Generate Signature

Authenticate your request

Overview

A signature is an encrypted string of data obtained by processing the request's body data through the combined SHA-256 & RSA Algorithm (Crypto: JCE Sign). The signature at the client's end is encrypted using a unique private key of a CA-signed certificate. To pass a request, the user should process the message body, encrypt it to create a signature, and enclose it in the request.

Every request received by SingleView API is authenticated by decrypting the signature using a Public key/certificate.

Representation of flow to generate Signature

Representation of process flow to generate an encrypted Signature

Generating and Including a Signature in a Request

To ensure data integrity and authentication, every request payload must be digitally signed using the merchant’s private key. The signature is then verified by the receiving system using the corresponding public key from the certificate.

📘

Important Information

  • Algorithm: SHA256withRSA
  • Encoding: Always use UTF-8 for string-to-byte conversion
  • Signature format: Base64 string
  • Signed portion: Only the Message object, not the full JSON
  • Keystore: Must be in .p12 or .pfx format containing a valid RSA private key and certificate
  • Verification: Use the public key from the corresponding certificate

Step 1. Prepare the Payload

Construct your JSON payload. For example:

curl --location 'https://sandboxapi.onesingleview.com/api/v1/getbeneficary/bankdetails' \
--header 'CompanyId: MYCOMPANY'
--header 'SVReferenceID: SV150619940615'
--header 'DateTimeStamp	:2025-01-02T10:20:39'
--header 'Device: Web'
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjoiTDNyMmpxV29JS2I4MTNodDBNMlZ4WGpFZmR6WFNWaTFad3B5QnlkOVpHelZXR2ZwUmFQNUV1TXl6S1Aybi94Y0lwR2V5STNNMkdPL1pqakd4ZG0yclJKUkdhRXlaWGNpWnZnOHArMWIyOGtOQTVkZ0VKajVVSEdiTmtNPSIsImlhdCI6MTczNTgwMTQ3NywiZXhwIjoxNzM1ODA1MDc3fQ.Bh7LFkvxNFrLe9dmH5rURWjGpES-u4z2EGeyrNM7z6E'
--header 'Content-Type: application/json'
--data '{
"Message": {
  "OSVBeneficiaryBankDetailsRequest": {
    "OSVBeneficiaryBankDetails": [
      {
        "NationalId": "1350011923",
        "IBANAccount": "SA2015587976172154821147"
      }
    ]
  }
},
"Signature": ""
}'

Step 2. Extract the Payload Portion to Sign

Only the Message object (not the entire payload) is signed.

{
  "OSVBeneficiaryBankDetailsRequest": {
    "OSVBeneficiaryBankDetails": [
      {
        "NationalId": "1350011923",
        "IBANAccount": "SA2015587976172154821147"
      }
    ]
  }
}
String dataToSign = jsonObject.getJSONObject("Message").toString();

Step 3. Load the Signing Key

The private key is retrieved from a PKCS#12 keystore (.p12/.pfx file).

KeyStore keyStore = KeyStore.getInstance("PKCS12");
try (FileInputStream fis = new FileInputStream("your_certificate.p12")) {
  keyStore.load(fis, "your_password".toCharArray());
}
String alias = keyStore.aliases().nextElement();
PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, "your_password".toCharArray());

⚠️ Replace your_certificate.p12 and your_password with your actual keystore file and password.

Step 4. Generate the Signature

Use the SHA256withRSA algorithm.

Signature signature = Signature.getInstance("SHA256withRSA");
signature.initSign(privateKey);
signature.update(dataToSign.getBytes(StandardCharsets.UTF_8));
byte[] signatureBytes = signature.sign();
String signatureBase64 = Base64.getEncoder().encodeToString(signatureBytes);

Step 5. Attach the Signature

Add the signature back into the payload as a new field.

{
  "Message": {
    "OSVBeneficiaryBankDetailsRequest": {
      "OSVBeneficiaryBankDetails": [
        {
          "NationalId": "1097227266",
          "IBANAccount": "SA5790000000029900655431"
        }
      ]
    }
  },
  "Signature": "insertBase64EncodedSignatureHere"
}

For any additional information or support, please reach out to us at [email protected]