Core
Authentication
Authentication requirements for requests between TechFusion and PackNPay Osusu.
Authentication Model
This integration uses header-based authentication between TechFusion and PackNPay Osusu, but the required headers depend on the direction of the call.
PackNPay Osusu calls TechFusion using the TechFusion-issued x-api-key. TechFusion calls PackNPay Osusu using x-techfusion-api-key. Some TechFusion endpoints also require fsn-hash, but the inbound webhook documented here, POST /osusu/webhook/order-received, does not.
The API key and fsn hash are shared securely (for example, via encrypted email). Requests without valid required authentication headers return 401 Unauthorized.
Required Headers
| Field | Type | Required | Applies To | Description |
|---|---|---|---|---|
x-api-key | string | Yes | TechFusion inbound webhooks | Required for PackNPay Osusu requests to TechFusion, including POST /osusu/webhook/order-received. |
x-techfusion-api-key | string | Yes | PackNPay Osusu only | Required header for authenticating requests to PackNPay Osusu APIs. |
fsn-hash | string | Yes | Selected TechFusion endpoints | Additional required header for TechFusion endpoints that explicitly require it. Not needed for POST /osusu/webhook/order-received. |
Content-Type | string | Conditional | Any JSON body request | Use application/json for requests with JSON payloads. |
TechFusion Sandbox Keys
Use these TechFusion sandbox keys for test requests only.
| Field | Sandbox Value | Action |
|---|---|---|
x-api-key | lBDKHyUpeigOUvAJy9Yk0EbqAK | |
fsn-hash | 567000 |
Production keys will be shared securely.
PackNPay Osusu Sandbox Keys
Use these PackNPay Osusu sandbox keys for test requests to Osusu APIs.
| Field | Sandbox Value | Action |
|---|---|---|
x-techfusion-api-key | ARGUE3vg47g4m1GoTOfm6Q68lqapT/9W2Ql1IEaiFnl0= |
Production keys will be shared securely.