The Gr8Pay API is organized around SOAP. Our API accepts form-encoded request bodies, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs.


Integration with the Gr8Pay webservices services requires generating a hashed signature.

The SHA256 hash function is used to validate the integrity of the data, for more information on SHA256 see:

Your Personal Hash Key is managed in the Merchant Control Panel under Global Settings.

Steps to create the signature.

  • Concatenate the required parameters values, the list of required parameters is explained in the signature field on the API of the service you wish to use.
  • Add your Personal Hash Key to the end of the concatenated string.
  • Apply SHA256 hash to the string.
  • Convert the hash result to Base64.
  • URL encode the Base64 result if using GET mode.
  • Now that you have a signature, Include the result as a value of the signature field in the request.

Example with the following values:
CompanyNum = 1234567
TransType = 1
TypeCredit = 1
Amount = 5.4
Currency = 1
CardNum = 4580000000000000
RefTransID = 1234
PersonalHashKey = AU7E468HNF

CompanyNum + TransType + TypeCredit + Amount + Currency + CardNum + RefTransID + PersonalHashKey
“1234567” + “1” + “1” + “5.4” + “1” + “4580000000000000” + “1234” + “AU7E468HNF”


Result: “PTpzX9OACBC+V3Fd9+TNCehnwIfqMaXmnUtsZMSRyVo=

Code Example

The following examples show how the signature should be built in various languages.

All examples are using the string “1234567ABCDEFGHIJ” as input.

The correct output with URLEncoded is “yZo3as0hwZMOO%2bVO0sTXSg%3d%3d”.
The correct output without URLEncoded is “yZo3as0hwZMOO+VO0sTXSg==”.

Visual BasicC#PHP