Payment Page Integration Guide
Last updated
Last updated
DOKU API
Legacy DocumentationIf you are non-PCI DSS compliance, you can use this type of integration to ensure that the Cards data of the customer is securely processed by DOKU.
Here is the overview of how to integrate with Cards channel:
Generate payment URL (Cards payment page)
Display payment URL (Cards payment page)
Create test payment
Acknowledge payment result
To generate a payment URL, you will need to hit this API through your backend:
API Request
| Type | Value |
|---|---|
HTTP Method | POST |
API endpoint (Sandbox) |
|
API endpoint (Production) |
|
Here is the sample of request header to generate the payment URL:
| Parameter | Description |
|---|---|
| Client ID retrieved from DOKU Back Office |
| Unique random string (max 128 characters) generated from merchant side to protect duplicate request |
| Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z |
| Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to this section to generate the signature |
Here is the sample request body to generate payment URL:
| Body Parameter | Type` | Mandatory | Description |
|---|---|---|---|
| number | Mandatory | In IDR Currency and without decimal |
| string | Mandatory | Generated by merchant to identify the order
Allowed chars: |
| string | Conditional | Merchant URL that will redirected to after the order success. Mandatory if merchant set |
| string | Conditional | Merchant URL that will redirected to after the order failed. If not set, then will redirect to |
| string | Mandatory | Redirection to defined |
| string | Optional | Name of the product item.
Max Length: |
| number | Conditional | Price of the product item. Total price and quantity must match with the |
| number | Conditional | Quantity of the product item. |
| string | Optional | Custom string to be printed on Customer's billing statement history on issuing side, Please contact DOKU team to manually configure this feature first |
| string | optional | Card token generated by DOKU. If you sent this, then the customer's Card will be pre-filled in the Card Number field. |
| boolean | Optional | Set |
| string | Conditional | Unique customer identifier generated by merchant. Mandatory if merchant wants to use tokenization feature. |
| string | Recommended | Customer Name |
| string | Conditional | Customer email.
Mandatory if |
| string | Conditional | Customer phone number. Format: |
| string | Optional | Customer address |
| string | Optional | 2 alphabetic country code ISO 3166-1 |
| string | Optional | Default language that will be displayed on the Payment Page
Possible value: English |
| string | Optional | HEX color code for the payment page background color. Example: |
| string | Optional | HEX color code for the payment page font color. Example: |
| string | Optional | HEX color code for the payment page button background color. Example: |
| string | Optional | HEX color code for the payment page button font color. Example: |
| string | Optional | BIN that will get the promo |
| number | Optional | Promo Discount if BIN input matched
(final amount = |
| number | Optional | Transaction only accept BIN listed here |
| number | Optional | Transaction only accept installment tenor listed here |
| string | Optional | This parameter is intended to override the configured |
| object | Optional | Bring this if you want to customer to opt-in customer has agreed to the payment disclaimer |
| object | Optional | disclaimer message in Indonesian |
| object | v | disclaimer message in English(default) |
| string | Conditional | Bring this if you have more than 1 type of Cards payment type to specify how you want this transaction to be processed (Possible Values : |
| string | Optional | Brings this if the payment type is 'authorize' but you wish to capture the transaction right away as if it was a SALE transaction
|
| string | Conditional | Becomes mandatory if transaction type is |
| number | Conditional | Becomes mandatory if transaction type is |
Payment Type
Sale: A transaction where funds are immediately transferred from the customer's account to the merchant's account.
Authorize-Capture: A two-step transaction where funds are first reserved (authorized) and later transferred (captured) from the customer's account to the merchant's account.
Installment: A transaction where the total amount is split into multiple smaller payments over a specified period.
MOTO (Mail Order/Telephone Order): A transaction where payment does not require CVV or OTP, suitable for subscription payment type.
Recurring: A transaction where payment does not require CVV or OTP, suitable for subscription payment type, with the latest specification more secure compared to MOTO.
API Response
After hitting the above API request, DOKU will give the response.
| Type | Value |
|---|---|
HTTP Status | 200 |
Result | SUCCESS |
Here is the sample response header:
| Parameter | Description |
|---|---|
| Client ID retrieved from DOKU Back Office |
| Unique random string (max 128 characters) generated from merchant side to protect duplicate request |
| Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z |
| Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to this section to generate the signature |
Here is the sample of response body:
| Body Parameter | Type | Mandatory | Description |
|---|---|---|---|
|
| Mandatory | Same as the request |
|
| Optional | Same as the request |
|
| Optional | Same as the request |
| number | Optional | Same as the request |
| number | Optional | Transaction session id |
| string | Mandatory | Cards Payment Page URL generated by DOKU that merchant displays to the customer |
| string | Optional | Same as the request |
INFO
DOKU provides risk assessment for card transactions, your customer data sent to us will help manage your risk of every transaction.
You can display the payment URL as an iFrame or as a dedicated page to your customer by using credit_card_payment_page.url the retrieved from API Response. Here is the sample of Cards on the iFrame:
You can try the payment with various Cards listed here:
After the payment is made by your customer, DOKU will send HTTP Notification to your defined Notification URL. Learn how to handle the notification from DOKU:
INFO
You can check the list of possible response code and how to handle them here
We provide various additional features to suit your needs. Learn more here.
If you bring payment.type ='AUTHORIZATION' you need to capture the transaction within 7 days to have the amount actually transferred to your settlement balance.
After you get the payment.authorize_idin notification HTTP, then your backend must trigger the API Charge to DOKU:
API Request
| Type | Value |
|---|---|
HTTP Method | POST |
API endpoint (Sandbox) |
|
API endpoint (Production) |
|
Here is the sample of request header to capture the transaction:
| Parameter | Description |
|---|---|
| Client ID retrieved from DOKU Back Office |
| Unique random string (max 128 characters) generated from merchant side to protect duplicate request |
| Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z |
| Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to this section to generate the signature |
Here is the sample request body to capture the transaction:
Request Body Explanation
| Parameter | Type | Mandatory | Description |
|---|---|---|---|
|
| Mandatory | Authorize ID from the Charge API Response / HTTP Notification |
|
| Optional | The value of transactions which will be paid by the customer. If undefined, capture full transaction. |
API Response
After hitting the above API request, DOKU will give the response.
| Type | Value |
|---|---|
HTTP Status | 200 |
Result | SUCCESS |
Here is the sample response header:
| Parameter | Description |
|---|---|
| Client ID retrieved from DOKU Back Office |
| Unique random string (max 128 characters) generated from merchant side to protect duplicate request |
| Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z |
| Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to this section to generate the signature |
Here is the sample of response body:
Response Body Explanation
| Parameter | Type | Mandatory | Description |
|---|---|---|---|
|
| Mandatory | Same as the request |
|
| Mandatory | Same as the request |
|
| Optional | Same as the request |
|
| Mandatory | Same as the request |
|
| Mandatory | Additional payment info name |
|
| Mandatory | Additional payment info value |
|
| Mandatory | Request ID sent on merchant's request header |
|
| Mandatory | Authorize ID for authorize transaction. Mandatory if |
|
| Mandatory | Reponse code generated by DOKU / Acquirer |
|
| Mandatory | Response message generated by DOKU / Acquirer |
|
| Mandatory | Payment status
Possible value: |
|
| Mandatory | ECI for this transaction |
|
| Optional | Approval code for success transaction generated by acquirer |
|
| Mandatory | Same as the request |
|
| Optional | Card masked number |
|
| Mandatory | Card type
Possible value: |
|
| Mandatory | Card issuer |
|
| Mandatory | Principal brand
|
|
| Optional | Card token generated by DOKU if |
You can request void or refund using this API, or via the Dashboard .
Requirement
If you are using Cards Aggregator service, you can process Void or Refund.
If you are using Cards Direct service, please consult with your acquiring bank to learn more about whether your credential (MID) supports online refund or not, otherwise refund will be processed manually.
To request a refund, you will need to hit this API through your backend:
API Request
| Type | Value |
|---|---|
HTTP Method | POST |
API endpoint (Sandbox) |
|
API endpoint (Production) |
|
Here is the sample of request header to generate payment URL:
Request Header Explanation
| Parameter | Description |
|---|---|
Client-Id | Client ID retrieved from DOKU Back Office |
Request-Id | Unique random string (max 128 characters) generated from merchant side to protect duplicate request |
Request-Timestamp | Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z |
Signature | Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to this section to generate the signature |
Here is the sample request body to request a refund:
Request Body Explanation
| Parameter | Type | Mandatory | Description |
|---|---|---|---|
|
| Mandatory | Invoice number of the transaction that being refunded |
|
| Mandatory | Request ID from payment initiation of the transaction that being refunded |
|
| Mandatory | Transaction amount that wants to be refunded |
API Response
After hitting the above API request, DOKU will give the response.
| Type | Value |
|---|---|
HTTP Status | 200 |
Result | SUCCESS |
Here is the sample response header:
Response Header Explanation
| Parameter | Description |
|---|---|
Client-Id | Same as the request |
Request-Id | Same as the request |
Response-Timestamp | Timestamp Response on UTC with format ISO8601 UTC+0 from DOKU |
Signature | Signature generated by DOKU based on the response body |
Here is the sample of response body:
Response Body Explanation
| Parameter | Type | Mandatory | Description |
|---|---|---|---|
|
| Mandatory | Same as the request |
|
| Mandatory | Same as the request |
|
| Mandatory | Same as the request |
|
| Mandatory | Refund type based on the transaction
Possible value: |
|
| Mandatory | Refund status
Possible value: |
|
| Optional | Refund message description |
|
| Optional | Acquiring approval code for the refund transaction if the |
Refund Type
Online Refund
Amount will be returned automatically by system to customer's balance
VOID: If the funds has not settled to your bank account. The refund.amount must equal to order.amount, otherwise will fail
PARTIAL_REFUND: If the funds has settled to your bank account, and the refund.amount is less than order.amount
FULL_REFUND: If the funds has settled to your bank account, and the refund.amount is equal to order.amount
Manual Refund
Amount will be processed manually by DOKU's Refund Ops, may take longer than Online Refund to process
MANUAL_PARTIAL_REFUND: If the funds has settled to your bank account, and the refund.amount is less than order.amount
MANUAL_FULL_REFUND: If the funds has settled to your bank account, and the refund.amount is equal to order.amount
Installment ON US
BCA, Bank Mandiri, BNI only allow for ON US Installment. You must request an Installment MID from each respective acquirer.
Installment OFF US
Bukopin, Danamon, Permata, HSBC, OCBC allows OFF US Installment. you must have at least one SALE MID.
You can activate installment features on Service Activation page to let your customers pay in terms, you will receive full payment ahead and issuer Bank will charge the customer each month depending on tenor and amount of the transaction.
There are minimal transaction amounts for each installment (depending on the issuer) and you can see the details in the installment configuration page.
Testing Installment Payment
If you wish to try installment, make sure that you specific bank dummy credit card presented here and make sure that your transaction amount is equal to more than the minimum transaction required
Want to make your checkout experience faster? You can combine this integration with the Tokenization, so the next time your customers purchase, they don't need to input the credit card anymore.
Tokenization
Unbind Token
If you want to unbind the token, you can use the delete tokenization API below :
API Request
| Type | Value |
|---|---|
HTTP Method | POST |
API endpoint (Sandbox) |
|
API endpoint (Production) |
|
Here is the sample of request header to capture the transaction:
Request Header Explanation
| Parameter | Description |
|---|---|
Client-Id | Client ID retrieved from DOKU Back Office |
Request-Id | Unique random string (max 128 characters) generated from merchant side to protect duplicate request |
Request-Timestamp | Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z |
Signature | Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to this section to generate the signature |
Here is the sample request body to unbind the token:
Request Body Explanation
| Parameter | Type | Mandatory | Description |
|---|---|---|---|
|
| Mandatory | Token ID that want to unbind or delete |
|
| Optional | The value of Customer ID from API Tokenization |
API Response
After hitting the above API request, DOKU will give the response.
| Type | Value |
|---|---|
HTTP Status | 200 |
Result | SUCCESS |
Here is the sample response header:
Response Header Explanation
| Parameter | Description |
|---|---|
Client-Id | Same as the request |
Request-Id | Same as the request |
Response-Timestamp | Timestamp Response on UTC with format ISO8601 UTC+0 from DOKU |
Signature | Signature generated by DOKU based on the response body |
Here is the sample of response body:
Response Body Explanation
| Parameter | Type | Mandatory | Description |
|---|---|---|---|
|
| Mandatory | Delete Process Status
Possible Value: |
Info
To make sure the token has been unbinded, you can hit API Get token List.
If you are a platform or a marketplace, you can use this feature to settle the funds to your sellers or partners programmatically, save many operational efforts.
Make a test payment in the Sandbox environment using the dummy credit card that we have prepared to ensure that your application has been successfully integrated.
