All synchronous calls are authenticated via Basic HTTP Authentication.
The following calls are asynchronous and require DIGEST verification to ensure that the original message has not been changed:
- POST-redirects
- Event hook notifications (webhooks)
Paynova uses the SHA-1 hash function. Details on how to calculate the DIGEST hash are described in each relevant section.