DOKU Wallet
Integration Steps
Overview of integration process with DOKU Wallet SNAP.
1. Token
Before partners can access SNAP API DOKU, a partner must request a B2B / B2B2C token. Token B2B / B2B2C session expired 900s (access token will continue to be used as long as there is activity request API from a partners to DOKU), but when partners request access token B2B / B2B2C more than one element before time limit expired, the latest access token B2B / B2B2C will be processed.
a. Token B2B
Token B2B used all SNAP API DOKU.
Credential partner from DOKU
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Algorithm symmetric signature SHA256withRSA(PrivateKey, StringToSign) SHA256withRSA is used to generate the signature with your Private Key. Generate StringToSign : StringToSign = client_ID+"|"+X-TIMESTAMP
client_credentialsPOST /authorization/v1/access-token/b2b HTTP/1.1
Host: api-sandbox.doku.com
X-CLIENT-KEY: text
X-TIMESTAMP: text
X-SIGNATURE: text
Content-Type: application/json
Accept: */*
Content-Length: 34
{
"grantType": "client_credentials"
}OK
{
"responseCode": "2007300",
"responseMessage": "Successful",
"accessToken": "eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2NjYxNjU0NTYsIm5iZiI6MTY2NjE2NDU1NiwiaXNzIjoiRE9L VSIsImlhdCI6MTY2NjE2NDU1NiwianRpIjoiNzRmYmEyYzQtODlmZi00YTFhLWI2NWItMWExZTYwMmZmMj NjIiwiY2xpZW50SWQiOiIzMTg5In0.l-Nv7ajrTtscfRpDK2E7HY_8YN46Fb5KJfIoLB5M5fKzjwWfiYBE mx1gHRoilXhV4v-mAoa7ZTHgmIPW5WJHhNBI-5203fPyhvvkyK7ZgglB4rV7s3gzD9BWh8qm109Qj34PH1 IYQZyw02KOiOq3G1Hs_FKtBlcR9me1S_IlF2ar4uENMfL-wt2_rESU3u9lMm85imDfohSHVRANk1IJjONo VktRVBACZVxR1jOgVs-y-LTEkIETxXf7_JQGAfRbc5ezuj_lN8Zl0Vy70ZMGDAlZZwH2CRL9pBZCdpJLlQ 8-b1OWXEd_QXdFZU-jtyBGw5bxRy0wiWxKo5h68i77gA",
"tokenType": "Bearer",
"expiresIn": "900",
"additionalInfo": ""
}b. Token B2B2C
Token B2B2C is used for all SNAP API DOKU that involve customers for transaction activity.
Credential partner from DOKU
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Algorithm symmetric signature SHA256withRSA(PrivateKey, StringToSign) SHA256withRSA is used to generate the signature with your Private Key. Generate StringToSign : StringToSign = client_ID+"|"+X-TIMESTAMP
authorization_codecfb5de1a-6a40-40e0-8549-0634bcaed8edPOST /authorization/v1/access-token/b2b2c HTTP/1.1
Host: api-sandbox.doku.com
X-CLIENT-KEY: text
X-TIMESTAMP: text
X-SIGNATURE: text
Content-Type: application/json
Accept: */*
Content-Length: 84
{
"grantType": "authorization_code",
"authCode": "cfb5de1a-6a40-40e0-8549-0634bcaed8ed"
}OK
{
"responseCode": "2007400",
"responseMessage": "Successful",
"accessToken": "eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2Njg1MDI4ODMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IjI5 NjUiLCJhZGRpdGlvbmFsRGF0YSI6IntcImFjY291bnRJZFwiOlwiMTEzMDk2MjY0MlwifSJ9.HA91xn5bL tnp8pytgdQE0wo20yiFdDGfHGSBowm9KyMIdCvk6nrZKJCv3eSB7J7mqJwJ0IvnmU0CJQG2O6adzmNLeqL TXcigmED6b9zVd7A_JQPyg0w-GagP3QnTA0Z859vPgqGZQokRAgSrsmj026V5aFEIbdtyk-C44ESj31nmz D8twtyqWgY0hB7UG_TjL093tWYW3VIK-TZepuzdT24l996CriLjcIkLnSXj6LakkCLkKxG229QHtE6fkeu uTSgCgQWZvMAW3Id9sghqKL0IaFP4wlUfH0AFpPzrB059QT6sHxHQJfNd64FUV_n5jvF7AyQ4zHiImUGXx lKzJg",
"tokenType": "Bearer",
"accessTokenExpiryTime": "2022-11-15T16:01:23+07:00",
"refreshToken": "eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2Njk3OTg4ODMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IjI5 NjUiLCJhZGRpdGlvbmFsRGF0YSI6IjFiNjRjNGM2LTdhMzYtNGEyMy04OGRiLWRmMzIxMmFkZDg1MCJ9.R o3EzNpe6xUrWggeSOfC4whcdEpVsPXnl6SPrWO63QO7b4nE0azgsCe0lSkJ9wW6KtA42fiHZiXBdZe8PJX L5zthbfdkt1DoZW73WW26uyiZSNZxifWGhURiDhAzbVGTvdAjdDosRQnTgaQhNWfOyKd6ZW0gGuneyfkvX otffNQ5yAKDqDcNxkvr1WFC_gTHL50F6eWIi-uwgwSO_BORk_76zJiJ_iVGmMz6ArZFzN7NgD-xQlko3q_ ivj9ZKh4Awy7SHI5gsfdq4RSLJyy9me-dh5smwj2mniVVbwVeod0DVsNfkgfmF6cBesaz0ufBctx3119LP c-lSQE-65028Q",
"refreshTokenExpiryTime": "2022-11-30T16:01:23+07:00",
"additionalInfo": ""
}2. Account Creation
At this stage is the process for registering a new account, where after a successful registration process the customer will get a DOKU ID that is unique among customers to one another.
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
f1a69bce-41bc-4abd-8c5c-01910574e404SNAPaccount1123001081212340010[email protected]https://doku.comPOST /snap-adapter/b2b/v1.0/registration-account-creation HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 184
{
"partnerReferenceNo": "f1a69bce-41bc-4abd-8c5c-01910574e404",
"name": "SNAPaccount11230010",
"phoneNo": 81212340010,
"email": "[email protected]",
"redirectUrl": "https://doku.com"
}OK
{
"responseCode": 2000600,
"responseMessage": "Request has been processed successfully",
"referenceNo": "d2059e29-aebe-4c60-be56-936f85f230e1",
"partnerReferenceNo": "f1a69bce-41bc-4abd-8c5c-01910574e404"
}3. Verify OTP
Partners use API Verify OTP when user input OTP on partner side, this activity is required when we need to validate the account, example on flow journey Account Creation and Account Unbinding.
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Activity ID partners from request AccountCreationActivity ID DOKU from respond AccountCreationOTP that user inputPOST /snap-adapter/b2b/v1.0/otp-verification HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 222
{
"originalPartnerReferenceNo": "Activity ID partners from request AccountCreation",
"originalReferenceNo": "Activity ID DOKU from respond AccountCreation",
"otp": "OTP that user input",
"additionalInfo": "Additional Information"
}OK
{
"responseCode": 2000400,
"responseMessage": "Request has been processed successfully",
"originalPartnerReferenceNo": "f139057a-39f6-468d-a9ec-c30987b6752d",
"originalReferenceNo": "7f153090-68c5-4f4b-8902-ef779340818b",
"email": "[email protected]",
"phoneNo": 857100006,
"sendOtpFlag": "YES",
"additionalInfo": {
"deviceId": 12345679237
},
"qparamsURL": "https://sandbox.doku.com/snap-adapter-webview/create-pin",
"qparams": {
"token": "eyJhbGciOiJIUzUxMiJ9.eyJyZWRpc19rZXlfaWQiOiJzbmFwLWFkYXB0ZXI6OmFjY291bnQtY3JlYXRpb2 46OmNyZWF0ZS1waW46OjA4NTcxMDAwMDYxMTc1MTAwMDA2IiwiY3JlYXRlZCI6MTY2Njk1MzcxMDY2NiwiZX hwIjoxNjY3MDQwMTEwfQ.bUW2pO5k5OhLva8fn9UC4a3WTSAOpeSiHWlH467XZsC4BtTUBh7wOvaASbMpK99 k52Nc95PlxDMrlheFKlqPyw"
}
}4. Account Binding
Account Binding is flow to bind DOKU Wallet accounts to partner for get authCode (B2BB2C / Authorization-Customer for payment purposes)
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Activity ID from partnersPartner URL when user finish bindingPOST /snap-adapter/b2b/v1.0/registration-account-binding HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 168
{
"partnerReferenceNo": "Activity ID from partners",
"redirectUrl": "Partner URL when user finish binding",
"successParams": {
"accountId": "Account ID of customer from DOKU"
}
}OK
{
"responseCode": 2000700,
"responseMessage": "Request has been processed successfully",
"referenceNo": "934fbec9-2f65-40e1-b7fa-71e62536b83c",
"partnerReferenceNo": "478c40b2-e8af-49ed-bd6c-c36aa3a27ef7",
"linkId": "1669794770461PTWZy7qpYcg",
"nextAction": "https://sandbox.doku.com/snap-adapter-webview/account-binding?token=eyJhbGciOiJI UzUxMiJ9.eyJyZWRpc19rZXlfaWQiOiJzbmFwLWFkYXB0ZXI6OmFjY291bnQtYmluZGluZzo6YXV0aGVu dGljYXRpb246OjYyODEyMTIzNDAwMTAxMTIwMzQwMDEwLTQ3OGM0MGIyLWU4YWYtNDllZC1iZDZjLWMzN mFhM2EyN2VmNyIsImNyZWF0ZWQiOjE2Njk3OTQ3NzA2ODQsImV4cCI6MTY2OTg4MTE3MH0.j9IzFhlw-g -t861S4f76B_k_jy-E_XvkFX1HxDdxD9V7sz49u7rPbuG8XadlPE7aOSsG7E4QjYGbUZIgH9LcNw&phon eNo=6281*****0010",
"redirectUrl": "https://dwidobelyu-doku.free.beeceptor.com",
"userInfo": {
"publicUserId": 1120340010
}
}5. Account Inquiry
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Identifier activity ID from partnersPOST /snap-adapter/b2b/v1.0/registration-account-inquiry HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 157
{
"partnerReferenceNo": "Identifier activity ID from partners",
"additionalInfo": {
"accountId": "Account ID of customer from DOKU ( DOKUID / Phone no / email )"
}
}OK
{
"responseCode": 2000800,
"responseMessage": "Request has been processed successfully",
"referenceNo": "0987dc7e-a391-420a-887a-425595acaabd\"",
"partnerReferenceNo": "f314e49a-c2e8-4db1-bbac-335120ea6a73",
"accountNo": 1508091937,
"additionalInfo": {
"linkId": "1669794770461PTWZy7qpY2d",
"remarks": 3189,
"authCode": "Y/YkpGWMVp644b4C7GI2V2aPzqjg3RlzSB9euMhRkoXq1rD+hBhc8xy7rfGsWIxQ",
"merchantId": "Already bound with related merchant"
}
}6. Account Unbinding
This is the process when customers want to unbinding their DOKU account from merchants. To complete the unbinding account process OTP must send to API Verify OTP.
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Identifier activity ID from partnersIdentifier provided from Account BindingCredential client ID from DOKUPOST /snap-adapter/b2b/v1.0/registration-account-unbinding HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 289
{
"partnerReferenceNo": "Identifier activity ID from partners",
"linkId": "Identifier provided from Account Binding",
"merchantId": "Credential client ID from DOKU",
"additionalInfo": {
"deviceId": "ID Device user",
"channel": "Platform user using ( mobile, desktop, etc )",
"phoneNo": "User phone no"
}
}OK
{
"responseCode": 2000900,
"responseMessage": "Request has been processed successfully",
"referenceNo": "8f560a36-fc69-407a-9b62-6565d15263b2",
"partnerReferenceNo": "f68f64b5-842e-4298-87c4-6ee7bd202467",
"merchantId": 3189,
"linkId": "SnpFXl9hINuzcA9gxGwgcJk8",
"unlinkResult": "inProgress",
"additionalInfo": {
"channel": "mobilephone",
"deviceId": 12345679237,
"phoneNo": 1802100004
}
}7. Balance Inquiry
With this API, partners can check for customer balance that has been verified by DOKU, so that partners can equate customer data, between partners and DOKU.
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
Activity ID from partnersPOST /snap-adapter/b2b2c/v1.0/balance-inquiry HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 50
{
"partnerReferenceNo": "Activity ID from partners"
}OK
{
"responseCode": 2001100,
"responseMessage": "Request has been processed successfully",
"referenceNo": "9e5bfe5d-6270-4737-ad45-1091f97c8b6d",
"partnerReferenceNo": "1eb0db4aa2e642208e71e9252428d912",
"accountNo": 17139626343,
"name": "John Doe",
"accountInfo": {
"balanceType": "Cash",
"amount": {
"value": 1095086.98,
"currency": "IDR"
}
}
}8. Transfer Bank Account Inquiry
This API allows partners to get BANK beneficiary information, so customers can see and confirm the transfer activity
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
partnerReferenceNocustomerNumberbeneficiaryAccountNumberPOST /snap-adapter/b2b2c/v1.0/emoney/bank-account-inquiry HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 212
{
"partnerReferenceNo": "partnerReferenceNo",
"customerNumber": "customerNumber",
"amount": {
"value": "text",
"currency": "text"
},
"beneficiaryAccountNumber": "beneficiaryAccountNumber",
"additionalInfo": {
"bankCode": "text"
}
}OK
{
"responseCode": "text",
"responseMessage": "text",
"referenceNo": "text",
"partnerReferenceNo": "text",
"beneficiaryAccountNumber": "text",
"beneficiaryAccountName": "text",
"beneficiaryBankCode": "text",
"amount": {
"value": "text",
"currency": "text"
}
}9. Transfer Bank Account Payment
This API allows partners to trigger transfer balance from account balance to BANK Account
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
partnerReferenceNocustomerNumberaccountTypebeneficiaryAccountNumberbeneficiaryBankCodePOST /snap-adapter/b2b2c/v1.0/emoney/transfer-bank HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 287
{
"partnerReferenceNo": "partnerReferenceNo",
"customerNumber": "customerNumber",
"accountType": "accountType",
"beneficiaryAccountNumber": "beneficiaryAccountNumber",
"beneficiaryBankCode": "beneficiaryBankCode",
"amount": {
"value": "text",
"currency": "text"
},
"additionalInfo": {
"referenceNo": "text"
}
}OK
{
"responseCode": "text",
"responseMessage": "text",
"referenceNo": "text",
"partnerReferenceNo": "text",
"transactionDate": "text",
"referenceNumber": "text"
}10. Account Top Up
This API allows partners to trigger transfer balance from their corporate account balance to DOKU customer Account.
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
partnerReferenceNocustomerNumbersessionIdnotesPOST /snap-adapter/b2b2c/v1.0/emoney/topup HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 215
{
"partnerReferenceNo": "partnerReferenceNo",
"customerNumber": "customerNumber",
"amount": {
"value": "text",
"currency": "text"
},
"sessionId": "sessionId",
"notes": "notes",
"additionalInfo": {
"deviceId": "text",
"channel": "text"
}
}OK
{
"responseCode": "text",
"responseMessage": "text",
"referenceNo": "text",
"partnerReferenceNo": "text",
"sessionId": "text",
"customerNumber": "text"
}11. Query Top Up
This API allows partners to check status top up.
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
originalPartnerReferenceNooriginalReferenceNooriginalExternalIdserviceCodePOST /snap-adapter/b2b2c/v1.0/emoney/topup-status HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 227
{
"originalPartnerReferenceNo": "originalPartnerReferenceNo",
"originalReferenceNo": "originalReferenceNo",
"originalExternalId": "originalExternalId",
"serviceCode": "serviceCode",
"additionalInfo": {
"deviceId": "text",
"channel": "text"
}
}OK
{
"responseCode": "text",
"responseMessage": "text",
"originalPartnerReferenceNo": "text",
"originalReferenceNo": "text",
"originalExternalId": "text",
"serviceCode": "text",
"amount": {
"value": "text",
"currency": "text"
},
"latestTransactionStatus": "text",
"transactionStatusDesc": "text",
"additionalInfo": {
"deviceId": "text",
"channel": "text",
"approvalCode": "text"
}
}12. Purchase Web
Partners can provide an online payment facility using PIN authentication that can facilitate customers in making the transaction at any merchant that has been integrated. DOKU will provide a webview payment page to input the PIN and proceed with the payment
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
Transaction ID from partnersDefault “DOKU”POST /snap-adapter/b2b2c/v1.0/debit/payment-host-to-host HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 369
{
"partnerReferenceNo": "Transaction ID from partners",
"chargeToken": "Default “DOKU”",
"amount": "Detail amount",
"urlParam": {
"url": "Partner URL when user finish payment",
"type": "Default “PAY_RETURN”",
"isDeepLink": "Default “N”",
"merchantId": "Credential client ID from DOKU"
},
"additionalInfo": {
"basket": "List of basket basket",
"promoCode": "Promo code from DOKU"
}
}OK
{
"responseCode": 2005400,
"responseMessage": "Request has been processed successfully",
"ReferenceNo": "c8c73c4635794cdcae7d9fe325251088",
"PartnerReferenceNo": "c8c73c4635794cdcae7d9fe325251088",
"webRedirectUrl": "https://sandbox.doku.com/snap-adapter-webview/direct-debit?token=eyJhbGciOiJIUzU xMiJ9.eyJyZWRpc19rZXlfaWQiOiJzbmFwLWFkYXB0ZXI6OmRpcmVjdC1kZWJpdDo6MTQ1NTM0MDAwNC1 jOGM3M2M0NjM1Nzk0Y2RjYWU3ZDlmZTMyNTI1MTA4OCIsImNyZWF0ZWQiOjE2NjkwODc0OTI1MTgsImV4 cCI6MTY2OTE3Mzg5Mn0.wIL92PT2km7rQ0oHWytEVknE0X6URdIJz4f7s-TQ9E3uH4txLGo2a-GMYdh-w acTcXjl252XS87_634ajnM_dg",
"additionalInfo": {
"dokuId": 1455340004
}
}13. Query Purchase
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
Transaction ID from partnersUnique service API “17”Transaction datePOST /snap-adapter/b2b2c/v1.0/debit/status HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 263
{
"partnerReferenceNo": "Transaction ID from partners",
"serviceCode": "Unique service API “17”",
"transactionDate": "Transaction date",
"amount": "Detail amount",
"additionalInfo": {
"deviceId": "ID Device user",
"channel": "Platform user using ( mobile, desktop, etc )"
}
}OK
{
"responseCode": 2005500,
"responseMessage": "Request has been processed successfully",
"originalReferenceNo": "5b4c663897ff488b9db50f789f0c9079",
"originalPartnerReferenceNo": "5b4c663897ff488b9db50f789f0c9079",
"approvalCode": 319955,
"serviceCode": 17,
"latestTransactionStatus": 0,
"transactionStatusDesc": "SUCCESS",
"originalResponseCode": 2005500,
"originalResponseMessage": "SUCCESS",
"transAmount": {
"value": 0,
"currency": "IDR"
},
"paidTime": "2022-11-16T15:13:00+07:00"
}14. Cancel Purchase
Partners can cancel the transaction or reverse immediately after successful transaction processing in the DOKU system, it can be used in case of time-out or other problems that occur on the merchant side
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
Original Transaction ID from partnersReason cancelationPOST /snap-adapter/b2b2c/v1.0/debit/cancel HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 142
{
"originalPartnerReferenceNo": "Original Transaction ID from partners",
"reason": "Reason cancelation",
"additionalInfo": "Additional Information"
}OK
{
"responseCode": 2005700,
"responseMessage": "Request has been processed successfully",
"OriginalReferenceNo": "inv_pm_20221019143243557",
"OriginalPartnerReferenceNo": "inv_pm_20221019143243557",
"cancelTime": "2022-10-18T11:15:07.376472",
"transactionDate": "2022-10-18T11:11:00"
}15. Refund Purchase
Partners can request a refund when the transaction has already settled.
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
Original Transaction ID from partnersReason cancelationTransaction ID on service consumer system, when for refund payment.POST /snap-adapter/b2b2c/v1.0/debit/refund HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 230
{
"originalPartnerReferenceNo": "Original Transaction ID from partners",
"reason": "Reason cancelation",
"partnerRefundNo": "Transaction ID on service consumer system, when for refund payment.",
"additionalInfo": "Additional Information"
}OK
{
"responseCode": 2005800,
"responseMessage": "Request has been processed successfully",
"OriginalReferenceNo": "4f00d3a6819b439580731b7b77dbbf05",
"OriginalPartnerReferenceNo": "4f00d3a6819b439580731b7b77dbbf05",
"refundNo": 123456,
"partnerRefundNo": 123456,
"refundTime": "2022-11-11T10:02:46+07:00\""
}16. Transaction History List
This API allows partners to get history from an account with 1 month range time and the oldest transaction is 1 year behind.
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
Activity ID from partnersStarting time range ISO-8601Ending time range ISO-8601Maximum number of transaction returned in one pagination Default 10Current page number Default 0POST /snap-adapter/b2b2c/v1.0/transaction-history-list HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 306
{
"partnerReferenceNo": "Activity ID from partners",
"fromDateTime": "Starting time range ISO-8601",
"toDateTime": "Ending time range ISO-8601",
"pageSize": "Maximum number of transaction returned in one pagination Default 10",
"pageNumber": "Current page number Default 0",
"additionalInfo": "Additional Information"
}OK
{
"responseCode": 2001200,
"responseMessage": "Request has been processed successfully",
"detailData": {
"dateTime": "2022-11-11T10:51:42+07:00",
"amount": {
"value": 1700.77,
"currency": "IDR"
},
"remark": "Get Refund From payment with invoice null",
"status": "SUCCESS",
"type": "REFUND"
},
"additionalInfo": {
"refId": "Zqxdxfbs_Bcl1lxCWFjbdA",
"transactionId": 678354996
}
}17. Transaction History Detail
This API allows partners to get transaction details from an account.
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
Credential client ID from DOKU
Reference number that should be unique in the same day
SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
Transaction ID from partnersPOST /snap-adapter/b2b2c/v1.0/transaction-history-detail HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 53
{
"partnerReferenceNo": "Transaction ID from partners"
}OK
{
"responseCode": 2001300,
"responseMessage": "Request has been processed successfully",
"referenceNo": "RendH9Bpwly4CDRxzeAXIw",
"partnerReferenceNo": "e73771a15652c5aace3f05d0feaa8cb82b40e5cd",
"amount": {
"value": 10000,
"currency": "IDR"
},
"dateTime": "2022-11-23T18:39:41+07:00",
"remark": "Transfer Cash Wallet To Bank Account",
"status": "SUCCESS",
"type": "SEND_MONEY"
}Last updated
Was this helpful?