Tevau-openApi
    Tevau-openApi
    • Get started
    • Signature instructions
    • Transaction description
    • 01. User
      • 1.1 Create User
        POST
      • 1.2 Query User
        POST
    • 02. KYC
      • 2.1 Submit KYC information
        POST
      • 2.2 Get the URL
        POST
      • 2.3 Query liveness results
        POST
      • 2.4 Query KYC
        POST
    • 03. Card
      • 3.1 Create Card
        POST
      • 3.2 Query Card List
        POST
      • 3.3 Adjust Card Balance
        POST
      • 3.4 Card Details
        POST
      • 3.5 Bind Card
        POST
      • 3.6 Close Card
        POST
      • 3.7 Freeze Card
        POST
      • 3.8 Unfreeze card
        POST
      • 3.9 Activate Card
        POST
      • 3.10 Card PAN
        POST
      • 3.11 Card PIN
        POST
      • 3.12 Card Limit
        POST
      • 3.13 Set Card Fee
        POST
      • 3.14 Query Card Fee
        POST
      • 3.15 3DS
        POST
      • 3.16 Update Phone
        POST
      • 3.17 Update Email
        POST
    • 04. Query logistics information
      • 4.1 Query Order
    • 05. Prefund
      • 5.1 Prefund Balance
      • 5.2 Query Bill Details
    • 06. Transaction
      • 6.1 Transaction History
      • 6.2 Transaction Details
    • 07. Simulated Trading
      • 7.1 Authorisation
      • 7.2 Clearing
      • 7.3 Refund
      • 7.4 Reversal
      • 7.5 3DS
      • 7.6 Simulate card status
    • 08. Webhook
      • 8.1 KYC Results
      • 8.2 Card Status
      • 8.3 Changes in card balance
      • 8.4 3DS
      • 8.5 Transaction
      • 8.6 Logistics status

    Signature instructions

    📌
    The encoding format is fixed as: UTF-8.
    1.
    The signature string consists of key-value pairs from all non-empty fields except sign, x-nexus-api-key, and versions.
    2.
    All fields participating in the signature are sorted in ascending order according to the ASCII code of the field names, then concatenated into a string in URL key-value pair format (i.e., key1=value1&key2=value2).
    Example:
    appId=companyAppId001
    nonce=V6BC6WHMU1D2NGT17D959C4W6RQP3I0D
    timestamp=20250421111104
    userCode=54
    The sorted string:
    string="appId=companyAppId001&nonce=V6BC6WHMU1D2NGT17D959C4W6RQP3I0D&timestamp=20250421111104userCode=54"
    3.
    Sign with the merchant's RSA private key;
    RSAUtils.sign(string, cusRsaPrivateKey)
    Such as testing the private key:
    cusRsaPrivateKey = "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCKu0DkMEGg4oRuVxL/vA8rhltFd+iN+T48VtyG/fM4qI0UaDixYeSBr78z/6hoBfqomUzFxlKhtQvR0gXN1NWH47wLH9yMJ7nqBtsgGfnfjFCKusmbnw+DpK2EcQfftEgbtRpp/WlUW2dlCt3uSa0Rkf8anbMYYYics7xu3VkBjo/CFMlP/yAf6KrmgBQ/tfmydOFPsQ3FgP9Wi/v4bEZkSjzBiLMzNaiXVMw1Uh4VjWXoz6ZtiDjE4xmL6Z7oukkYkZZwP00v0LQS4uyWHdr40rbfqYed3oMoZzIqXH+xaATFQrAfkGgBb8VSPdl0UzrH6iPHN5HBs6IAX95dS9o1AgMBAAECggEAUXkW6uvMHwfobkSEy9tNrWoCQBHjaT1u51C7witxo1yZPdrXMJUk9WSZDZie9jhMtKcTBzMpY/5HKroE3pSXsm50CLR1eXn7HQ1ZssiOjlKBGngH3nTTT6RuotEepqnhjyQUlxpTuU7Usepn24E5OpBbGO50N2VQLXcAursTgm2xaKCm8/dC17kpmeNT53bAECuFWhA2VvfeEtjgkafLdEZDnazOxAaRPha9IT64e2D0JiW9ituFBwJELcE6vZ2Av61onGtq8QZ7eAOqhzJ2Pfgxxhxk6HGJu1CCkWmXEscE8+kEMqLt0ziCCXRAniFtImmdCVzTWG91asktcAB/AQKBgQDAgAMYJizYsSDv7TK+67bul4au6RsBcD9vxICcX9OyFk5o3ucmFrYgPe1+BH1/3b42vTLjnAy0mhVZgiFNPqVuaX6OsTcX+6D8ndkS95csBN1oDJ1ElQ1TZGKnJ0FZGualLZTx4szZebR46RFVOD1fS30191SKYPlywvYV2QkQfQKBgQC4fqnF4pVOhEA+z7YRaWw8fhe33vdsHnXVhoEpJNvblLCxpOcs5ksjN3RtX2sI/9JGDqcc2RWrohu8oe5cojRdwyW0niyAkyjE7f5kiP7aDSM7JcAmRKMXTzQuaVnG/b+GrvIQ2bCp5KZZ93j3sAT3tzt/zefW+UQELUys1sCWGQKBgQCpOZ/+wciY8hX/dakvt64IT0LCTwBDonbR/ZAGaCOFIiDqBlJz5HFVJLu8FZxyJPBL1MWA3DU7K11rY399FX5+8tSkAlxpg/bBPM6Q4wGNW/V7u+MhYFrnnY8wXM0Q1Ro/yTNv9S6aXGhwBowLO7aQKJ+5KmWyhI+l+Ig3KqXSTQKBgQCDy7A6NcgVQ/KlLDrTK21vtV/6MSStLwFcXO6t1q/cp9alwLiIYadxa+8XJt/OmPm8pEELIaUSbAbGdSNTN2iTRpIL+iauXvHz5FQju53bZSEy4p/mdofPYfxT31yMA78rVpSEJw7F/xo7EMdwoWSbFWFCxnQFJSJKnZW1rt/7GQKBgFq1PPIWoPvYbMpMMWyzQbQtXHt6CxA9PDi8ZGslxQHBfsl1WXieEGP/JUXcZchLyHFzFvvQf3uK2EkWwjqeIrJF4VrMEMLpdIjR9fhnhLd6j9M52iLhu/q05W3xkU54oF9iD83KHtzqt5qOkSW6PBoBR3BwFyT+bAfg4JJYB8BD";
    The encrypted string above is:
    sign="DYtffEz/KTeHDOtG47pBbNntgJJEM2akmPRS2w9V43HDTSW5S52d8/k7596cO6/MF/IeEus3o9NLtqKMFwrZc0ju/qYHaSJbYL/YnPgs3peoI8xMTobge2bvIeEdbQXNxb0yxCQe5Im8Ndi5fITTfdFcz1ZM8+4T9M6MSDBnjfdpHpGV/KSgRFAeh71kP2PFYzt/g0NNqWVbeJCJVvStdYYumMis9fnY+quyD1XF8V+gymaQQWIxDKBXbMSpJuOgxjVuHE0jIe+x2dP8PNC/BlxspAFbdv1SRK7qOz7Ph83NPETm2RRigIA2SxLEw+ITC7PfI5kI6+PpZj29wk0KsQ==";
    4.
    After the request endpoint is successfully sent, the JSON string data is returned;
    💡
    Signature Notes
    All parameters (except sign, x-nexus-api-key, and versions fields) must be signed as long as they have values (excluding empty strings), otherwise the signature verification will fail!
    💡
    Code Example (JAVA Version)
    Contains MAVEN-JAR package version
https://oss.tevaupay.com/common-file/demo.zip
    Modified at 2025-07-25 10:13:32
    Previous
    Get started
    Next
    Transaction description
    Built with