Dear Zerodha, @sujith The postbacks we are receiving are not adhering to the checksum signature. We use sha-256(order_id + exchange_update_time + api_secret) to calculate checksum at our end. Checksum that is a field in the JSON is matching with the calculated checksum for some of the postback JSONs while it is not for some others. Please confirm that this is the formula used to calculate the checksum: sha-256(order_id + exchange_update_time + api_secret). Attaching the screenshot of list of order_ids on which we have run the verification and its verification result (May 22, 20202). Field 1: Serial number of the json since the start of the day which we have received. Field 2: OrderID Field 3: Boolean, indicating whether the checksum verification SUCCEEDed or FAILED (True --> SUCCESS) Please let us know whether the checksum you have calculated is matching with the agreed signature and the function we are using, i.e, sha-256(order_id + exchange_update_time + api_secret). Thanks a lot
You need to consider the order_timestamp and not the exchange_timestamp. I have asked the concerned team to update the documentation to be more specific.
I have asked the concerned team to update the documentation to be more specific.