Payment HMAC Example

All HTTP MobilePay PoS method requests must comply MobilePay authorization header with HMAC method. 

OrderId: "123A124321"
PoSId: "a123456-b123-c123-d123-e12345678901"
MerchantId: "POSDK99999"
LocationId: "88888"
Amount: "43.33"
BulkRef: "MP Bulk Reference"


The MerchantKey is currently calculated as the following, based on MerchantId provided by MobilePay:
MerchantKey = SHA256(ISO-8859-1({Substring(MerchantId, 3, 6)}))
The substring of the MerchantId is calculated by skipping the first 3 characters and using the next 6 characters.

Input to HMAC
POSDK9999988888#a123456-b123-c123-d123-e12345678901#123A124321#43.33#MP Bulk Reference#

Note that the fields must be trimmed for leading and trailing white space.

Calculated Base64 HMAC