Code Copied.

Preparing JavaScript SDK

When integrate the payment, merchant need to prepare both SDK preparation and API preparation.
Before calling SDK, merchant need the fgkey to check parameter forgery and alteration. Be sure to check the FGKey preparation.

Install JavaScript SDK

Install the Eximbay library on the HTML page where you want to integrate the payment window.

                
<!-- jQuery -->
<script type="text/javascript" src="https://code.jquery.com/jquery-1.12.4.min.js"></script>
<!-- SDK  -->
<script type="text/javascript" src="https://api-test.eximbay.com/v1/javascriptSDK.js"></script>

After you have installed a Eximbay SDK, you can request the request_pay method with the EXIMBAY object. 

                
<button type="button" onclick="payment();">결제 창 연동</button>
	.
	.
	.
<script type="text/javascript">
      function payment() {
          // 결제 창 연동 sdk
          EXIMBAY.request_pay({
							// Payment Ready API로 생성된 fgkey
              "fgkey" : "0E9BE04BA239A519E68171F26B68604ADA0A85C8350DBF5C8C0FCCF98461DB09",
              "payment" : {
                  "transaction_type" : "PAYMENT",
                  "order_id" : "20220819105102",
                  "currency" : "USD",
                  "amount" : "1",
                  "lang" : "EN"
              },
              "merchant" : {
                  "mid" : "1849705C64"
              },
              "buyer" : {
                  "name" : "eximbay",
                  "email" : "test@eximbay.com"
              },
              "url" : {
                  "return_url" : "eximbay.com",
                  "status_url" : "eximbay.com"
              }
          });
      }
</script>

Preparing API

Prepare the API key, authentication, and request protocol settings required to call the API.

API Key

To send requests to the Eximbay API, you need an API key. Authenticate using the API key issued to the person in charge email after signing the Eximbay PG contract. If it's not yet contracted, use your test API Key to call the API.

Test Merchant 
                  
    mid:   1849705C64

    API Key:   test_1849705C642C217E0B2D

Please keep the issued API key safely. Care must be taken not to expose API keys to publicly accessible places such as browsers.

How to get API Key

Merchant must sign a PG contract with Eximbay before the API Key is issued. After signing the contract, the API Key and Mid will be sent to the manager’s email.

In the development stage for online payment integration, you must use the test API key and test Mid, and if you want to provide payment to real customers after integration, you must use the live API key and Mid.
If you use the test API key, you will not be able to make an actual payment even if you proceed with payment, and you can test during the payment integration process. A test API key starts with test_, and a live key starts withlive_

API Key Type Separator Description Actual Payment Notice
Live Key live_ It can be used for payments to real customers. O Actual payment is made.
Test Key test_ It can be used for testing purposes when payment integration is in progress. X No actual payment is made.

Authentication

Add an Authorization field to the HTTP request header,
encodes the API Key as Base64. When encoding API Key, make sure to include : at the end of API Key. Add Basic before the encoded API Key. 

                    
Authorization: Basic dGVzdF8xODQ5NzA1QzY0MkMyMTdFMEIyRDo=

Basic Authorization is one of HTTP basic authentication methods, and uses username:password encoded in Base64. Eximbay API is used by putting the API key in the username and not the password.

Request protocol settings

All requests to the Eximbay API endpoint must follow the HTTPS protocol. This is because information encoded in Base64 can be easily decoded. SSL/TLS versions less than Transport Layer Security (TLS) 1.2 support only TLS versions 1.2 and higher because of weak security.