Example: generating a PASETO token
Follow this guide step by step to make sure that your tokens are correctly generated.
As specified in the Katalys ⇠ Merchant page, the Katalys API will accept (and in some cases, expect you to generate) v2.local
tokens.
For this example we will assume the following payload, key ID, and shared secret:
Payload
JSON{"exp":"2023-11-03T14:50:30Z","iat":"2023-11-03T14:50:30Z"}
Shared secret
CODEkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
(The letter
k
repeated 32 times.)Footer
JSON{"kid":"0a315660-4bb7-4228-9408-f4300733066f"}
Now we have everything we need to generate a token using the PASETO library of our choice. Passing all of the above should yield a valid token:
version = 'v2'
purpose = 'local'
payload = '{"exp":"2023-11-03T14:50:30Z","iat":"2023-11-03T14:50:30Z"}'
shared_secret = 'kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk'
footer = '{"kid":"0a315660-4bb7-4228-9408-f4300733066f"}'
generate_paseto_token(version, purpose, payload, shared_secret, footer)
// token: 'v2.local.R17UZaSjwDIOVGvfPfpZl3ff5mUOViu0we2uutl9VKSxyxCz_XlECXiolPl3Yh1A-lcfNQAYTb4-BiGQXCMP5SNa5yUrTyiy_kwFrLaV0pi2Q-6LZwPJdgX_mrnBS2OrOkdZ.IntcImtpZFwiOlwiMGEzMTU2NjAtNGJiNy00MjI4LTk0MDgtZjQzMDA3MzMwNjZmXCJ9Ig'
Use the above values to verify token generation. Using the exact inputs should yield the same token.
For maintainers: When updating the tokens in this guide consult this code snippet.