Skip to main content
Skip table of contents

Example: generating a PASETO token

Follow this guide step by step to make sure that your tokens are correctly generated.

As specified in the Katalys ⇠ Merchant page, the Katalys API will accept (and in some cases, expect you to generate) v2.local tokens.

For this example we will assume the following payload, key ID, and shared secret:

  • Payload

    JSON
    {"exp":"2023-11-03T14:50:30Z","iat":"2023-11-03T14:50:30Z"}
  • Shared secret

    CODE
    kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk

    (The letter k repeated 32 times.)

  • Footer

    JSON
    {"kid":"0a315660-4bb7-4228-9408-f4300733066f"}

Now we have everything we need to generate a token using the PASETO library of our choice. Passing all of the above should yield a valid token:

JS
version = 'v2'
purpose = 'local'
payload = '{"exp":"2023-11-03T14:50:30Z","iat":"2023-11-03T14:50:30Z"}'
shared_secret = 'kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk'
footer = '{"kid":"0a315660-4bb7-4228-9408-f4300733066f"}'

generate_paseto_token(version, purpose, payload, shared_secret, footer)

// token: 'v2.local.R17UZaSjwDIOVGvfPfpZl3ff5mUOViu0we2uutl9VKSxyxCz_XlECXiolPl3Yh1A-lcfNQAYTb4-BiGQXCMP5SNa5yUrTyiy_kwFrLaV0pi2Q-6LZwPJdgX_mrnBS2OrOkdZ.IntcImtpZFwiOlwiMGEzMTU2NjAtNGJiNy00MjI4LTk0MDgtZjQzMDA3MzMwNjZmXCJ9Ig'

Use the above values to verify token generation. Using the exact inputs should yield the same token.


For maintainers: When updating the tokens in this guide consult this code snippet.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.