All the Prepaid Platform APIs are authenticated using a key auth. Key auth requires an x-api-key parameter in the header for each request.
Wibmo will share the required x-api-key to access the Private Sandbox environment.
API Key for Sandbox & Production
The x-api-key for the Sandbox environment and production environment are different. Contact your WIBMO key account manager (KAM) for more details.
Payload Encryption and Decryption
To ensure maximum security during the API calls, the clients must encrypt and decrypt the request and response payload respectively.
- Algorithm: AES CBC 192 with PKCS5 padding
- Secret Key: A secret key will be shared with the client for the Sandbox environment & production environment separately, this key will be used to encrypt or decrypt the request or response using ECB or CBC mode.
The Encrypt API against each API is used to encrypt the payload for the API used, but the BODY parameters involved in the Encrypt API vary for each API. Hence, you will find the Encrypt API in the various modules document with the different sets of BODY parameters.
The Decrypt API is used to decrypt the response from the various APIs used and the BODY remains the same. For more information, refer to Decrypt API.
This document is split into the following categories for easier navigation:
Customer Onboarding and Profile Management
Card & Wallet Management
- Linking a Card
- Profiling Transaction Methods
- Fetch Card Control
- Updating Card Limit
- Fetch Card Level Limit API
- Blocking Card
- Unblocking Card
- Ordering Cards in Bulk
- Replacing Card API