Backend Integration

Setup

You can start by downloading your private and public keys to encrypt file and you also have to setup a notification URL so that DOKU can send a notification that the file being processed is completed.

Integration Steps

Upload File card registration via ABU SFTP Folder
Hit API Notification to DOKU
Consume Notification from DOKU
Download the result file from DOKU Result Folder

Access

DOKU will create user access for merchants to Read & Write in SFTP DOKU according to the environment. Merchants will send their IP for DOKU Whitelist.

Encryption Procedure

Merchants generate random String with length 32 digit Alfa Numeric as SALT.
Merchants encrypt plain card data using AES 256 Key Size, Chiper ECB, pkcs5 padding with SALT to Base64 encoded format. https://www.devglan.com/online-tools/aes-encryption-decryption
Merchants encrypt the SALT using a DOKU RSA Public Key 2048 bit - No Padding to Base64 encoded format. https://www.devglan.com/online-tools/rsa-encryption-decryption
Merchants put the data on file (txt format) with content format : {Length_Of_Encrypted_SALT}+{Encrypted_SALT}+{Encrypted_Plain_Card_Data}
- {Length_Of_Encrypted_SALT} : add padding left with "0", so there will be 4 digits (ex : 0344).
- {Encrypted_SALT} : in Base64 format.
- {Encrypted_Plain_Card_Data} : in Base64 format.
The txt file data ready to put on DOKU SFTP ./download/ folder

Decryption Procedure

Get the length of the Encrypted SALT:
- Extract the first 4 digits from the data. These 4 digits represent the length of the encrypted SALT.
- Cast this value into an integer, which will tell you how long the encrypted SALT is.
Extract the Encrypted SALT:
- Use the length obtained in Step 1.
- Extract a substring from the data starting at index 4. This substring runs from index 4 to (index 4 + the length of the encrypted SALT)
Decrypt the Encrypted SALT:
- Use Merchant RSA Private Key 2048 bit - No Padding decryption to decrypt the extracted Encrypted SALT value.
Extract the Encrypted Data:
- Now, get the remaining part of the card data, starting from index (4 + length of the Encrypted SALT) to the end of the data. This is the encrypted card data.
Decrypt the Encrypted Data:
- Use AES 256 with SALT obtained from step 3 to decrypt the encrypted card data.

Folder

SFTP File

In this document will explain in details how to create file for transaction using SFTP. File Upload

Before putting the file in SFTP, we first need to set up the file itself. You will need to create it in TXT Format.

Example .TXT File :

D000001999128616DOKU0001  5XXXXNNNNNNNNNNN   YYMMAAAAA00001
D000001999128616DOKU0002  5XXXXNNNNNNNNNNN   YYMMAAAAA00002

File Explanation

Field Name	Length	Type	Position	Description
`detail-identifier`	1	AN	1	Value 'D'
`merchant-id`	15	AN	2-16	Valid merchant ID or Payment Facilitator ID
`merchant-request-identifier-1`	10	AN	17-26	Tracking number for merchant, must be unique per batch file
`PAN number`	19	N	27-45	Old PAN Number
`Expiry Date`	4	N	46-49	YYMM Format
`merchant-request-identifier-2`	20	AN	50-69	Tracking number for merchant
`filler`	20	AN	70-89	Blank spaces

File Report

After transaction finish DOKU will generate report in TXT format, like Example below. Merchant can get the data in to folder “upload”.

D000000000000002AAAA0001  5185515000000334   5185515000000334   22122212VALID AAAAA00001          V                   
D000000000000002AAAA0002  5185693000000115   5185693000000115   22122212VALID AAAAA00002          V                   
D000000000000002AAAA0003  4005550010538560   5410221000000112   11052212UPDATEAAAAA00003

Field Name	Length	Type	Position	Description
detail-identifier	1	AN	1	Value 'D'
merchant-id	15	AN	2-16	Valid merchant ID or Payment Facilitator ID
merchant-request-identifier-1	10	AN	17-26	Tracking number for merchant
Old PAN Number	19	AN	27-45	Old PAN Number
New PAN Number	19	AN	46-64	New PAN Number
Old Expiry Date	4	N	65-68	YYMM Format
New Expiry Date	4	AN	69-72	YYMM Format
Reason Identifier	6	AN	73-78	Contains one of the following values for account requests that had a match: • UPDATE—Match made; update data provided (includes issuer Reason Codes R, B, and P) • CONTAC—Match made; account closed (includes Issuer Reason Code C) • EXPIRY—Match made; expiration date changed (includes Issuer Reason Code E) • VALID—No updates were found but the account is valid. • UNKNWN—The account number could not be found in the ABU database. (See the Response Indicator for further explanation.)
merchant-request-identifier-2	20	AN	79-98	Tracking number for merchant
response indicator	1	A	99	ABU Validation Response Indicator (displayed only when the Reason Identifier is VALID or UNKNWN) • V—matches the account as reported by the issuer • P—No match, participating BIN/ issuer • N—No match, non-participating BIN/issuer
filler	19	AN	100-118	Blank Spaces

Merchant Notification

Notification API

Request

Here is the sample of request header to notify DOKU

Client-Id: MCH-0001-10791114622547
Request-Id: fdb69f47-96da-499d-acec-7cdc318ab2fe
Request-Timestamp: 2020-08-11T08:45:42Z
Signature: HMACSHA256=1jap2tpgvWt83tG4J7IhEwUrwmMt71OaIk0oL0e6sPM=

Request Header Explanation

Parameter Description

Parameter	Description
`client-id`	Client ID retrieved from DOKU Back Office
`request-id`	Unique random string (max 128 characters) generated from merchant side to protect duplicate request
`request-timestamp`	Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z
`signature`	Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to this section to generate the signature

client-id

Client ID retrieved from DOKU Back Office

request-id

Unique random string (max 128 characters) generated from merchant side to protect duplicate request

request-timestamp

Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z

signature

Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to this section to generate the signature

Merchant Notify to DOKU

After merchants put file data in SFTP, merchants will trigger DOKU to get data file in SFTP with this API.

Format: REST API (JSON)

Type Value

Type	Value
HTTP Method	POST
API endpoint (Sandbox)	`https://api-sandbox.doku.com/abu/notify`
API endpoint (Production)	`https://api.doku.com/abu/notify`

HTTP Method

POST

API endpoint (Sandbox)

https://api-sandbox.doku.com/abu/notify

API endpoint (Production)

https://api.doku.com/abu/notify

Request Body

Parameter	Data Type	Type	Description
file_name	String(128)	Mandatory	File name merchant put in DOKU sftp download folder

Parameter

Data Type

Type

Description

file_name

String(128)

Mandatory

File name merchant put in DOKU sftp download folder

Example Request:

{
  "file_name": "example.txt"
}

Response Body

name

String (128)

Mandatory

File name

status

String (128)

Mandatory

IN_PROCESS response

error.code

String (128)

Optional

Response Code

error.message

String (128)

Optional

Response Message

error.type

String (128)

Optional

Error Type

Example Response Success:

Http status code: 201

{
  "name": "example.txt",
  "status": "IN_PROCESS"
}

List of error message

invalid header signature

invalid_signature

400

Invalid Signature

idempotent request

idempotent_request

400

Double request with same request id under 20 second

file_name must not be empty

invalid_parameter

400

Not input object file_name

File not found in SFTP

not_found

404

File not found in DOKU sftp download folder

DOKU Notify to Merchant

After DOKU create report in SFTP, DOKU will notify merchant to get report.

Guide how to handle payment notification can refer to: https://jokul.doku.com/docs/docs/http-notification/overview

Request

Format: REST API (JSON)

service.id

string

Mandatory

Batch Upload Service

batch_file.name

string

Mandatory

Batch file Upload name

batch_file.status

string

Mandatory

Status of processed file Done

batch_file.date

timestamp

Mandatory

Date file finish processed

Example :

{
  "service": {
    "id": "ABU"
  },
  "abu_file": {
    "name": "example.txt",
    "status": "DONE",
    "message": "SUCCESS",
    "date": "2021-07-29T13:52:53Z"
  }
}

PreviousMastercard Automatic Billing Updater (ABU) Integration Guide Nexte-Wallet

Last updated 15 days ago