Skip to content
Frequently asked questions

Frequently asked questions

Frequently asked questions when integrating SimplifyTrip Open APIs.

1. What is a signature and when should I use it?

  • A signature is a string used to verify data integrity when data is exchanged between your system and SimplifyTrip. It is generated from checksumKey and the corresponding data fields required by each API.

  • Every time you receive data from SimplifyTrip, you should verify the signature to ensure the payload is authentic and unchanged.

  • Common use cases:

    • Creating an order
    • Receiving order data via webhook

2. Why do I get an invalid signature error?

  • Check that your signature input fields are correct. First flatten the payload into a single-level object. Then sort fields alphabetically before generating the signature.

  • Make sure your payload is sent in the request body and in JSON format.

See Verify data with signature.

3. How do I keep my SimplifyTrip API integration secure?

  • Protect API keys: Never expose keys in public code. Store them in environment variables or secure config.
  • Authenticate users: Ensure only authorized users can access your API integration.
  • Encrypt sensitive data: Encrypt sensitive information before transmission.
Request Rate LimitSignature generator