# Қолтаңбаны қалыптастыру Төлем жүйесімен өзара іс-қимыл жасау үшін сұрау салуларға SHA256 алгоритмін пайдалана отырып қол қойылады. Қолтаңбаны қалыптастыру үшін: 1. POST сауал жағдайында requestData сауалының денесі әліпби бойынша сұрыпталады және BASE64-те кодталады. 2. GET сауал жағдайында, Query params-ты JSON-ға түрлендіреміз. В: { "merchant\_id" : 123, "project\_client\_id" : "999", "project\_id" : 124} Түрлендіргеннен кейін әліпби бойынша сұрыптаймыз және BASE64-те кодтаймыз. 3. Сауалдың (base64EncodedData) кодталған денесін және secret (мерчантқа төлем ұйымы береді) байланыстырамыз 4. SHA256 хеш-функциясын пайдалана отырып, алынған нәтижені хэштейміз (dataToSign) 5. Қолтаңбаны сауалының тақырыбына қосамыз Authorization: Bearer sign {% hint style="warning" %} **"" бос жол мәні бар өрістерді қоспағанда, бүкіл сұрау мәтіні қолтаңбаға қосылады.** {% endhint %} {% hint style="warning" %} **Additional\_data өрісі қолтаңбаны қалыптастыруға қатыспайды** {% endhint %} {% code lineNumbers="true" %} ```bash curl --location 'https://prapi.tarlanpayments.kz/transaction/...' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer ff1a38a78ccca1b313ae172307e49112066ec2f5a1dfa2a76110104da3012896' --data-raw '{}' ``` {% endcode %} {% tabs %} {% tab title="PHP" %} {% code lineNumbers="true" %} ```php "9999", "merchant_id" => 1, "project_id" => 1, "additional_data" => ["key" => "This should be excluded"] ]; $secret = "12345"; // Remove the "additional_data" field from the request data unset($requestData["additional_data"]); // Sort the request data by keys in alphabetical order ksort($requestData); // Encode the sorted request data to JSON $sortedJson = json_encode($requestData, JSON_UNESCAPED_SLASHES); // Encode the sorted JSON to base64 $base64EncodedData = base64_encode($sortedJson); // Concatenate the base64-encoded data with the secret $dataToSign = $base64EncodedData . $secret; // Hash the result to SHA-256 $sha256Hash = hash("sha256", $dataToSign); echo $sha256Hash; ``` {% endcode %} {% endtab %} {% tab title="Python3" %} {% code lineNumbers="true" %} ```python import json import base64 import hashlib request_data = { "project_client_id": "9999", "merchant_id": 1, "project_id": 1, "additional_data": {"key":"This should be excluded"} } secret = "12345" # Remove the "additional_data" field from the request data if "additional_data" in request_data: del request_data["additional_data"] # Sort the request data by keys in alphabetical order sorted_data = json.dumps( request_data, sort_keys=True, ensure_ascii=False, separators=(',', ':'), ) # Encode the sorted JSON to base64 base64_encoded_data = base64.b64encode(sorted_data.encode()).decode() # Concatenate the base64-encoded data with the secret data_to_sign = base64_encoded_data + secret # Hash the result to SHA-256 sha256_hash = hashlib.sha256(data_to_sign.encode()).hexdigest() print(sha256_hash) ``` {% endcode %} {% endtab %} {% tab title="Golang" %} 
package main

import (
	"crypto/sha256"
	"encoding/base64"
	"encoding/json"
	"fmt"
)  // Тело берется из создания транзакции 

type Request struct {
	ProjectClientID string `json:"project_client_id"`
	MerchantId      uint64 `json:"merchant_id"`
	ProjectId       uint64 `json:"project_id"`
	AdditionalData  map[string]string `json:"additional_data"`
}

const secret = "12345"

func main() {
	request := Request{
		ProjectClientID: "9999",
		MerchantId:      1,
		ProjectId:       1,
		AdditionalData: map[string]string{
			"key": "This should be excluded",
		},
	}

	notSortedJson, err := json.Marshal(&request)
	if err != nil {
		panic(err)
	}

	var notSorteddMap map[string]interface{}

	
	if err = json.Unmarshal(notSortedJson, &notSorteddMap); err != nil {
		panic(err)
	}

	delete(notSortedMap, "additional_data")
	
	sortedJson, err := json.Marshal(&notSorteddMap)
	if err != nil {
		panic(err)
	}

	signData := base64.StdEncoding.EncodeToString(sortedJson)
	
	sign := sha256.Sum256([]byte(signData + secret))

	fmt.Printf("%x", sign)

}
{% endtab %} {% tab title="Dart" %} ```dart const paymentSecretKey = "123"; String hashedSecretKey({ required Map requestData, }) { // Sort the request data by keys in alphabetical order List> sortedEntries = requestData.entries.toList() ..sort((a, b) => a.key.compareTo(b.key)); Map sortedData = Map.fromEntries(sortedEntries); // Sort the request data by keys in alphabetical order String encodedData = json.encode(sortedData); // Encode the sorted JSON to base64 String base64EncodedData = base64.encode(Utf8Encoder().convert(encodedData)); // Concatenate the base64-encoded data with the secret String dataToSign = base64EncodedData + paymentSecretKey; // Hash the result to SHA-256 Digest sha256Hash = sha256.convert(Utf8Encoder().convert(dataToSign)); final result = sha256Hash.toString(); log('auth token $result'); return result; } ``` {% endtab %} {% endtabs %} [^1]: [https://app.gitbook.com/o/gxK1VbNmJ8bcGc8xM5wD/s/dkkz4EKtpaWVPlq7ZwsC/\~/changes/61/spravochnik-metodov-api/vzaimodeistvie-s-formoi-oplaty](https://docs.tarlanpayments.kz/az/t-lem-shlyuzi/broken-reference) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.tarlanpayments.kz/az/t-lem-shlyuzi/olta-bany-alyptastyru.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.