Quick Start Guide
This direct integration method uses API requests/responses to pass information between your platform/website/mobile application and Tamara. It is the simplest and the easiest method of integration, that will work on just about any platform.
Getting a merchant account
When you sign up for a Tamara merchant account, you will be provided with an API token, Notification token and Public Key(to display widgets on online integrations only). You authenticate yourself with our API token by providing your bearer API token in the request Authorization header.
Base URLs
During integration, Tamara provides merchants with a sandbox endpoint to use while integrating, make sure to use it during integration and testing.
https://api-sandbox.tamara.co
https://api.tamara.co
Make sure to use the correct base URL for sandbox/production environment
API Token
Merchant can authenticate with Tamara's APIs by providing their API token in the request's Authorization header as a bearer token.
Authorization: Bearer
Notification token
Tamara will notify merchant's webhook endpoint URL with a notification payload using the (HTTP request) method when order status is updated at Tamara's end with the events(status changes) you registered in Step [3]
Tamara provides a Notification Token to merchants to authenticate the notifications received from Tamara. This JWT token will be attached to the webhook/notification endpoint as a query parameter called tamaraToken as well as having that tamaraToken in the authorization header as Bearer tamaraToken (Check examples below for more info).
tamaraToken is an encoded JWT token using HS256 algorithm, and merchants can use the Notification Token provided by Tamara, to decode it, to ensure that the payload sent to your Webhook URL endpoint is sent from Tamara without any modifications (security aspect).
Please keep your tokens securely guarded and donโt share them.
Updated 5 days ago