# 2. Validate Request

### API Endpoints

{% tabs %}
{% tab title="Production Endpoint" %}

```
Production Base URL /api/GenToken/Validate
```

{% endtab %}

{% tab title="Sandbox Endpoint" %}

```
Sandbox Base URL /api/GenToken/Validate
```

{% endtab %}
{% endtabs %}

#### **Sample Request & Response**

Use the below parameters and hashing function for order creation. The request should contain the following inputs to make sure inputs should be encrypted using our hashing function show in the following example to prevent exposure. For parameters description please refer [here](https://kwpaydocs.casheer.com/parameters-and-description)

{% tabs %}
{% tab title="Sample Request" %}

```
  {
  "merchantCode": "xxxxx",
  "authKey": "xxxxxxxxx",
  "currency": "KWD",   
  "pc": "DIRECTPAY",  
  "tunnel": "",    
  "amount": 1 ,   
  "doConvert": "N",
  "sourceCurrency":"conditional",
  "description": "optional",
  "referenceID": "(15 digit random number)",     
  "timeStamp": "yyyy/MM/dd HH:mm:ss tt",
  "language": "en",
  "callbackURL": "Your website URL",
  "hash": "ComputedHash",  
  "userReference": 0,   
  "billingDetails": 
  {
  "fName": "First Name",
  "lName": "last Name",
  "mobile": "mobile",
  "email": "email",
  "city": "city",
  "pincode": "pincode",
  "state": "state", // ISD code for state/region
  "address1": "address1",
  "address2": "address2",
  "country":"KW" // ISD Two letter country code 
  }
}
```

{% endtab %}

{% tab title="Sample Response" %}

```
   "errorCode": 0,
   "errorMessgae": "string",
   "result": 
    {
     "redirectURL": "string",
     "tokenID": "string",    
     "orderAmount": 0,
     "paidAmount": 0,
     "serviceAmount": 0,
     "commissionAmount": 0,   
     "originalAmount": "string"
    }
}  
```

{% endtab %}
{% endtabs %}

Upon receiving the response, the merchant must verify the errorCode. If the errorCode is 0, the merchant should parse the result object and proceed to invoke the InitiatePay API, as detailed in the subsequent step.