Notify — Classic uses the same HMAC-SHA512 request signing as all Ingo Payments products. The signature construction process is identical across all Ingo APIs.Documentation Index
Fetch the complete documentation index at: https://developers.ingopayments.com/llms.txt
Use this file to discover all available pages before exploring further.
Your HMAC credentials are provisioned by your Ingo integration manager
at onboarding. The secret is used locally to sign requests and is never
transmitted.
See the IngoPay API Authentication page
for the complete step-by-step signature construction guide, full HTTP
request example, and common error reference.
Authorization header format
Required headers
| Header | Description |
|---|---|
X-Date | Current timestamp in GMT/RFC 1123 format. ±300s clock skew allowed. |
Content-sha512 | Base64-encoded SHA-512 hash of the raw request body (RAW output, not hex). |
Content-Length | Byte length of the request body. |
Content-Type | Always application/json. |
Authorization | HMAC-SHA512 signature header (constructed last). |
Environments
| Environment | Base URL |
|---|---|
| Sandbox | https://payapi-sandbox.ingo.money |
| Production | https://payapi.ingo.money |
Notify-specific note
Theparticipant_id in your Notify — Classic request body identifies your
program. This is the same numeric identifier issued at onboarding alongside
your HMAC credentials. Include it in the request body — not in the headers.