> ## Documentation Index > Fetch the complete documentation index at: https://docs.chip-in.asia/llms.txt > Use this file to discover all available pages before exploring further. # Create a group > Create a group using the provided parameters. It serves as a tag for bank accounts. For example, `Vendor` or `Employee` tag. ## OpenAPI ````yaml _openapi-chip-send POST /send/groups openapi: 3.1.0 info: description: > This is CHIP Send API which enables you to programatically send funds via REST API. It also enables you to register and validate recipient bank accounts. # Prerequisites You will need the credentials to proceeed with this integration, which your CHIP Send Account to be created by CHIP Admin before hand. Please contact your CHIP Account Manager to get the credentials, by providing the details below: 1. Main email 1. List of approvers (email). If you need 2 approvals, please provide both emails. # Basic integration flow 4 things to test the whole integration flow: 1. Call [Accounts API](#/Accounts) 1. Call [Increase Send Limit API](#/Send%20Limits/send_limits_create) 1. Call [Add Bank Account API](#/Bank%20Accounts/bank_accounts_create) 1. Call [Create Send Instruction API](#/Send%20Instructions/send_instructions_create) # Endpoints Make sure to use the correct endpoint depending on the environment you're on. 1. Staging: [https://staging-api.chip-in.asia/api/](https://staging-api.chip-in.asia/api/) 1. Production: [https://api.chip-in.asia/api/](https://api.chip-in.asia/api/) # Credentials You will need 2 details for integration with CHIP Send: 1. **API Key** (used to construct a signing string and Authorization Header) 1. **API Secret** (used to sign the signing string) *You will need your **API Key** that you can obtain in the CHIP Send Dashboard. Please use this key as a bearer token in the Authorization header included in every request:* `Authorization: Bearer `. *Since this API is meant for performing high risk task such as sending payments, extra security measure has to be in place. Hence, you also need **API Secret** to sign the request that you made. This keys will never leave your server and shall be stored securely. For every request, you will need to include **epoch** that contains Unix time and **checksum** that contains hash for epoch signed with API Secret in every request header.* # Epoch value Epoch is a current unix timestamp where it is in seconds and have 10 character length. Example of epoch value is 1689826456. In PHP, epoch value can be retrieved by calling time() function. # Checksum Calculation To generate a checksum, it requires current unix timestamp (`epoch`), `api_key` and `api_secret`. *Note: epoch time must be less than 30 seconds from the current request and at least greater than current time.* Provided an epoch value is `1689826456`, api_key is `e0645c9e-fcf2-4f29-a327-202f7ed3d969` and api_secret is `a118729e-4243-4145-83b3-0b8cb213fe8e`, both epoch and api_key must be concatenated and sign with HMAC SHA512. The string that must be prepared is: `1689826456e0645c9e-fcf2-4f29-a327-202f7ed3d969` The checksum generated is: `45bee62dba8087ab1e7e767d92f8d6e26f8bd19ee5fd2fef6386bb9425976498a86ffdbddb7a49919998e993c20626196ea652320f438a9528d2b8c9d19ec266` Example Postman Pre-Request Script: ```js var epoch = (new Date).getTime(); var epochSecs = Math.floor( epoch / 1000 ); pm.collectionVariables.set("epoch", epochSecs); var data = epochSecs.toString() + environment["api_key"]; var hmacDigest = CryptoJS.enc.Hex.stringify(CryptoJS.HmacSHA512(data, environment["api_secret"])); pm.collectionVariables.set("checksum", hmacDigest); ``` *Note: JavaScript getTime() is in miliseconds while the unix timestamp is in seconds. Hence, it is required to divide it by 1000.* Example Ruby code: ```ruby epoch = Time.current.to_i application = Application.find_by(slug: "aaa") OpenSSL::HMAC.hexdigest OpenSSL::Digest.new('sha512'), application.api_secret, "#{epoch}#{application.api_key}" ``` Example PHP code: ```php - This is an API to get CHIP Send account information. Depending on your account agreement, you may only have one account. - name: Send Limits description: > Send Limit records incoming (coverted from collection - transaction_type: in) and outgoing (send to recipient - transaction_type: out) transactions in CHIP Send. To be able to send funds to third parties, you must have balance in your CHIP Send Account. Use Increase Chip Send Budget Allocation API to covert settlement (collection) amount to Send Limit. Please note in Staging / UAT environment, your convertible collection amount is set to MYR 1,000.00. In Production, it will reflect your actual upcoming settlement amount. - name: Bank Accounts description: This is an API to manage recipeint bank account details. - name: Send Instructions description: >- This is an API to perform a send instructions. This is the main API that you can benefit from CHIP Send. - name: Groups description: To manage grouping to group company bank account - name: Webhooks description: To manage webhook events for server-to-server notification paths: /send/groups: post: tags: - Groups summary: Create a group description: > Create a group using the provided parameters. It serves as a tag for bank accounts. For example, `Vendor` or `Employee` tag. operationId: groups_create parameters: - name: epoch in: header description: Unix epoch timestamp required: true schema: allOf: - $ref: '#/components/schemas/UnixTimestamp' - name: checksum in: header description: Refer to checksum calculation required: true schema: type: string requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/GroupBody' responses: '200': description: Successful response content: application/json: schema: $ref: '#/components/schemas/Group' example: id: 1 name: First Group created_at: 1619740800 updated_at: 1619740800 '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/UnauthorizedAction' '404': $ref: '#/components/responses/NotFound' components: schemas: UnixTimestamp: type: integer description: Unix timestamp (seconds) format: Unix timestamp (seconds) example: 1619740800 GroupBody: type: object description: This is group schema required: - name properties: name: type: string minimum: 1 maximum: 256 example: First Group Group: type: object description: This is group schema properties: id: type: integer format: int64 example: 1 name: type: string minimum: 1 maximum: 256 example: First Group created_at: readOnly: true description: Object creation time in UTC type: string format: date-time example: 1619740800 updated_at: readOnly: true description: Object creation time in UTC type: string format: date-time example: 1619740800 BadRequestResponse: type: object properties: message: type: string example: Bad request code: type: number example: 400 data: type: object example: {} UnauthorizedResponse: type: object properties: message: type: string example: Unauthorized code: type: number example: 401 data: type: object example: {} UnauthorizedActionResponse: type: object properties: message: type: string example: You are not authorized to perform this action code: type: number example: 403 data: type: object example: {} NotFoundResponse: type: object properties: message: type: string example: Record not found code: type: number example: 404 data: type: object example: {} responses: BadRequest: description: Bad request content: application/json: schema: $ref: '#/components/schemas/BadRequestResponse' Unauthorized: description: Unauthorized request content: application/json: schema: $ref: '#/components/schemas/UnauthorizedResponse' UnauthorizedAction: description: Unauthorized action request content: application/json: schema: $ref: '#/components/schemas/UnauthorizedActionResponse' NotFound: description: Record not found content: application/json: schema: $ref: '#/components/schemas/NotFoundResponse' securitySchemes: bearerAuth: type: http scheme: bearer ````