1. Home
  2. Interswitch Security Headers
  3. Authentication
  4. HTTP Headers for Authentication

HTTP Headers for Authentication

The following describes the important headers required to be sent.


S/N Headers   Description
1. Timestamp Mandatory Request timestamp in epoch (unix). It must be in seconds and NOT milliseconds. e.g. 1440071245
2. Nonce Mandatory Request nonce. A unique generated value for each request. It should not be repeated. Length should NOT be more than 64 characters. e.g.


3. Authorization Mandatory Describes the Realm and Identity of the user requesting access to resource. See pseudo-code below
4 Signature Mandatory Request signature. Must be represented in base 64. The signature is calculated from a combination defined data elements separated by the ‘&’ character. See pseudo-code below
5 SignatureMethod Mandatory The cryptographic hash function used to calculate the Signature e.g. “SHA512”
6 Content-Type Mandatory The MIME type of the body of the request e.g.




Sample Authentication Headers
Authorization: InterswitchAuth SUtJQUVFMzhDMjRBMzYzRTRGQzAxREVCRkJGRTlGOERDMUY0QkNCMkJDNDg= Content-Type: application/json
Nonce: 091f90dbbf9748f0b2854a038dbdac44
SignatureMethod: SHA512
Signature: mf73jzzhaVN8U0oZ7iiKcVgEzBY=
Timestamp: 1440071245

Was this article helpful to you? Yes No

How can we help?