Host-To-Host Integration Guide
PreviousPayment Page Integration GuideNextMastercard Automatic Billing Updater (ABU) Integration Guide
Last updated
Was this helpful?
Last updated
Was this helpful?
If you are a PCI DSS-compliant merchant, you can use this type of integration to receive card payments to manages your own card, token, and UI.
Here is the overview of how to integrate process transaction using H2H API:
Prepare credit card form input / Get token list (Optional)
Hit Check 3DS to Get 3DS authentication ID and 3DS URL (Conditional)
Hit API Charge
Acknowledge payment result
Get Token List is Optional, only needed if you utilize DOKU's tokenization feature where you can send token instead of cards number to avoid security risk by sending sensitive data
Check 3DS Process is Conditional, it is required for payment type SALE, AUTHORIZE, INSTALLMENT but not required for MOTO & RECURRING, you may skip this process and proceed to Charge API
If you've previously made payment and you or your customer choose to save the credit card info You may use this Get Token List API show the saved card of your customers. this API can be used to obtain token from other payment method such as OVO, BRI Direct Debit, Allobank, etc that also uses tokenization feature.
3D Secure (3DS) is an authentication protocol used in online credit card transactions to enhance security and reduce fraud. It requires the cardholder to complete an additional verification step with their issuing bank before the transaction is approved. This process helps confirm that the legitimate cardholder is making the purchase.
API Request
HTTP Method
POST
API endpoint (Sandbox)
https://api-sandbox.doku.com/credit-card/check-three-d-secure
API endpoint (Production)
https://api.doku.com/credit-card/check-three-d-secure
Here is the sample of request header to get 3DS authentication:
Request Header Explanation
Client-Id
Client ID retrieved from DOKU Back Office
Request-Id
Unique random string (max 128 characters) generated from merchant side to protect duplicate request
Request-Timestamp
Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z
Signature
Here is the sample request body to get 3DS authentication:
Request Body Explanation
order.amount
number
Mandatory
In IDR Currency and without decimal
Allowed chars: numeric
Max length: 12
order.invoice_number
string
Optional
Invoice number of the transaction, if brought use consistent invoice number during charge as well Recommended to bring
card.token
string
Conditional
Card token generated by DOKU, can be used if you already activate tokenizationeither card.token or card.number must be sent
card.number
string
Conditional
Card numbe printed on card either card.token or card.number must be sent
card.expiry
string
Mandatory
Card expiry date, can be optional if you sent card.token
Format: MMYY
three_dsecure.callback_url_success
string
Mandatory
After 3DS process success, customer will be redirected to this page
three_dsecure.callback_url_failed
string
Mandatory
After 3DS process success, customer will be redirected to this page
API Response
After hitting the above API request, DOKU will give the response.
HTTP Status
200
Result
SUCCESS
Here is the sample response header:
Response Header Explanation
Client-Id
Same as the request
Request-Id
Same as the request
Response-Timestamp
Timestamp Response on UTC with format ISO8601 UTC+0 from DOKU
Signature
Signature generated by DOKU based on the response body
Here is the sample of response body:
Response Body Explanation
order.amount
number
Mandatory
Same as the request
three_dsecure.enrollment_status
boolean
Mandatory
Card 3D Secure enrollment status
Possible value: true, false
three_dsecure.authentication_id
string
Mandatory
3DS process ID to use on API Charge
three_dsecure.authentication_url
string
Optional
3DS page if the three_dsecure.enrollment_status is true
After the customer is redirected to the 3DS success page, then your backend must trigger the API Charge to DOKU:
API Request
HTTP Method
POST
API endpoint (Sandbox)
https://api-sandbox.doku.com/credit-card/charge
API endpoint (Production)
https://api.doku.com/credit-card/charge
Here is the sample of request header to charge the transaction:
Request Header Explanation
Client-Id
Client ID retrieved from DOKU Back Office
Request-Id
Unique random string (max 128 characters) generated from merchant side to protect duplicate request
Request-Timestamp
Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z
Signature
Here is the sample request body to charge the transaction:
Request Body Explanation
order.amount
number
Mandatory
In IDR Currency and without decimal
Allowed chars: numeric
Max length: 12
order.invoice_number
string
Mandatory
Generated by merchant to identify the order
Allowed chars: alphabetic, numeric, special chars
Max length: 30
(27 If you have Mandiri Acquirer)
order.descriptor
string
Optional
Custom value to print on customer's billing statement, please contact our Integration Team first
order.line_items.name
string
Optional
Name of the product item
Allowed chars: alphabetic, numeric, special chars
Max Length: 255
order.line_items.price
number
Optional
Price of the product item. Total price and quantity must match with the order.amount
Allowed chars: numeric
Max Length: 12
order.line_items.quantity
number
Optional
Quantity of the product item
Allowed chars: numeric
Max Length: 4
customer.id
string
Conditional
Unique customer identifier generated by merchant. Mandatory if merchant wants to use tokenization feature.
Allowed chars: alphabetic, numeric, special chars
Max Length: 50
customer.name
string
Recommended
Customer name
Allowed chars: alphabetic
Max Length: 255
customer.email
string
Conditional
Customer email
Allowed chars: alphabetic, numeric, special chars
Bringing the proper email will improve Credit Card Approval Rate bringing atleast one of customer.email or customer.phone is mandatory
Max Length: 128
customer.phone
string
Conditional
Customer phone number. Format: {calling_code}{phone_number}. Example: 6281122334455
Allowed chars: numeric
Max Length: 16
customer.address
string
Optional
Customer address
Allowed chars: alphabetic, numeric, special chars
Max Length: 400
customer.country
string
Optional
2 alphabetic country code ISO 3166-1
Allowed chars: alphabetic
Min-max Length: 2
three_dsecure.authentication_id
string
Mandatory
obtained in the response during Check 3DS API
payment.type
string
Mandatory
Payment type
Possible value: SALE, AUTHORIZE, INSTALLMENT, MOTO, RECURRING
payment.tenor
string
Conditional
Chosen Installment Tenor for this transaction
Mandatory if payment.type ='INSTALLMENT'
eg: 3, 6, 9, 12
payment.plan_id
string
Optional
Promotion ID from the bank for merchant if you have special collaboration with issuer
card.token
string
Conditional
Card token generated by DOKU, for 3ds transaction please bring three_dsecure.authentication_id only
card.number
string
Conditional
Card number, can be optional if you sent card.token
card.expiry
string
Conditional
Card expiry date, can be optional if you sent card.token
Format: MMYY
card.cvv
string
Mandatory
Card CVV, Optional if payment.type is MOTO or RECURRING
card.save
boolean
Optional
Set true if you are using card.number andwant to tokenize the card for the next payment
Possible value: true, false
Default value: false
API Response
After hitting the above API request, DOKU will give the response.
HTTP Status
200
Result
SUCCESS
Here is the sample response header:
Response Header Explanation
Client-Id
Same as the request
Request-Id
Same as the request
Response-Timestamp
Timestamp Response on UTC with format ISO8601 UTC+0 from DOKU
Signature
Signature generated by DOKU based on the response body
Here is the sample of response body:
Response Body Explanation
order.invoice_number
string
Mandatory
Same as the request
order.amount
number
Mandatory
Same as the request
customer.id
string
Optional
Same as the request
payment.type
string
Mandatory
Same as the request
payment.identifier.name
string
Mandatory
Additional payment info name
payment.identifier.value
string
Mandatory
Additional payment info value
payment.request_id
string
Mandatory
Request ID sent on merchant's request header
payment.authorize_id
string
Optional
Authorize ID for authorize transaction. Mandatory if payment.type is AUTHORIZE
payment.response_code
string
Mandatory
Reponse code generated by DOKU / Acquirer
payment.response_message
string
Mandatory
Response message generated by DOKU / Acquirer
payment.status
string
Mandatory
Payment status
Possible value: SUCCESS, FAILED, PENDING
payment.eci
string
Mandatory
ECI for this transaction
payment.approval_code
string
Optional
Approval code for success transaction generated by acquirer
three_dsecure.authentication_id
string
Mandatory
Same as the request
card.masked
string
Optional
Card masked number
card.type
string
Mandatory
Card type
Possible value: CREDIT, DEBIT
card.issuer
string
Mandatory
Card issuer
card.brand
string
Mandatory
Principal brand
VISA, MASTER, JCB, AMEX
card.token
string
Optional
Card token generated by DOKU if card.save is true
INFO
You can check the list of possible response code and how to handle them here
After the payment is being made by your customer, DOKU will send HTTP Notification to your defined Notification URL. Learn how to handle the notification from DOKU:
Here is the overview of how to integrate MOTO payment:
Prepare credit card form input / Get token list
Hit API Charge
Acknowledge payment result
You can create credit card form input on your end, so that your customer can input their credit card number, expiry date, and CVV.
If you save the card token from DOKU side, you can use Get Token List show the saved card of your customers.
After the customer input the credit card, then your backend must trigger the API Charge to DOKU:
API Request
HTTP Method
POST
API endpoint (Sandbox)
https://api-sandbox.doku.com/credit-card/charge
API endpoint (Production)
https://api.doku.com/credit-card/charge
Here is the sample of request header to charge the transaction:
Request Header Explanation
Client-Id
Client ID retrieved from DOKU Back Office
Request-Id
Unique random string (max 128 characters) generated from merchant side to protect duplicate request
Request-Timestamp
Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z
Signature
Here is the sample request body to charge the transaction:
Request Body Explanation
order.amount
number
Mandatory
In IDR Currency and without decimal
Allowed chars: numeric
Max length: 12
order.invoice_number
string
Mandatory
Generated by merchant to identify the order
Allowed chars: alphabetic, numeric, special chars
Max length: 64
order.descriptor
string
Optional
Custom value to print on customer's billing statement, please contact our Integration Team first
order.line_items.name
string
Optional
Name of the product item
Allowed chars: alphabetic, numeric, special chars
Max Length: 255
order.line_items.price
number
Optional
Price of the product item. Total price and quantity must match with the order.amount
Allowed chars: numeric
Max Length: 12
order.line_items.quantity
number
Optional
Quantity of the product item
Allowed chars: numeric
Max Length: 4
customer.id
string
Conditional
Unique customer identifier generated by merchant. Mandatory if merchant wants to use tokenization feature.
Allowed chars: alphabetic, numeric, special chars
Max Length: 50
customer.name
string
Optional
Customer name
Allowed chars: alphabetic
Max Length: 255
customer.email
string
Optional
Customer email
Allowed chars: alphabetic, numeric, special chars
Max Length: 128
customer.phone
string
Optional
Customer phone number. Format: {calling_code}{phone_number}. Example: 6281122334455
Allowed chars: numeric
Max Length: 16
customer.address
string
Optional
Customer address
Allowed chars: alphabetic, numeric, special chars
Max Length: 400
customer.country
string
Optional
2 alphabetic country code ISO 3166-1
Allowed chars: alphabetic
Min-max Length: 2
payment.type
string
Mandatory
Payment type
Possible value: SALE, MOTO, RECURRING, AUTHORIZE
card.token
string
Conditional
Token generated by DOKU
Either card.token or card.number is mandatory (only 1 needed)
card.number
string
Conditional
Card number (PAN)
Either card.token or card.number is mandatory (only 1 needed)
card.expiry
string
Conditional
Card expiry date, not needed if you sent card.token
Format: MMYY
card.save
boolean
Optional
Set true if you are using card.number andwant to tokenize the card for the next payment
Possible value: true, false
Default value: false
API Response
After hitting the above API request, DOKU will give the response.
HTTP Status
200
Result
SUCCESS
Here is the sample response header:
Response Header Explanation
Client-Id
Same as the request
Request-Id
Same as the request
Response-Timestamp
Timestamp Response on UTC with format ISO8601 UTC+0 from DOKU
Signature
Signature generated by DOKU based on the response body
Here is the sample of response body:
Response Body Explanation
order.invoice_number
string
Mandatory
Same as the request
order.amount
number
Mandatory
Same as the request
customer.id
string
Optional
Same as the request
payment.type
string
Mandatory
Same as the request
payment.identifier.name
string
Mandatory
Additional payment info name
payment.identifier.value
string
Mandatory
Additional payment info value
payment.request_id
string
Mandatory
Request ID sent on merchant's request header
payment.authorize_id
string
Optional
Authorize ID for authorize transaction. Mandatory if payment.type is AUTHORIZE
payment.response_code
string
Mandatory
Reponse code generated by DOKU / Acquirer
payment.response_message
string
Mandatory
Response message generated by DOKU / Acquirer
payment.status
string
Mandatory
Payment status
Possible value: SUCCESS, FAILED, PENDING
payment.eci
string
Mandatory
ECI for this transaction
payment.approval_code
string
Optional
Approval code for success transaction generated by acquirer
card.masked
string
Optional
Card masked number
card.type
string
Mandatory
Card type
Possible value: CREDIT, DEBIT
card.issuer
string
Mandatory
Card issuer
card.brand
string
Mandatory
Principal brand
VISA, MASTER, JCB, AMEX
card.token
string
Optional
Card token generated by DOKU if card.save is true
After the payment is being made by your customer, DOKU will send HTTP Notification to your defined Notification URL. Learn how to handle the notification from DOKU:
Here is the overview of how to integrate AUTHORIZE CAPTURE payment:
Prepare credit card form input / Get token list
Get 3DS authentication ID and 3DS URL
Hit API Charge
Hit API Capture
Acknowledge payment result
You can create credit card form input on your end, so that your customer can input their credit card number, expiry date, and CVV.
If you save the card token from DOKU side, you can use Tokenization to show the saved card of your customers.
To get 3DS authentication, you will need to hit this API through your backend:
API Request
HTTP Method
POST
API endpoint (Sandbox)
https://api-sandbox.doku.com/credit-card/check-three-d-secure
API endpoint (Production)
https://api.doku.com/credit-card/check-three-d-secure
Here is the sample of request header to get 3DS authentication:
Request Header Explanation
Client-Id
Client ID retrieved from DOKU Back Office
Request-Id
Unique random string (max 128 characters) generated from merchant side to protect duplicate request
Request-Timestamp
Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z
Signature
Here is the sample request body to get 3DS authentication:
Request Body Explanation
order.amount
number
Mandatory
In IDR Currency and without decimal
Allowed chars: numeric
Max length: 12
card.token
string
Optional
Card token generated by DOKU, can be used if you already activate tokenization
card.number
string
Mandatory
Card number, can be optional if you sent card.token
card.expiry
string
Mandatory
Card expiry date, can be optional if you sent card.token
Format: MMYY
three_dsecure.callback_url_success
string
Mandatory
After 3DS process success, customer will be redirected to this page
three_dsecure.callback_url_failed
string
Mandatory
After 3DS process success, customer will be redirected to this page
API Response
After hitting the above API request, DOKU will give the response.
HTTP Status
200
Result
SUCCESS
Here is the sample response header:
Response Header Explanation
Client-Id
Same as the request
Request-Id
Same as the request
Response-Timestamp
Timestamp Response on UTC with format ISO8601 UTC+0 from DOKU
Signature
Signature generated by DOKU based on the response body
Here is the sample of response body:
Response Body
order.amount
number
Mandatory
Same as the request
three_dsecure.enrollment_status
boolean
Mandatory
Card 3D Secure enrollment status
Possible value: true, false
three_dsecure.authentication_id
string
Mandatory
3DS process ID to use on API Charge
three_dsecure.authentication_url
string
Optional
3DS page if the three_dsecure.enrollment_status is true
After the customer is redirected to the 3DS success page, then your backend must trigger the API Charge to DOKU:
API Request
HTTP Method
POST
API endpoint (Sandbox)
https://api-sandbox.doku.com/credit-card/charge
API endpoint (Production)
https://api.doku.com/credit-card/charge
Here is the sample of request header to charge the transaction:
Request Header Explanation
Client-Id
Client ID retrieved from DOKU Back Office
Request-Id
Unique random string (max 128 characters) generated from merchant side to protect duplicate request
Request-Timestamp
Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z
Signature
Here is the sample request body to charge the transaction:
Request Body Explanation
order.amount
number
Mandatory
In IDR Currency and without decimal
Allowed chars: numeric
Max length: 12
order.invoice_number
string
Mandatory
Generated by merchant to identify the order
Allowed chars: alphabetic, numeric, special chars
Max length: 64
order.descriptor
string
Optional
Custom value to print on customer's billing statement, please contact our Integration Team first
order.line_items.name
string
Optional
Name of the product item
Allowed chars: alphabetic, numeric, special chars
Max Length: 255
order.line_items.price
number
Optional
Price of the product item. Total price and quantity must match with the order.amount
Allowed chars: numeric
Max Length: 12
order.line_items.quantity
number
Optional
Quantity of the product item
Allowed chars: numeric
Max Length: 4
customer.id
string
Conditional
Unique customer identifier generated by merchant. Mandatory if merchant wants to use tokenization feature.
Allowed chars: alphabetic, numeric, special chars
Max Length: 50
customer.name
string
Optional
Customer name
Allowed chars: alphabetic
Max Length: 255
customer.email
string
Optional
Customer email
Allowed chars: alphabetic, numeric, special chars
Max Length: 128
customer.phone
string
Optional
Customer phone number. Format: {calling_code}{phone_number}. Example: 6281122334455
Allowed chars: numeric
Max Length: 16
customer.address
string
Optional
Customer address
Allowed chars: alphabetic, numeric, special chars
Max Length: 400
customer.country
string
Optional
2 alphabetic country code ISO 3166-1
Allowed chars: alphabetic
Min-max Length: 2
three_dsecure.authentication_id
string
Mandatory
After 3DS process success, customer will be redirected to this page
payment.type
string
Mandatory
Payment type
Possible value: SALE, MOTO, AUTHORIZE
payment.plan_id
string
Optional
Promotion ID from the bank for merchant
card.token
string
Optional
Card token generated by DOKU, for 3ds transaction please bring three_dsecure.authentication_id only
card.number
string
Mandatory
Card number, can be optional if you sent card.token
card.expiry
string
Mandatory
Card expiry date, can be optional if you sent card.token
Format: MMYY
card.cvv
string
Mandatory
Card CVV, Optional if payment.type is MOTO
card.save
boolean
Optional
Set true if you want to force customer to save the card token for the next payment
Possible value: true, false
Default value: false
API Response
After hitting the above API request, DOKU will give the response.
HTTP Status
200
Result
SUCCESS
Here is the sample response header:
Response Header Explanation
Client-Id
Same as the request
Request-Id
Same as the request
Response-Timestamp
Timestamp Response on UTC with format ISO8601 UTC+0 from DOKU
Signature
Signature generated by DOKU based on the response body
Here is the sample of response body:
Response Body Explanation
order.invoice_number
string
Mandatory
Same as the request
order.amount
number
Mandatory
Same as the request
customer.id
string
Optional
Same as the request
payment.type
string
Mandatory
Same as the request
payment.identifier.name
string
Mandatory
Additional payment info name
payment.identifier.value
string
Mandatory
Additional payment info value
payment.request_id
string
Mandatory
Request ID sent on merchant's request header
payment.authorize_id
string
Mandatory
Authorize ID for authorize transaction. Mandatory if payment.type is AUTHORIZE
payment.response_code
string
Mandatory
Reponse code generated by DOKU / Acquirer
payment.response_message
string
Mandatory
Response message generated by DOKU / Acquirer
payment.status
string
Mandatory
Payment status
Possible value: SUCCESS, FAILED, PENDING
payment.eci
string
Mandatory
ECI for this transaction
payment.approval_code
string
Optional
Approval code for success transaction generated by acquirer
three_dsecure.authentication_id
string
Mandatory
Same as the request
card.masked
string
Optional
Card masked number
card.type
string
Mandatory
Card type
Possible value: CREDIT, DEBIT
card.issuer
string
Mandatory
Card issuer
card.brand
string
Mandatory
Principal brand
VISA, MASTER, JCB, AMEX
card.token
string
Optional
Card token generated by DOKU if card.save is true
DOKU will also send the HTTP Notification with the payment.authorize_id to your defined Notification URL.
After you get the payment.authorize_id, then your backend must trigger the API Charge to DOKU:
API Request
HTTP Method
POST
API endpoint (Sandbox)
https://api-sandbox.doku.com/credit-card/capture
API endpoint (Production)
https://api.doku.com/credit-card/capture
Here is the sample of request header to capture the transaction:
Request Header Explanation
Client-Id
Client ID retrieved from DOKU Back Office
Request-Id
Unique random string (max 128 characters) generated from merchant side to protect duplicate request
Request-Timestamp
Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z
Signature
Here is the sample request body to capture the transaction:
Request Body Explanation
payment.authorize_id
string
Mandatory
Authorize ID from the Charge API Response / HTTP Notification
payment.capture_amount
string
Optional
The value of transactions which will be paid by the customer. If undefined, capture full transaction.
API Response
After hitting the above API request, DOKU will give the response.
HTTP Status
200
Result
SUCCESS
Here is the sample response header:
Response Header Explanation
Client-Id
Same as the request
Request-Id
Same as the request
Response-Timestamp
Timestamp Response on UTC with format ISO8601 UTC+0 from DOKU
Signature
Signature generated by DOKU based on the response body
Here is the sample of response body:
Response Body Explanation
order.invoice_number
string
Mandatory
Same as the request
order.amount
number
Mandatory
Same as the request
customer.id
string
Optional
Same as the request
payment.type
string
Mandatory
Same as the request
payment.identifier.name
string
Mandatory
Additional payment info name
payment.identifier.value
string
Mandatory
Additional payment info value
payment.request_id
string
Mandatory
Request ID sent on merchant's request header
payment.authorize_id
string
Mandatory
Authorize ID for authorize transaction. Mandatory if payment.type is AUTHORIZE
payment.response_code
string
Mandatory
Reponse code generated by DOKU / Acquirer
payment.response_message
string
Mandatory
Response message generated by DOKU / Acquirer
payment.status
string
Mandatory
Payment status
Possible value: SUCCESS, FAILED, PENDING
payment.eci
string
Mandatory
ECI for this transaction
payment.approval_code
string
Optional
Approval code for success transaction generated by acquirer
three_dsecure.authentication_id
string
Mandatory
Same as the request
card.masked
string
Optional
Card masked number
card.type
string
Mandatory
Card type
Possible value: CREDIT, DEBIT
card.issuer
string
Mandatory
Card issuer
card.brand
string
Mandatory
Principal brand
VISA, MASTER, JCB, AMEX
card.token
string
Optional
Card token generated by DOKU if card.save is true
After the payment is being made by your customer, DOKU will send HTTP Notification to your defined Notification URL. Learn how to handle the notification from DOKU:
If something happens, you can see the following error code to find out what error is happening :
Check-three-d-secure
Invalid Client-Id
invalid_client_id
400
Invalid Client ID
Check-three-d-secure
Header Client-Id is required
invalid_header_request
400
empty client id
Check-three-d-secure
Invalid Header Signature
invalid_signature
400
Payment charge with invalid signature
Check-three-d-secure
Invalid CC Number LENGTH
INVALID_PARAMETER
400
Invalid CC Number LENGTH
Check-three-d-secure
Luhn Validation
INVALID_PARAMETER
400
Card number not valid
Check-three-d-secure
Expiry Date Validation
INVALID_PARAMETER
400
Invalid expiry date 2525
Check-three-d-secure
This field is required.,This merchant does not have three d secure configuration
INVALID_PARAMETER
400
invalid configuration / haven't 3ds mid
Check-three-d-secure
This card is not support three d secure
THREE_D_SECURE_AUTHENTICATION_FAILED
400
card not support 3ds / cannot connect to mpi
Charge
Invalid Client-Id
invalid_client_id
400
Invalid Client ID
Charge
empty client id
invalid_header_request
400
empty client id
Charge
size must be between 1 and 128
invalid_header_request
400
Payment charge with client id length more than max
Charge
Invalid format Header Request-Timestamp
invalid_header_request
400
Payment charge with invalid format request timestamp
Charge
Header Request-Timestamp is not in +- 10 second of now
invalid_header_request
400
Payment charge with request timestamp < now
Charge
Header Request-Timestamp is not in +- 10 second of now
invalid_header_request
400
Payment charge with request timestamp > now
Charge
Invalid Header Signature
invalid_signature
400
Payment charge with invalid signature
Charge
Invalid Header Signature
invalid_signature
400
Payment charge using signature has been used
Charge
Invalid Format Email
INVALID_PARAMETER
400
Payment charge with invalid format email
Charge
Invalid amount
INVALID_PARAMETER
400
Payment charge with amount contain comma
Charge
Invalid amount
INVALID_PARAMETER
400
Payment charge with amount contain dot
Charge
Expiry Date Validation
INVALID_PARAMETER
400
Payment charge with format expiry is YYMM
Charge
Expiry Date Validation
INVALID_PARAMETER
400
Payment charge with expiry date is expired
Charge
Invalid AuthenticationId.
INVALID_PARAMETER
400
invalid authentication_id
Charge
Country Is Not Exists
INVALID_PARAMETER
400
Payment charge with invalid country
Charge
Invalid CC Number LENGTH
INVALID_PARAMETER
400
Invalid CC Number LENGTH
Charge
Luhn Validation
INVALID_PARAMETER
400
Card number not valid
Charge
REQUEST ID IS NOT VALID
INVALID_PARAMETER
400
Payment charge with request id has been used for transaction
Charge
Unauthorized Transaction
MID_TID_NOT_EXIST
400
Payment charge sale using card rejected
Charge
Invalid Authentication Id
INVALID_PARAMETER
400
Invalid Authentication Id
Charge
Invalid Authentication Id
INVALID_PARAMETER
400
Different amount check 3ds & charge
Charge
Invalid Authentication Id
INVALID_PARAMETER
400
Three D Secure Process Not Yet Done (Not yet send OTP)
Charge
Line item 1 quantity must be not empty
INVALID_PARAMETER
400
Invalid line item (quantity is null)
Charge
Your transaction is detected to be concurrent, please create another transaction
DOUBLE_REQUEST_DETECTED
400
Concurent Request
Charge
Conflict
INVALID_PARAMETER
409
duplicate request with same request body
Charge
Precondition failed
INVALID_PARAMETER
412
duplicate request with different request body
Capture
Invalid Client-Id
invalid_client_id
400
Invalid Client ID
Capture
Header Client-Id is required
invalid_header_request
400
empty client id
Capture
Invalid Header Signature
invalid_signature
400
Payment charge with invalid signature
Capture
Authorize Id Must Not Be Blank
INVALID_PARAMETER
400
authorize_id is null
Capture
Failed Get Transaction
TRANSACTION_NOT_FOUND
400
Invalid authorize_id
Capture
Conflict
INVALID_PARAMETER
409
duplicate request with same request body
Capture
Precondition failed
INVALID_PARAMETER
412
duplicate request with different request body
Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to to generate the signature
Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to to generate the signature
Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to to generate the signature
Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to to generate the signature
Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to to generate the signature
Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to to generate the signature
