Back to HomeIntegration
Provider Integration
Integration
Specifications
Technical specifications for payment providers integrating with PayWolt. Enterprise-grade security and reliability standards.
API Authentication
Secure API key authentication with HMAC signature verification for all requests.
Webhook Events
Real-time event notifications with cryptographic signature verification.
Security First
TLS 1.3, replay protection, rate limiting, and timing-safe comparisons.
High Availability
99.99% uptime SLA with automatic failover and circuit breakers.
Create Payment Request
POST /api/v1/payments
Content-Type: application/json
X-API-Key: pk_live_xxxxxxxxxxxx
X-Signature: sha256=xxxxxxxxxxxxxxxx
X-Timestamp: 1704067200
{
"amount": 10000,
"currency": "EUR",
"destination": {
"type": "bank_account",
"country": "NG",
"bank_code": "044",
"account_number": "0690000031"
},
"idempotency_key": "pay_unique_123",
"metadata": {
"order_id": "order_456",
"customer_id": "cust_789"
}
}Webhook Events
| Event | Description |
|---|---|
| payment.initiated | Payment has been created and initiated |
| payment.processing | Payment is being processed by provider |
| payment.completed | Payment successfully completed |
| payment.failed | Payment failed with error details |
| transfer.initiated | Cross-border transfer initiated |
| transfer.completed | Transfer completed successfully |
| kyc.approved | Customer KYC verification approved |
| kyc.rejected | Customer KYC verification rejected |
Security Requirements
All integrating providers must meet these security standards.
HMAC-SHA256 signature verification on all webhooks
Timestamp validation (5 minute tolerance)
Idempotency key support for all mutating operations
IP whitelist capability for production environments
TLS 1.2+ required for all API communications
API key rotation support without downtime
Ready to integrate? Contact our team for API credentials and detailed documentation.
Contact Integration Team