Updated encryption mode for payment API requests

What's new

Backend processing of any online payment in Ecwid store starts with receiving a POST request from Ecwid API to your paymentUrl endpoint. The incoming request contains an encrypted JSON with the order data.

From now on, the order data is encrypted with the aes-128-gcm mechanism instead of aes-128-cbc, and the encrypted data is stored in the enc_data JSON object instead of the data.

Changes in API

POST requests coming to the paymentUrl endpoint now have two JSON objects with the order data:

  • The new enc_data object encrypted with the aes-128-gcm mechanism.

Documentation now includes parse examples for this method:

  • Old data object that uses aes-128-cbc for encryption.

Last updated

Was this helpful?