Appcharge to Publisher Secure Communication

All communications between the Appcharge and the system are authenticated and secure using HTTPS and authentication methods such as secret tokens and signature hashing.
The 2 systems are comunecatiing via APIs and webhooks depand on the triger to the comunecation.

Appcharge uses signature hashing for webhooks to secure communication between the two platforms.
The main key can be found in the Appcharge dashboard, Admin panel, and Integration tab. When a request is made, Ap[pcharge includes a unique account token and generates a hash signature using a secret key. This signature is then attached to the request. The publisher server receives the request and verifies the signature by recalculating the hash with the same secret key and comparing it with the received signature. If the signatures match, the request is authenticated, ensuring data integrity and preventing unauthorized access.

We use account tokens to communicate between the publisher and Appcharge via APIs. When a request is made, the publisher includes a unique account token. The Appcharge server receives the request and verifies the token. If it matches, the request is authenticated, ensuring data integrity and preventing unauthorized access.