The following describes the important headers required to be sent.
| S/N | Headers | Description | |
| 1. | Timestamp | Mandatory | Request timestamp in epoch (unix). It must be in seconds and NOT milliseconds. e.g. 1440071245 |
| 2. | Nonce | Mandatory | Request nonce. A unique generated value for each request. It should not be repeated. Length should NOT be more than 64 characters. e.g.
f5ab08912e11d147b65d0789e1ad58472dca64e9 |
| 3. | Authorization | Mandatory | Describes the Realm and Identity of the user requesting access to resource. See pseudo-code below |
| 4 | Signature | Mandatory | Request signature. Must be represented in base 64. The signature is calculated from a combination defined data elements separated by the ‘&’ character. See pseudo-code below |
| 5 | SignatureMethod | Mandatory | The cryptographic hash function used to calculate the Signature e.g. “SHA512” |
| 6 | Content-Type | Mandatory | The MIME type of the body of the request e.g.
application/json |
Sample Authentication Headers
Authorization: InterswitchAuth SUtJQUVFMzhDMjRBMzYzRTRGQzAxREVCRkJGRTlGOERDMUY0QkNCMkJDNDg= Content-Type: application/json
Nonce: 091f90dbbf9748f0b2854a038dbdac44
SignatureMethod: SHA512
Signature: mf73jzzhaVN8U0oZ7iiKcVgEzBY=
Timestamp: 1440071245