Useful Tip

Paga API includes a header parameter called a hash.

Hash utilises SHA-512 cryptographic encryption mechanism.

Across Paga API, you’ll be mandated to parse a header parameter called hash, the variable required to create the hash will vary across the respective endpoint you’re consuming.

How to create a hash for your request

  1. Confirm the API end-point header requires a hash.

    • We will use Deposit To Bank as a case study. This end-point requires a hash in the request header
  2. Concatenate the parameter value in the order specified in the documentation.


Hash RequirementExample InputDescription
referenceNumber3300932297A unique reference number representing this request.
amount5000Amount to send.
destinationBankUUID10An id uniquely identifying a Bank on Paga.
destinationBankAccountNumber0000000000The Paga bank UUID identifying the bank to which the deposit will be made.
hashkeyd9257ca...Your hashkey is the same as HMAC. You can retrieved from your Paga Business Account dashboard

The concatenated string is formed using (referenceNumber + amount + destinationBankUUID + destinationBankAccountNumber + hashkey) to become




Your hash-key is the same as HMAC you retrieved from your Paga Business Account dashboard.

  1. Encrypt concatenated string with SHA-512 algorithm.

    a. Encrypt the string generated string using SHA-512. You may use this tool here.

What’s Next