Application Programming Interfaces (API)
OKPAY SOAP API provides programmatic access to OKPAY features and services.
Developers can build custom applications, tools and services that correspond to the same services and tools available through the main OKPAY website, https://www.okpay.com/. Typical applications include transactions search, mass payments, etc. The API is based on open standards known collectively as “Web Services”, which include the Simple Object Access Protocol (SOAP), Web Services Definition Language (WSDL), and the XML Schema Definition language (XSD). These standards are supported by a wide range of development tools on a variety of platforms.
OKPAY uses SOAP version 1.1.
OKPAY Service Location
OKPAY Web Services schema base and core components are required for developing applications to work with the OKPAY Web Services API. The following is the location of the WSDL and XSD files:
How SOAP API works
Like many web services, OKPAY SOAP is a combination of client-side and server-side schemas, hardware and software servers, and core services.
Figure 1. OKPAY SOAP High-level Diagram
In an object-oriented processing model, the interface to SOAP requests/responses is an object in your application's native programming language. Your third-party SOAP client generates business-object interfaces and network stubs from OKPAY-provided WSDL and XSD files that specify the OKPAY SOAP message structure, its contents and the OKPAY API service bindings. A business application works with data in the form of object properties to send and receive data by calling object methods. The SOAP client handles the details of building the SOAP request, sending it to the OKPAY service, and converting the response back to an object.
Operations that can be performed via OKPAY API
API supports the following operations:
- General. General-purpose functions: get server time, verify if an account exists in the system, etc.
- Transfers. Moving funds from one account to another. With this command you can transfer funds in any currency supported by OKPAY.
- History. Requesting history of a specified wallet. Additional parameters can be used such as date range, currency, destination account, etc. This function is also necessary if you wish to receive information about specific transactions.
- Balance. Wallet balance requests. Get a wallet's balance in all currencies or return the balance of a specified currency.
- And many more...
Refer to the Functions page for a complete list of API features.
OKPAY has made some schema design decisions that can affect how businesses design their own applications.
- Enumerations. Enumerations are defined directly in the OKPAY API schema.
- Troubleshooting information. OKPAY API returns information about elements that trigger errors.
- Backward compatibility. OKPAY API is versioned so that business applications are backward compatible when new elements are introduced to the server-side schema.
The OKPAY SOAP API service assumes that all data in SOAP requests is in Unicode - specifically, the Unicode (or UCS) Transformation Format, 8-bit encoding form (UTF-8). In SOAP responses, the service always returns data in UTF-8.
Data Format Conventions
This table lists the types and format of data utilised by OKPAY API.
||Unique OKPAY Account ID. String containing only numbers (xxxxxxxx) up to 9 digits long.
||"123456789", "987654321", etc.
||Unique OKPAY Wallet ID. String starting with OK followed by 9 digits (OKxxxxxxxxx).
|| "OK123456789", "OK987654321", etc.
The currency amount field has the following structure:
- The amount must have two decimal places.
- The decimal separator must be a period (".").
- You must not use the thousands separator.
||String containing date and time in the following format "YYYY-MM-DD hh:mm:ss".
||"2010-12-31 10:33:44", "2005-06-07 01:02:03", etc.
||Very long number (64-bit integer).
||3-character code of a currency supported by OKPAY.
"USD", "EUR", etc.
||2-character code of a country.
||"US", "DE", "CA", etc.
Related information can be also found in the Data Structures section of OKPAY API.
An API call must always contain information that will let the API server authenticate the calling user. This call will contain a Wallet ID and other information that will help the server to accurately identify the user submitting the request. Every server request to API must contain the following authentication information:
- WalletID. The wallet that the user wishes to query with enabled API access.
- SecurityToken. This parameter consists of a hashed line of text formed by concatenating the API access password and the UTC date.
Creating a security token
To create a security token, use the following procedure:
- Apply concatenation to obtain the following line:
Access Password:Date UTC in YYYYMMDD format:Time UTC in HH format.
- Do a hash of the above line by SHA256. For example, if API access password = MyApiPass and UTC date = 2010-06-01 15:30 (24h format)
Concatenation of parameters: MyApiPass:20100601:15
SHA256 hash of the above line:
The OKPAY SOAP API service is protected to ensure that only authorised OKPAY clients can use it. There are three levels of security:
- A required API username (WalletID) and an API security token;
- Secure Sockets Layer (SSL) data transport;
- Access filtering by IP address in wallet settings.
Authentication failure at any of these levels denies access to the OKPAY SOAP API Service.
Use these resources to learn more about API features: