Electronic Invoicing System API v1
Developers Guide
×
Menu
Index
Search
 
   
   
   
 
 © Malawi Revenue Authority - ICT Research and Innovations, 2024

5.1.2.1. Request

 
 
     
Sample Request:
curl -X 'POST' \
  'https://dev-eis-api.mra.mw/api/v1/onboarding/terminal-activated-confirmation' \
  -H 'accept: text/plain' \
  -H 'x-signature: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoiMjAxNjI5MzkiLCJodHRwczovL21yYS5tdy9EZXZpY2VJZCI6IjNhNmQzNzAzLTFjMzktNDFlOC05OGNlLWIzOGQ5NTc0NTQwZCIsImh0dHBzOi8vbXJhLm13L1NlY3JldEtleSI6ImY3NTQyODE2YTA4ODMzMTRhMTQ2YTZkMTI3NjM0OWQ5ZTczNmEwMCIsImh0dHBzOi8vbXJhLm13L0FQSUtleSI6ImY3NTQyODE2YTA4ODMzMTRhMTQ2YTZkMTI3NjM0OWQ5ZTczNmEwMCIsImh0dHBzOi8vbXJhLm13L1RJTiI6IjIwMTYyOTM5IiwiZXhwIjoxNzI4OTI2NzI2LCJpc3MiOiJNUkEiLCJhdWQiOiJFSVNUZXJtaW5hbHMifQ.pg-jKtsxKh6L0pEbu4RdJaj_bMijXmUGRmoH9k6Mh4g' \
  -H 'Content-Type: application/json' \
  -d '{
  "terminalId": "3a6d3703-1c39-41e8-98ce-b38d9574540d"
}'
 
 
 
The API call will only be successful if you provide the following parameters
.
Json Path
Natural Name
Data Type
Restrictions
Comments
$.terminalId
Terminal Id
String
- Mandatory
- Max Length 50
Taxpayers will receive this code as a response when activating their terminal.
x-signature
X Signature
string
-mandatory
This will be computed from a combination of secret key and Terminal Activation Code
 
X-Signature generation
 
The x-signature is computed by combining the secret key received from the terminal activation response with the Terminal Activation Code.
 
This is done by generating an HMAC-SHA512 hash of the Terminal Activation Code using the secret key, and then encoding the result in Base64.
 
1. C# Example:
 
internal static string ComputeXSignature(string activationCode, string secretKey)
{
    using (var hmac = new HMACSHA512(Encoding.UTF8.GetBytes(secretKey)))
    {
        byte[] hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(activationCode));
        return Convert.ToBase64String(hash);
    }
}
 
2. PHP Example:
function computeXSignature($activationCode, $secretKey) {
    $hash = hash_hmac('sha512', $activationCode, $secretKey, true);
    return base64_encode($hash);
}
 
3. Java Example:
 
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.util.Base64;
 
public class SignatureUtil {
    public static String computeXSignature(String activationCode, String secretKey) throws Exception {
        Mac sha512_HMAC = Mac.getInstance("HmacSHA512");
        SecretKeySpec keySpec = new SecretKeySpec(secretKey.getBytes("UTF-8"), "HmacSHA512");
        sha512_HMAC.init(keySpec);
        byte[] hash = sha512_HMAC.doFinal(activationCode.getBytes("UTF-8"));
        return Base64.getEncoder().encodeToString(hash);
    }
 
    public static void main(String[] args) throws Exception {
        System.out.println(computeXSignature("ActivationCode", "SecretKey"));
    }
}
 
4. Python Example:
 
import hmac
import hashlib
import base64
 
def compute_x_signature(activation_code, secret_key):
    hmac_obj = hmac.new(secret_key.encode('utf-8'),
                        activation_code.encode('utf-8'),
                        hashlib.sha512)
    return base64.b64encode(hmac_obj.digest()).decode('utf-8')
 
print(compute_x_signature("myActivationCode", "mySecretKey"))