Developers > Documentation


IFrame

I-frame is an embeddable payment form for your website. It works within your site—customers can pay instantly, without being redirected away to complete the transaction.

1- Generate iFrame Api Key

The Iframe API key is the secret that is used to create order hash and merchant authentication, when signing up you already begin with a default key. you could generate unlimited keys with the key names you like to differentiate between your payment channels.

2- Generate Order Hash

The Order Hash is used to validate your order with what your customers are paying. Order hash generation uses HMAC SHA256 Crypto mechanism and is implemented as explained below:

//Copy and paste this code in your Backend
let crypto = require("crypto");
function generateKashierOrderHash(order){
const mid = "###-##-###"; //your merchant id
const amount = order.amount; //eg: 22.00
const currency = order.currency; //eg: "EGP"
const orderId = order.merchantOrderId; //eg: 99
const secret = "yourServiceSecretKey";
//eg: ""
const path = `/?payment=${mid}.${orderId}.${amount}.${currency}`;
const hash = crypto.createHmac('sha256', secret)
.update(path)
.digest('hex');
return hash;
}
//The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec

//Copy and paste this code in your Backend
function generateKashierOrderHash($order){
$mid = "###-##-###"; //your merchant id
$amount = $order->amount; //eg: 100 your system order ID
$currency = $order->currency; //eg: "EGP"
$orderId = $order->merchantOrderId; //eg: 99
$secret = "yourServiceSecretKey";
//eg: ""

$path = "/?payment=".$mid.$orderId.$amount.$currency;
$hash = hash_hmac( 'sha256' , $path , $secret ,false);
return $hash;
}
//The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec

#Copy and paste this code in your Backend
import hmac
import hashlib
import binascii
def generateKashierOrderHash(order):
    mid = "###-##-###"; #your merchant id
    amount = order['amount'] #eg: 100 your system order ID
    currency = order['currency']#eg: "EGP"
    orderId = order['merchantOrderId']#eg: 99
    path = '/?payment={}.{}.{}.{}'.format( mid, orderId, amount, currency )
    path = bytes(path, 'utf-8')
    secret = "yourServiceSecretKey"
#eg: ""

    secret = bytes(secret, 'utf-8')
return hmac.new(secret, path, hashlib.sha256).hexdigest()
#The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec

//Copy and paste this code in your Backend
using System.Security.Cryptography;
public class Kashier
{
      public static string create_hash()
      {
          string mid = "###-##-###"; //your merchant id
          string amount = "20";
          string currency = "EGP";
          string orderId = "99";
          string secret = "Secret Key";
          //eg: ""
          string path = "/?payment=" + mid + "." + orderId + "." + amount + "." + currency;
          string message;
          string key;
          key = secret;
          message = path;
          System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
          byte[] keyByte = encoding.GetBytes(key);
          byte[] messageBytes = encoding.GetBytes(message);
          HMACSHA256 hmacmd256 = new HMACSHA256(keyByte);
          byte[] hashmessage = hmacmd256.ComputeHash(messageBytes);
          return ByteToString(hashmessage).ToLower();
      }
      public static string ByteToString(byte[] buff)
      {
          string sbinary = "";
          for (int i = 0; i < buff.Length; i++)
          {
          sbinary += buff[i].ToString("X2"); // hex format
          }
          return (sbinary);
      }
    }
//The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec


You could validate your order hashing using this link

3- Order Payment

Finally, add the following code to your payment page:

<script id="kashier-iFrame"
src="https://test-iframe.kashier.io/js/kashier-checkout.js"
data-amount="ORDER-AMOUNT"
data-description="description"
data-hash="ORDER-HASH"
data-currency="ORDER-CURRENCY"
data-orderId="ORDER-ID"
data-merchantId="###-##-###"
data-merchantRedirect="https://youwebsite/yourCallBack"
//data-merchantRedirect should be "URI encoded".
data-store = "STORE-NAME"
data-type = "external" data-display="en" > </script>
Hosted Payment Page

Hosted Payment Page Integration allows a secure payment for your customers to your website through Kashier.io secured payment portal.

1- Generate Hosted Payment Page Api Key

Hosted Payment Page API key is the secret that is used to create order hash and merchant authentication, when signing up you already begin with a default key. you could generate unlimited keys with the key names you like to differentiate between your payment channels.

2- Generate Order Hash

The Order Hash is used to validate your order with what your customers are paying. Order hash generation uses HMAC SHA256 Crypto mechanism and is implemented as explained below:

//Copy and paste this code in your Backend
let crypto = require("crypto");
function generateKashierOrderHash(order){
const mid = "###-##-###"; //your merchant id
const amount = order.amount; //eg: 22.00
const currency = order.currency; //eg: "EGP"
const orderId = order.merchantOrderId; //eg: 99
const secret = "yourServiceSecretKey";
//eg: ""
const path = `/?payment=${mid}.${orderId}.${amount}.${currency}`;
const hash = crypto.createHmac('sha256', secret)
.update(path)
.digest('hex');
return hash;
}
//The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec

//Copy and paste this code in your Backend
function generateKashierOrderHash($order){
$mid = "###-##-###"; //your merchant id
$amount = $order->amount; //eg: 100 your system order ID
$currency = $order->currency; //eg: "EGP"
$orderId = $order->merchantOrderId; //eg: 99
$secret = "yourServiceSecretKey";
//eg: ""

$path = "/?payment=".$mid.$orderId.$amount.$currency;
$hash = hash_hmac( 'sha256' , $path , $secret ,false);
return $hash;
}
//The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec

#Copy and paste this code in your Backend
import hmac
import hashlib
import binascii
def generateKashierOrderHash(order):
    mid = "###-##-###"; #your merchant id
    amount = order['amount'] #eg: 100 your system order ID
    currency = order['currency']#eg: "EGP"
    orderId = order['merchantOrderId']#eg: 99
    path = '/?payment={}.{}.{}.{}'.format( mid, orderId, amount, currency )
    path = bytes(path, 'utf-8')
    secret = "yourServiceSecretKey"
#eg: ""

    secret = bytes(secret, 'utf-8')
return hmac.new(secret, path, hashlib.sha256).hexdigest()
#The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec

//Copy and paste this code in your Backend
using System.Security.Cryptography;
public class Kashier
{
      public static string create_hash()
      {
          string mid = "###-##-###"; //your merchant id
          string amount = "20";
          string currency = "EGP";
          string orderId = "99";
          string secret = "Secret Key";
          //eg: ""
          string path = "/?payment=" + mid + "." + orderId + "." + amount + "." + currency;
          string message;
          string key;
          key = secret;
          message = path;
          System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
          byte[] keyByte = encoding.GetBytes(key);
          byte[] messageBytes = encoding.GetBytes(message);
          HMACSHA256 hmacmd256 = new HMACSHA256(keyByte);
          byte[] hashmessage = hmacmd256.ComputeHash(messageBytes);
          return ByteToString(hashmessage).ToLower();
      }
      public static string ByteToString(byte[] buff)
      {
          string sbinary = "";
          for (int i = 0; i < buff.Length; i++)
          {
          sbinary += buff[i].ToString("X2"); // hex format
          }
          return (sbinary);
      }
    }
//The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec


You could validate your order hashing using this link

3- Order Payment

Finally, redirect your customer to the below url with the order parameters, your customer will pay through our Hosted Payment Page then gets redirected to your website with the payment result, the merchantRedirect Parameter should be "URI encoded".

https://test-iframe.kashier.io/payment?mid=###-##-###
&orderId=ORDER-ID
&amount=ORDER_AMOUNT
&currency=ORDER_CURRENCY
&hash=ORDER-HASH
&merchantRedirect=YOUR-SUCCESS-CALLBACK-URL
Customizable Form Keys are used for direct integration and for plugin integrations:
  • WooCommerce Plugin
  • Magento Plugin
  • Android SDK
  • Direct Payment Integration
  • Tokenization Integration

I-frame is an embeddable payment form for your website. It works within your site—customers can pay instantly, without being redirected away to complete the transaction.

1- Generate iFrame Api Key

The Iframe API key is the secret that is used to create order hash and merchant authentication, when signing up you already begin with a default key. you could generate unlimited keys with the key names you like to differentiate between your payment channels.

2- Generate Order Hash

The Order Hash is used to validate your order with what your customers are paying. Order hash generation uses HMAC SHA256 Crypto mechanism and is implemented as explained below:

//Copy and paste this code in your Backend
let crypto = require("crypto");
function generateKashierOrderHash(order){
const mid = "###-##-###"; //your merchant id
const amount = order.amount; //eg: 22.00
const currency = order.currency; //eg: "EGP"
const orderId = order.merchantOrderId; //eg: 99
const secret = "yourServiceSecretKey";
//eg: ""
const path = `/?payment=${mid}.${orderId}.${amount}.${currency}`;
const hash = crypto.createHmac('sha256', secret)
.update(path)
.digest('hex');
return hash;
}
//The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec

//Copy and paste this code in your Backend
function generateKashierOrderHash($order){
$mid = "###-##-###"; //your merchant id
$amount = $order->amount; //eg: 100 your system order ID
$currency = $order->currency; //eg: "EGP"
$orderId = $order->merchantOrderId; //eg: 99
$secret = "yourServiceSecretKey";
//eg: ""

$path = "/?payment=".$mid.$orderId.$amount.$currency;
$hash = hash_hmac( 'sha256' , $path , $secret ,false);
return $hash;
}
//The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec

#Copy and paste this code in your Backend
import hmac
import hashlib
import binascii
def generateKashierOrderHash(order):
    mid = "###-##-###"; #your merchant id
    amount = order['amount'] #eg: 100 your system order ID
    currency = order['currency']#eg: "EGP"
    orderId = order['merchantOrderId']#eg: 99
    path = '/?payment={}.{}.{}.{}'.format( mid, orderId, amount, currency )
    path = bytes(path, 'utf-8')
    secret = "yourServiceSecretKey"
#eg: ""

    secret = bytes(secret, 'utf-8')
return hmac.new(secret, path, hashlib.sha256).hexdigest()
#The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec

//Copy and paste this code in your Backend
using System.Security.Cryptography;
public class Kashier
{
      public static string create_hash()
      {
          string mid = "###-##-###"; //your merchant id
          string amount = "20";
          string currency = "EGP";
          string orderId = "99";
          string secret = "Secret Key";
          //eg: ""
          string path = "/?payment=" + mid + "." + orderId + "." + amount + "." + currency;
          string message;
          string key;
          key = secret;
          message = path;
          System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
          byte[] keyByte = encoding.GetBytes(key);
          byte[] messageBytes = encoding.GetBytes(message);
          HMACSHA256 hmacmd256 = new HMACSHA256(keyByte);
          byte[] hashmessage = hmacmd256.ComputeHash(messageBytes);
          return ByteToString(hashmessage).ToLower();
      }
      public static string ByteToString(byte[] buff)
      {
          string sbinary = "";
          for (int i = 0; i < buff.Length; i++)
          {
          sbinary += buff[i].ToString("X2"); // hex format
          }
          return (sbinary);
      }
    }
//The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec


You could validate your order hashing using this link

3- Order Payment

Finally, add the following code to your payment page:

<script id="kashier-iFrame"
src="https://test-iframe.kashier.io/js/kashier-checkout.js"
data-amount="ORDER-AMOUNT"
data-description="description"
data-hash="ORDER-HASH"
data-currency="ORDER-CURRENCY"
data-orderId="ORDER-ID"
data-merchantId="###-##-###"
data-merchantRedirect="https://youwebsite/yourCallBack"
//data-merchantRedirect should be "URI encoded".
data-store = "STORE-NAME"
data-type = "external" data-display="en" > </script>

Hosted Payment Page Integration allows a secure payment for your customers to your website through Kashier.io secured payment portal.

1- Generate Hosted Payment Page Api Key

Hosted Payment Page API key is the secret that is used to create order hash and merchant authentication, when signing up you already begin with a default key. you could generate unlimited keys with the key names you like to differentiate between your payment channels.

2- Generate Order Hash

The Order Hash is used to validate your order with what your customers are paying. Order hash generation uses HMAC SHA256 Crypto mechanism and is implemented as explained below:

//Copy and paste this code in your Backend
let crypto = require("crypto");
function generateKashierOrderHash(order){
const mid = "###-##-###"; //your merchant id
const amount = order.amount; //eg: 22.00
const currency = order.currency; //eg: "EGP"
const orderId = order.merchantOrderId; //eg: 99
const secret = "yourServiceSecretKey";
//eg: ""
const path = `/?payment=${mid}.${orderId}.${amount}.${currency}`;
const hash = crypto.createHmac('sha256', secret)
.update(path)
.digest('hex');
return hash;
}
//The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec

//Copy and paste this code in your Backend
function generateKashierOrderHash($order){
$mid = "###-##-###"; //your merchant id
$amount = $order->amount; //eg: 100 your system order ID
$currency = $order->currency; //eg: "EGP"
$orderId = $order->merchantOrderId; //eg: 99
$secret = "yourServiceSecretKey";
//eg: ""

$path = "/?payment=".$mid.$orderId.$amount.$currency;
$hash = hash_hmac( 'sha256' , $path , $secret ,false);
return $hash;
}
//The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec

#Copy and paste this code in your Backend
import hmac
import hashlib
import binascii
def generateKashierOrderHash(order):
    mid = "###-##-###"; #your merchant id
    amount = order['amount'] #eg: 100 your system order ID
    currency = order['currency']#eg: "EGP"
    orderId = order['merchantOrderId']#eg: 99
    path = '/?payment={}.{}.{}.{}'.format( mid, orderId, amount, currency )
    path = bytes(path, 'utf-8')
    secret = "yourServiceSecretKey"
#eg: ""

    secret = bytes(secret, 'utf-8')
return hmac.new(secret, path, hashlib.sha256).hexdigest()
#The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec

//Copy and paste this code in your Backend
using System.Security.Cryptography;
public class Kashier
{
      public static string create_hash()
      {
          string mid = "###-##-###"; //your merchant id
          string amount = "20";
          string currency = "EGP";
          string orderId = "99";
          string secret = "Secret Key";
          //eg: ""
          string path = "/?payment=" + mid + "." + orderId + "." + amount + "." + currency;
          string message;
          string key;
          key = secret;
          message = path;
          System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
          byte[] keyByte = encoding.GetBytes(key);
          byte[] messageBytes = encoding.GetBytes(message);
          HMACSHA256 hmacmd256 = new HMACSHA256(keyByte);
          byte[] hashmessage = hmacmd256.ComputeHash(messageBytes);
          return ByteToString(hashmessage).ToLower();
      }
      public static string ByteToString(byte[] buff)
      {
          string sbinary = "";
          for (int i = 0; i < buff.Length; i++)
          {
          sbinary += buff[i].ToString("X2"); // hex format
          }
          return (sbinary);
      }
    }
//The Result Hash for /?payment=mid-0-1.99.20.EGP with secret 11111 should result 606a8a1307d64caf4e2e9bb724738f115a8972c27eccb2a8acd9194c357e4bec


You could validate your order hashing using this link

3- Order Payment

Finally, redirect your customer to the below url with the order parameters, your customer will pay through our Hosted Payment Page then gets redirected to your website with the payment result, the merchantRedirect Parameter should be "URI encoded".

https://test-iframe.kashier.io/payment?mid=###-##-###
&orderId=ORDER-ID
&amount=ORDER_AMOUNT
&currency=ORDER_CURRENCY
&hash=ORDER-HASH
&merchantRedirect=YOUR-SUCCESS-CALLBACK-URL

Customizable Form Keys are used for direct integration and for plugin integrations:

  • WooCommerce Plugin
  • Magento Plugin
  • Android SDK
  • Direct Payment Integration
  • Tokenization Integration