Knowledge Center

Knowledge Center > API > REST API > REST API Reference > RSA Signatures

RSA Signatures

The REST API used in Payment Pages 2.0 are CORS (Cross-Origin Resource Sharing) enabled and therefore requires a digital signature. The POST rsa_signatures call generates and returns the required digital signature and token for a Payment Pages 2.0 form. You need to pass the generated signature to your client for it to access Payment Pages 2.0. 

This REST service should be used only when you implement Payment Pages 2.0. 

Request

  • Production: POST https://api.zuora.com/rest/v1/rsa-signatures
  • API Sandbox: POST https://apisandbox-api.zuora.com/rest/v1/rsa-signatures

Request Parameter

uri Required ​The URL that the Payment Page will be served from. Set it to:
  • https://www.zuora.com/apps/PublicHostedPageLite.do if you are on the production environment​
  • https://apisandbox.zuora.com/apps/PublicHostedPageLite.do if you are on the API Sandbox environment
method Required The type of the request. Set it to POST.
pageId Required The page id of your Payment Pages 2.0 form. Click Show Page Id next to the Payment Page name in the Hosted Page List to retrieve the page id.

Response

The following information is returned in a response:

signature Digital signature generated for this Payment Page.
token Token generated for this Payment Page.
tenantId ID of the Zuora tenant.
key Public key generated for this Payment Page.
success True if the request is successful.

Examples

Here is a sample code in Java that requests the digital signature and other information from Zuora:

package com.zuora.rest.signature;

import java.util.Map;

import com.rsa.certj.provider.pki.URLDecoder;
import com.zuora.rest.client.RestClient;
import com.zuora.rest.meta.signatures.POSTSignatureMeta;
import com.zuora.util.MapUtil;

public class SignatureTest {

    private static final String collection_uri = "/v1/rsa-signatures";
     
    public static void main(String[] args) throws Exception {
         
        RestClient.login("superadmin@myCompany.com", "password");
         
        String uri = "https://www.zuora.com/apps/PublicHostedPageLite.do";
         
        // Post request params
        Map<String, String> postSignatureReq = MapUtil.of(
                POSTSignatureMeta.uri.name(), uri,
                POSTSignatureMeta.method.name(), "POST",
                "pageId", "4028920a47a015ce0147a0199921000d"
                );
        Map result = RestClient.post(collection_uri, postSignatureReq, Map.class);
         
        String token = (String) result.get("token");
        String key = (String) result.get("key");
        String tenantId = (String) result.get("tenantId");
        String signature = (String) result.get("signature");
        Boolean success = (Boolean) result.get("success");
         
        System.out.printf("success: %s\n token: %s\n tenantId: %s\n signature: %s\n public key: %s\n", success, token, tenantId, URLDecoder.decode(signature) , key);
         
        RestClient.logout();
    }
}

Here is a sample code in Python that requests the digital signature and other information from Zuora:

import requests
import json

rest_call_url = ‘https://api.zuora.com/rest/v1/rsa-signatures’
my_hosted_page_url = ‘’
my_hosted_page_id = ‘’
my_username = ‘’
my_password = ‘’

data = {"uri": my_hosted_page_url, "method": "POST", "pageId": my_hosted_page_id}
headers = {'content-type': 'application/json'}

response = requests.post(rest_call_url, data=json.dumps(data), auth=(my_username, my_password), headers=headers)
response_json = response.json()

token = response_json['token']
signature = response_json['signature']
key = response_json['key']
tenant_id = response_json['tenantId']

 

 

Last modified
07:49, 9 Oct 2015

Tags

Classifications

(not set)