Introduction
Rimit is the first payment system developed for financial institutions other than regulated banks. Inspired by UPI.
Last updated
Rimit is the first payment system developed for financial institutions other than regulated banks. Inspired by UPI.
Last updated
IMPORTANT:
We use the POST method for all APIs.
All requests and responses are in JSON format.
We use AES-256-CBC for each request and response to protect the data.
All parameters in the request and response are mandatory.
RECOMMENDED
If you are on a Multi-Tenant platform, it is mandatory to use the unique tenant id in the params
or query
. Learn more.
DANGER
Applying any method other than recommended may affect future upgrades.
WARNING
All request bodies must have a Content-Type of application/json and must be valid JSON.
To validate the request, API_ID
and API_KEY
must be passed through the head
object in the request body. These can be generated from the dashboard.
DANGER
Keep API_KEY safe! API_KEY
is used as a password. So this is sensitive data and it should be kept safe. Do not share it with anyone.
A unique
key
is required to encrypt and decrypt data for request and response. The entity can generate uniquekey
from the dashboard.
IV (Initialization Vector)
is a random string of 16 characters. BothIV
andkey
are used for encryption and decryption.
IV
should not be static.IV
must be dynamically generated at the time of sending the request or response.The
IV
is indicated in theencrypted_data
object in the request/response body.
The
cipher_text
is a base64-encoded string (case sensitive) generated from the Encrypted data, which is a string converted from plain text using an encryption algorithm.The
cipher_text
is unreadable until it is decoded from base64 to utf8 and converted to plaintext (decrypted) using thekey
andIV
.The
cipher_text
is indicated in theencrypted_data
object in the request/response body.
The
content
object in the plain text will be encrypted usingkey
andIV
and encoded to base64 for request and response from the entity or Rimit.The
encrypted_data
object contains both theIV
and thecipher_text
.The recipient of the request or response will decodes
cipher_text
from base64 to utf8 and decrypt the same using thekey
andIV
and process the data.