1. LESSPAY2 API Reference
Lesspay2.0
  • LESSPAY2 API Reference
    • Get started
    • Authentication
    • Parameter Specifications
    • Pay In
      • Overview
      • Development Guidelines
      • Local Payment Methods (LPMs)
      • Error Codes
      • Card payment
        • Card Payment
        • 3D Secure (3DS) Configuration
        • Fraud & Dispute Webhook Notifications
      • API List
        • Create Payin
        • Fetch Payin
      • Webhook
        • Payin webhook
    • Pay Out
      • Overview
      • Development Guidelines
      • Multiple Transfer Methods
      • Error Codes
      • API List
        • Create Payout
        • Payout Supported Banks
        • Fetch Payout
      • Webhook
        • Payout webhook
  1. LESSPAY2 API Reference

Authentication

The Lesspay API uses a digital signature mechanism to ensure that the request has not been tampered with during transmission and to verify the identity of the requester.

Overview#

Every API request must include specific authentication headers. The signature is generated by signing the request content using your AppID and appSecret.

Request Headers#

Header NameRequiredDescriptionExample
x-auth-appidYesYour App ID690b2b46e4b09c73147db688
X-Auth-TimestampYesRequest timestamp (milliseconds)1630000000000
x-auth-signatureYesThe generated signature stringCFCC2A...

2. Signature Algorithm (SHA256)#

Step 1: Prepare Parameters#

Collect all top-level parameters from your JSON request body.
Note: Recursively handle nested JSON objects if they differ from the standard flat structure, but for the signature string preparation, we generally flatten the structure or follow the specific rule: key={json_value} for nested objects.
Exclude keys with empty values (null or "").

Step 2: Sort and Concatenate#

1.
Sort: Sort the parameters by key name in ASCII (lexicographical) order.
2.
Concatenate: Join the parameters in the format key1=value1&key2=value2.
3.
Append Key: Append your appSecret to the end of the string using the format &key=YOUR_SECRET_KEY.
Example:
Assume your appSecret is Wy31kFZf4jkE+Y2XZhmFuQ and request parameters are:
{
    "target_currency": "USDT",
    "target_amount": 100,
    "transaction_type": "PAY_IN"
}
Sorted String:
target_amount=100&target_currency=USDT&transaction_type=PAY_IN
Final String to Sign:
target_amount=100&target_currency=USDT&transaction_type=PAY_IN&key=Wy31kFZf4jkE+Y2XZhmFuQ

Step 3: Hash and Uppercase#

1.
Hash: Calculate the SHA256 hash of the Final String.
2.
Uppercase: Convert the resulting hash string to hexadecimal uppercase.
Signature = Uppercase(SHA256(FinalString))

3. Code Examples#

Java#

Modified at 2025-12-19 02:44:02
Previous
Get started
Next
Parameter Specifications
Built with