
- Handle UTF-8 encoding: Ensure your application properly handles UTF-8 encoded JSON responses
- Regular key rotation: Update your RSA key pairs periodically for enhanced security
Merchant Portal Access
Your merchant back office provides comprehensive tools for managing your account:
- Portal URL: https://merchant.jayapayment.com/
- Dashboard: View real-time transaction data and analytics
- API Configuration: Manage your API keys and RSA public key
- Security Settings: Configure Google Authenticator and security preferences
- Transaction History: Access detailed records of all transactions
- Account Balance: Monitor your available and pending balances
- Reports: Generate and download financial reports
Testing Your Integration
Before going live, thoroughly test your integration:
- Use Test Environment: JAYAPAY provides a sandbox environment for testing
- Test All API Endpoints: Verify collection, payment, and query operations
- Signature Validation: Ensure your signature generation works correctly
- Error Handling: Test various error scenarios and edge cases
- UTF-8 Encoding: Verify proper handling of special characters
- Response Parsing: Confirm JSON response parsing is working correctly
Getting Support
If you have any questions or need assistance, JAYAPAY provides multiple support channels:
- Telegram Support: Contact Caesar on Telegram 👨💻 for direct assistance
- API Documentation: Visit openapi-doc.jayapayment.com for complete API reference
- Merchant Portal: Access help resources and FAQs in your dashboard
- Technical Support: Submit tickets through the merchant portal
Security & Compliance
JAYAPAY takes security seriously. Here are the key security features:
- RSA Encryption: All sensitive data is encrypted using RSA-2048
- Signature Verification: Every request and response includes cryptographic signatures
- Two-Factor Authentication: Google Authenticator provides additional account security
- HTTPS Only: All API communications use TLS 1.2 or higher
- IP Whitelisting: Configure allowed IP addresses for API access
- Rate Limiting: Protection against abuse and DDoS attacks
With JAYAPAY's secure API architecture and comprehensive documentation, you can integrate payment processing with confidence. Our standardized HTTP POST interface, UTF-8 JSON responses, and RSA encryption ensure both simplicity and security for your business.