DOKU Wallet

Integration Steps

Overview of integration process with DOKU Wallet SNAP.


1. Token

Before partners can access SNAP API DOKU, a partner must request a B2B / B2B2C token. Token B2B / B2B2C session expired 900s (access token will continue to be used as long as there is activity request API from a partners to DOKU), but when partners request access token B2B / B2B2C more than one element before time limit expired, the latest access token B2B / B2B2C will be processed.

a. Token B2B

Token B2B used all SNAP API DOKU.

POST authorization/v1/access-token/b2b

post
Header parameters
X-CLIENT-KEYstringRequired

Credential partner from DOKU

X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-SIGNATUREstringRequired

Algorithm symmetric signature SHA256withRSA(PrivateKey, StringToSign) SHA256withRSA is used to generate the signature with your Private Key. Generate StringToSign : StringToSign = client_ID+"|"+X-TIMESTAMP

Body
grantTypestringRequiredExample: client_credentials
Responses
200
OK
application/json
post
POST /authorization/v1/access-token/b2b HTTP/1.1
Host: api-sandbox.doku.com
X-CLIENT-KEY: text
X-TIMESTAMP: text
X-SIGNATURE: text
Content-Type: application/json
Accept: */*
Content-Length: 34

{
  "grantType": "client_credentials"
}
200

OK

{
  "responseCode": "2007300",
  "responseMessage": "Successful",
  "accessToken": "eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2NjYxNjU0NTYsIm5iZiI6MTY2NjE2NDU1NiwiaXNzIjoiRE9L VSIsImlhdCI6MTY2NjE2NDU1NiwianRpIjoiNzRmYmEyYzQtODlmZi00YTFhLWI2NWItMWExZTYwMmZmMj NjIiwiY2xpZW50SWQiOiIzMTg5In0.l-Nv7ajrTtscfRpDK2E7HY_8YN46Fb5KJfIoLB5M5fKzjwWfiYBE mx1gHRoilXhV4v-mAoa7ZTHgmIPW5WJHhNBI-5203fPyhvvkyK7ZgglB4rV7s3gzD9BWh8qm109Qj34PH1 IYQZyw02KOiOq3G1Hs_FKtBlcR9me1S_IlF2ar4uENMfL-wt2_rESU3u9lMm85imDfohSHVRANk1IJjONo VktRVBACZVxR1jOgVs-y-LTEkIETxXf7_JQGAfRbc5ezuj_lN8Zl0Vy70ZMGDAlZZwH2CRL9pBZCdpJLlQ 8-b1OWXEd_QXdFZU-jtyBGw5bxRy0wiWxKo5h68i77gA",
  "tokenType": "Bearer",
  "expiresIn": "900",
  "additionalInfo": ""
}

b. Token B2B2C

Token B2B2C is used for all SNAP API DOKU that involve customers for transaction activity.

POST authorization/v1/access-token/b2b2c

post
Header parameters
X-CLIENT-KEYstringRequired

Credential partner from DOKU

X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-SIGNATUREstringRequired

Algorithm symmetric signature SHA256withRSA(PrivateKey, StringToSign) SHA256withRSA is used to generate the signature with your Private Key. Generate StringToSign : StringToSign = client_ID+"|"+X-TIMESTAMP

Body
grantTypestringRequiredExample: authorization_code
authCodestringRequiredExample: cfb5de1a-6a40-40e0-8549-0634bcaed8ed
Responses
200
OK
application/json
post
POST /authorization/v1/access-token/b2b2c HTTP/1.1
Host: api-sandbox.doku.com
X-CLIENT-KEY: text
X-TIMESTAMP: text
X-SIGNATURE: text
Content-Type: application/json
Accept: */*
Content-Length: 84

{
  "grantType": "authorization_code",
  "authCode": "cfb5de1a-6a40-40e0-8549-0634bcaed8ed"
}
200

OK

{
  "responseCode": "2007400",
  "responseMessage": "Successful",
  "accessToken": "eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2Njg1MDI4ODMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IjI5 NjUiLCJhZGRpdGlvbmFsRGF0YSI6IntcImFjY291bnRJZFwiOlwiMTEzMDk2MjY0MlwifSJ9.HA91xn5bL tnp8pytgdQE0wo20yiFdDGfHGSBowm9KyMIdCvk6nrZKJCv3eSB7J7mqJwJ0IvnmU0CJQG2O6adzmNLeqL TXcigmED6b9zVd7A_JQPyg0w-GagP3QnTA0Z859vPgqGZQokRAgSrsmj026V5aFEIbdtyk-C44ESj31nmz D8twtyqWgY0hB7UG_TjL093tWYW3VIK-TZepuzdT24l996CriLjcIkLnSXj6LakkCLkKxG229QHtE6fkeu uTSgCgQWZvMAW3Id9sghqKL0IaFP4wlUfH0AFpPzrB059QT6sHxHQJfNd64FUV_n5jvF7AyQ4zHiImUGXx lKzJg",
  "tokenType": "Bearer",
  "accessTokenExpiryTime": "2022-11-15T16:01:23+07:00",
  "refreshToken": "eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2Njk3OTg4ODMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IjI5 NjUiLCJhZGRpdGlvbmFsRGF0YSI6IjFiNjRjNGM2LTdhMzYtNGEyMy04OGRiLWRmMzIxMmFkZDg1MCJ9.R o3EzNpe6xUrWggeSOfC4whcdEpVsPXnl6SPrWO63QO7b4nE0azgsCe0lSkJ9wW6KtA42fiHZiXBdZe8PJX L5zthbfdkt1DoZW73WW26uyiZSNZxifWGhURiDhAzbVGTvdAjdDosRQnTgaQhNWfOyKd6ZW0gGuneyfkvX otffNQ5yAKDqDcNxkvr1WFC_gTHL50F6eWIi-uwgwSO_BORk_76zJiJ_iVGmMz6ArZFzN7NgD-xQlko3q_ ivj9ZKh4Awy7SHI5gsfdq4RSLJyy9me-dh5smwj2mniVVbwVeod0DVsNfkgfmF6cBesaz0ufBctx3119LP c-lSQE-65028Q",
  "refreshTokenExpiryTime": "2022-11-30T16:01:23+07:00",
  "additionalInfo": ""
}

2. Account Creation

At this stage is the process for registering a new account, where after a successful registration process the customer will get a DOKU ID that is unique among customers to one another.

POST snap-adapter/b2b/v1.0/registration-account-creation

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Body
partnerReferenceNostringRequiredExample: f1a69bce-41bc-4abd-8c5c-01910574e404
namestringRequiredExample: SNAPaccount11230010
phoneNostringRequiredExample: 81212340010
emailstringRequiredExample: [email protected]
redirectUrlstringRequiredExample: https://doku.com
Responses
200
OK
application/json
post
POST /snap-adapter/b2b/v1.0/registration-account-creation HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 184

{
  "partnerReferenceNo": "f1a69bce-41bc-4abd-8c5c-01910574e404",
  "name": "SNAPaccount11230010",
  "phoneNo": 81212340010,
  "email": "[email protected]",
  "redirectUrl": "https://doku.com"
}
200

OK

{
  "responseCode": 2000600,
  "responseMessage": "Request has been processed successfully",
  "referenceNo": "d2059e29-aebe-4c60-be56-936f85f230e1",
  "partnerReferenceNo": "f1a69bce-41bc-4abd-8c5c-01910574e404"
}

3. Verify OTP

Partners use API Verify OTP when user input OTP on partner side, this activity is required when we need to validate the account, example on flow journey Account Creation and Account Unbinding.

Notes

  1. For Account Creation, partners need to redirect user to Create PIN page, URL (qparamsURL?action=action) from Response Verify OTP

  2. Account ID will be info to redirectUrl from request Account Creation, example below : htttp://partnerweb.com/registerdoku/?accountId=1140340010&partnerReferenceNo=f1a69bce-41bc-4abd-8c5c -01910574e404&status=SUCCESS

POST snap-adapter/b2b/v1.0/otp-verification

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Body
originalPartnerReferenceNostringRequiredExample: Activity ID partners from request AccountCreation
originalReferenceNostringRequiredExample: Activity ID DOKU from respond AccountCreation
otpstringRequiredExample: OTP that user input
Responses
200
OK
application/json
post
POST /snap-adapter/b2b/v1.0/otp-verification HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 222

{
  "originalPartnerReferenceNo": "Activity ID partners from request AccountCreation",
  "originalReferenceNo": "Activity ID DOKU from respond AccountCreation",
  "otp": "OTP that user input",
  "additionalInfo": "Additional Information"
}
200

OK

{
  "responseCode": 2000400,
  "responseMessage": "Request has been processed successfully",
  "originalPartnerReferenceNo": "f139057a-39f6-468d-a9ec-c30987b6752d",
  "originalReferenceNo": "7f153090-68c5-4f4b-8902-ef779340818b",
  "email": "[email protected]",
  "phoneNo": 857100006,
  "sendOtpFlag": "YES",
  "additionalInfo": {
    "deviceId": 12345679237
  },
  "qparamsURL": "https://sandbox.doku.com/snap-adapter-webview/create-pin",
  "qparams": {
    "token": "eyJhbGciOiJIUzUxMiJ9.eyJyZWRpc19rZXlfaWQiOiJzbmFwLWFkYXB0ZXI6OmFjY291bnQtY3JlYXRpb2 46OmNyZWF0ZS1waW46OjA4NTcxMDAwMDYxMTc1MTAwMDA2IiwiY3JlYXRlZCI6MTY2Njk1MzcxMDY2NiwiZX hwIjoxNjY3MDQwMTEwfQ.bUW2pO5k5OhLva8fn9UC4a3WTSAOpeSiHWlH467XZsC4BtTUBh7wOvaASbMpK99 k52Nc95PlxDMrlheFKlqPyw"
  }
}

4. Account Binding

Account Binding is flow to bind DOKU Wallet accounts to partner for get authCode (B2BB2C / Authorization-Customer for payment purposes)

POST snap-adapter/b2b/v1.0/registration-account-binding

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Body
partnerReferenceNostringRequiredExample: Activity ID from partners
redirectUrlstringRequiredExample: Partner URL when user finish binding
Responses
200
OK
application/json
post
POST /snap-adapter/b2b/v1.0/registration-account-binding HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 168

{
  "partnerReferenceNo": "Activity ID from partners",
  "redirectUrl": "Partner URL when user finish binding",
  "successParams": {
    "accountId": "Account ID of customer from DOKU"
  }
}
200

OK

{
  "responseCode": 2000700,
  "responseMessage": "Request has been processed successfully",
  "referenceNo": "934fbec9-2f65-40e1-b7fa-71e62536b83c",
  "partnerReferenceNo": "478c40b2-e8af-49ed-bd6c-c36aa3a27ef7",
  "linkId": "1669794770461PTWZy7qpYcg",
  "nextAction": "https://sandbox.doku.com/snap-adapter-webview/account-binding?token=eyJhbGciOiJI UzUxMiJ9.eyJyZWRpc19rZXlfaWQiOiJzbmFwLWFkYXB0ZXI6OmFjY291bnQtYmluZGluZzo6YXV0aGVu dGljYXRpb246OjYyODEyMTIzNDAwMTAxMTIwMzQwMDEwLTQ3OGM0MGIyLWU4YWYtNDllZC1iZDZjLWMzN mFhM2EyN2VmNyIsImNyZWF0ZWQiOjE2Njk3OTQ3NzA2ODQsImV4cCI6MTY2OTg4MTE3MH0.j9IzFhlw-g -t861S4f76B_k_jy-E_XvkFX1HxDdxD9V7sz49u7rPbuG8XadlPE7aOSsG7E4QjYGbUZIgH9LcNw&phon eNo=6281*****0010",
  "redirectUrl": "https://dwidobelyu-doku.free.beeceptor.com",
  "userInfo": {
    "publicUserId": 1120340010
  }
}

5. Account Inquiry

POST snap-adapter/b2b/v1.0/registration-account-inquiry

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Body
partnerReferenceNostringRequiredExample: Identifier activity ID from partners
Responses
200
OK
application/json
post
POST /snap-adapter/b2b/v1.0/registration-account-inquiry HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 157

{
  "partnerReferenceNo": "Identifier activity ID from partners",
  "additionalInfo": {
    "accountId": "Account ID of customer from DOKU ( DOKUID / Phone no / email )"
  }
}
200

OK

{
  "responseCode": 2000800,
  "responseMessage": "Request has been processed successfully",
  "referenceNo": "0987dc7e-a391-420a-887a-425595acaabd\"",
  "partnerReferenceNo": "f314e49a-c2e8-4db1-bbac-335120ea6a73",
  "accountNo": 1508091937,
  "additionalInfo": {
    "linkId": "1669794770461PTWZy7qpY2d",
    "remarks": 3189,
    "authCode": "Y/YkpGWMVp644b4C7GI2V2aPzqjg3RlzSB9euMhRkoXq1rD+hBhc8xy7rfGsWIxQ",
    "merchantId": "Already bound with related merchant"
  }
}

6. Account Unbinding

This is the process when customers want to unbinding their DOKU account from merchants. To complete the unbinding account process OTP must send to API Verify OTP.

POST snap-adapter/b2b/v1.0/registration-account-unbinding

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Body
partnerReferenceNostringRequiredExample: Identifier activity ID from partners
linkIdstringRequiredExample: Identifier provided from Account Binding
merchantIdstringRequiredExample: Credential client ID from DOKU
Responses
200
OK
application/json
post
POST /snap-adapter/b2b/v1.0/registration-account-unbinding HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 289

{
  "partnerReferenceNo": "Identifier activity ID from partners",
  "linkId": "Identifier provided from Account Binding",
  "merchantId": "Credential client ID from DOKU",
  "additionalInfo": {
    "deviceId": "ID Device user",
    "channel": "Platform user using ( mobile, desktop, etc )",
    "phoneNo": "User phone no"
  }
}
200

OK

{
  "responseCode": 2000900,
  "responseMessage": "Request has been processed successfully",
  "referenceNo": "8f560a36-fc69-407a-9b62-6565d15263b2",
  "partnerReferenceNo": "f68f64b5-842e-4298-87c4-6ee7bd202467",
  "merchantId": 3189,
  "linkId": "SnpFXl9hINuzcA9gxGwgcJk8",
  "unlinkResult": "inProgress",
  "additionalInfo": {
    "channel": "mobilephone",
    "deviceId": 12345679237,
    "phoneNo": 1802100004
  }
}

7. Balance Inquiry

With this API, partners can check for customer balance that has been verified by DOKU, so that partners can equate customer data, between partners and DOKU.

POST snap-adapter/b2b2c/v1.0/balance-inquiry

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Authorization-CustomerstringRequired

Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C

Body
partnerReferenceNostringRequiredExample: Activity ID from partners
Responses
200
OK
application/json
post
POST /snap-adapter/b2b2c/v1.0/balance-inquiry HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 50

{
  "partnerReferenceNo": "Activity ID from partners"
}
200

OK

{
  "responseCode": 2001100,
  "responseMessage": "Request has been processed successfully",
  "referenceNo": "9e5bfe5d-6270-4737-ad45-1091f97c8b6d",
  "partnerReferenceNo": "1eb0db4aa2e642208e71e9252428d912",
  "accountNo": 17139626343,
  "name": "John Doe",
  "accountInfo": {
    "balanceType": "Cash",
    "amount": {
      "value": 1095086.98,
      "currency": "IDR"
    }
  }
}

8. Transfer Bank Account Inquiry

This API allows partners to get BANK beneficiary information, so customers can see and confirm the transfer activity

POST snap-adapter/b2b2c/v1.0/emoney/bank-account-inquiry

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Authorization-CustomerstringRequired

Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C

Body
partnerReferenceNostringRequiredExample: partnerReferenceNo
customerNumberstringRequiredExample: customerNumber
beneficiaryAccountNumberstringRequiredExample: beneficiaryAccountNumber
Responses
200
OK
application/json
post
POST /snap-adapter/b2b2c/v1.0/emoney/bank-account-inquiry HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 212

{
  "partnerReferenceNo": "partnerReferenceNo",
  "customerNumber": "customerNumber",
  "amount": {
    "value": "text",
    "currency": "text"
  },
  "beneficiaryAccountNumber": "beneficiaryAccountNumber",
  "additionalInfo": {
    "bankCode": "text"
  }
}
200

OK

{
  "responseCode": "text",
  "responseMessage": "text",
  "referenceNo": "text",
  "partnerReferenceNo": "text",
  "beneficiaryAccountNumber": "text",
  "beneficiaryAccountName": "text",
  "beneficiaryBankCode": "text",
  "amount": {
    "value": "text",
    "currency": "text"
  }
}

9. Transfer Bank Account Payment

This API allows partners to trigger transfer balance from account balance to BANK Account

POST snap-adapter/b2b2c/v1.0/emoney/transfer-bank

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Authorization-CustomerstringRequired

Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C

Body
partnerReferenceNostringRequiredExample: partnerReferenceNo
customerNumberstringRequiredExample: customerNumber
accountTypestringRequiredExample: accountType
beneficiaryAccountNumberstringRequiredExample: beneficiaryAccountNumber
beneficiaryBankCodestringRequiredExample: beneficiaryBankCode
Responses
200
OK
application/json
post
POST /snap-adapter/b2b2c/v1.0/emoney/transfer-bank HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 287

{
  "partnerReferenceNo": "partnerReferenceNo",
  "customerNumber": "customerNumber",
  "accountType": "accountType",
  "beneficiaryAccountNumber": "beneficiaryAccountNumber",
  "beneficiaryBankCode": "beneficiaryBankCode",
  "amount": {
    "value": "text",
    "currency": "text"
  },
  "additionalInfo": {
    "referenceNo": "text"
  }
}
200

OK

{
  "responseCode": "text",
  "responseMessage": "text",
  "referenceNo": "text",
  "partnerReferenceNo": "text",
  "transactionDate": "text",
  "referenceNumber": "text"
}

10. Account Top Up

This API allows partners to trigger transfer balance from their corporate account balance to DOKU customer Account.

POST snap-adapter/b2b2c/v1.0/emoney/topup

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Authorization-CustomerstringRequired

Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C

Body
partnerReferenceNostringRequiredExample: partnerReferenceNo
customerNumberstringRequiredExample: customerNumber
sessionIdstringRequiredExample: sessionId
notesstringRequiredExample: notes
Responses
200
OK
application/json
post
POST /snap-adapter/b2b2c/v1.0/emoney/topup HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 215

{
  "partnerReferenceNo": "partnerReferenceNo",
  "customerNumber": "customerNumber",
  "amount": {
    "value": "text",
    "currency": "text"
  },
  "sessionId": "sessionId",
  "notes": "notes",
  "additionalInfo": {
    "deviceId": "text",
    "channel": "text"
  }
}
200

OK

{
  "responseCode": "text",
  "responseMessage": "text",
  "referenceNo": "text",
  "partnerReferenceNo": "text",
  "sessionId": "text",
  "customerNumber": "text"
}

11. Query Top Up

This API allows partners to check status top up.

POST snap-adapter/b2b2c/v1.0/emoney/topup-status

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Authorization-CustomerstringRequired

Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C

Body
originalPartnerReferenceNostringRequiredExample: originalPartnerReferenceNo
originalReferenceNostringOptionalExample: originalReferenceNo
originalExternalIdstringRequiredExample: originalExternalId
serviceCodestringRequiredExample: serviceCode
Responses
200
OK
application/json
post
POST /snap-adapter/b2b2c/v1.0/emoney/topup-status HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 227

{
  "originalPartnerReferenceNo": "originalPartnerReferenceNo",
  "originalReferenceNo": "originalReferenceNo",
  "originalExternalId": "originalExternalId",
  "serviceCode": "serviceCode",
  "additionalInfo": {
    "deviceId": "text",
    "channel": "text"
  }
}
200

OK

{
  "responseCode": "text",
  "responseMessage": "text",
  "originalPartnerReferenceNo": "text",
  "originalReferenceNo": "text",
  "originalExternalId": "text",
  "serviceCode": "text",
  "amount": {
    "value": "text",
    "currency": "text"
  },
  "latestTransactionStatus": "text",
  "transactionStatusDesc": "text",
  "additionalInfo": {
    "deviceId": "text",
    "channel": "text",
    "approvalCode": "text"
  }
}

12. Purchase Web

Partners can provide an online payment facility using PIN authentication that can facilitate customers in making the transaction at any merchant that has been integrated. DOKU will provide a webview payment page to input the PIN and proceed with the payment

POST snap-adapter/b2b2c/v1.0/debit/payment-host-to-host

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Authorization-CustomerstringRequired

Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C

Body
partnerReferenceNostringRequiredExample: Transaction ID from partners
chargeTokenstringRequiredExample: Default “DOKU”
Responses
200
OK
application/json
post
POST /snap-adapter/b2b2c/v1.0/debit/payment-host-to-host HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 369

{
  "partnerReferenceNo": "Transaction ID from partners",
  "chargeToken": "Default “DOKU”",
  "amount": "Detail amount",
  "urlParam": {
    "url": "Partner URL when user finish payment",
    "type": "Default “PAY_RETURN”",
    "isDeepLink": "Default “N”",
    "merchantId": "Credential client ID from DOKU"
  },
  "additionalInfo": {
    "basket": "List of basket basket",
    "promoCode": "Promo code from DOKU"
  }
}
200

OK

{
  "responseCode": 2005400,
  "responseMessage": "Request has been processed successfully",
  "ReferenceNo": "c8c73c4635794cdcae7d9fe325251088",
  "PartnerReferenceNo": "c8c73c4635794cdcae7d9fe325251088",
  "webRedirectUrl": "https://sandbox.doku.com/snap-adapter-webview/direct-debit?token=eyJhbGciOiJIUzU xMiJ9.eyJyZWRpc19rZXlfaWQiOiJzbmFwLWFkYXB0ZXI6OmRpcmVjdC1kZWJpdDo6MTQ1NTM0MDAwNC1 jOGM3M2M0NjM1Nzk0Y2RjYWU3ZDlmZTMyNTI1MTA4OCIsImNyZWF0ZWQiOjE2NjkwODc0OTI1MTgsImV4 cCI6MTY2OTE3Mzg5Mn0.wIL92PT2km7rQ0oHWytEVknE0X6URdIJz4f7s-TQ9E3uH4txLGo2a-GMYdh-w acTcXjl252XS87_634ajnM_dg",
  "additionalInfo": {
    "dokuId": 1455340004
  }
}

13. Query Purchase

POST snap-adapter/b2b2c/v1.0/debit/status

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Authorization-CustomerstringRequired

Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C

Body
partnerReferenceNostringRequiredExample: Transaction ID from partners
serviceCodestringRequiredExample: Unique service API “17”
transactionDatestringRequiredExample: Transaction date
Responses
200
OK
application/json
post
POST /snap-adapter/b2b2c/v1.0/debit/status HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 263

{
  "partnerReferenceNo": "Transaction ID from partners",
  "serviceCode": "Unique service API “17”",
  "transactionDate": "Transaction date",
  "amount": "Detail amount",
  "additionalInfo": {
    "deviceId": "ID Device user",
    "channel": "Platform user using ( mobile, desktop, etc )"
  }
}
200

OK

{
  "responseCode": 2005500,
  "responseMessage": "Request has been processed successfully",
  "originalReferenceNo": "5b4c663897ff488b9db50f789f0c9079",
  "originalPartnerReferenceNo": "5b4c663897ff488b9db50f789f0c9079",
  "approvalCode": 319955,
  "serviceCode": 17,
  "latestTransactionStatus": 0,
  "transactionStatusDesc": "SUCCESS",
  "originalResponseCode": 2005500,
  "originalResponseMessage": "SUCCESS",
  "transAmount": {
    "value": 0,
    "currency": "IDR"
  },
  "paidTime": "2022-11-16T15:13:00+07:00"
}

14. Cancel Purchase

Partners can cancel the transaction or reverse immediately after successful transaction processing in the DOKU system, it can be used in case of time-out or other problems that occur on the merchant side

POST snap-adapter/b2b2c/v1.0/debit/cancel

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Authorization-CustomerstringRequired

Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C

Body
originalPartnerReferenceNostringRequiredExample: Original Transaction ID from partners
reasonstringRequiredExample: Reason cancelation
Responses
200
OK
application/json
post
POST /snap-adapter/b2b2c/v1.0/debit/cancel HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 142

{
  "originalPartnerReferenceNo": "Original Transaction ID from partners",
  "reason": "Reason cancelation",
  "additionalInfo": "Additional Information"
}
200

OK

{
  "responseCode": 2005700,
  "responseMessage": "Request has been processed successfully",
  "OriginalReferenceNo": "inv_pm_20221019143243557",
  "OriginalPartnerReferenceNo": "inv_pm_20221019143243557",
  "cancelTime": "2022-10-18T11:15:07.376472",
  "transactionDate": "2022-10-18T11:11:00"
}

15. Refund Purchase

Partners can request a refund when the transaction has already settled.

POST snap-adapter/b2b2c/v1.0/debit/refund

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Authorization-CustomerstringRequired

Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C

Body
originalPartnerReferenceNostringRequiredExample: Original Transaction ID from partners
reasonstringRequiredExample: Reason cancelation
partnerRefundNostringRequiredExample: Transaction ID on service consumer system, when for refund payment.
Responses
200
OK
application/json
post
POST /snap-adapter/b2b2c/v1.0/debit/refund HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 230

{
  "originalPartnerReferenceNo": "Original Transaction ID from partners",
  "reason": "Reason cancelation",
  "partnerRefundNo": "Transaction ID on service consumer system, when for refund payment.",
  "additionalInfo": "Additional Information"
}
200

OK

{
  "responseCode": 2005800,
  "responseMessage": "Request has been processed successfully",
  "OriginalReferenceNo": "4f00d3a6819b439580731b7b77dbbf05",
  "OriginalPartnerReferenceNo": "4f00d3a6819b439580731b7b77dbbf05",
  "refundNo": 123456,
  "partnerRefundNo": 123456,
  "refundTime": "2022-11-11T10:02:46+07:00\""
}

16. Transaction History List

This API allows partners to get history from an account with 1 month range time and the oldest transaction is 1 year behind.

POST snap-adapter/b2b2c/v1.0/transaction-history-list

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Authorization-CustomerstringRequired

Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C

Body
partnerReferenceNostringRequiredExample: Activity ID from partners
fromDateTimestringRequiredExample: Starting time range ISO-8601
toDateTimestringRequiredExample: Ending time range ISO-8601
pageSizestringRequiredExample: Maximum number of transaction returned in one pagination Default 10
pageNumberstringRequiredExample: Current page number Default 0
Responses
200
OK
application/json
post
POST /snap-adapter/b2b2c/v1.0/transaction-history-list HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 306

{
  "partnerReferenceNo": "Activity ID from partners",
  "fromDateTime": "Starting time range ISO-8601",
  "toDateTime": "Ending time range ISO-8601",
  "pageSize": "Maximum number of transaction returned in one pagination Default 10",
  "pageNumber": "Current page number Default 0",
  "additionalInfo": "Additional Information"
}
200

OK

{
  "responseCode": 2001200,
  "responseMessage": "Request has been processed successfully",
  "detailData": {
    "dateTime": "2022-11-11T10:51:42+07:00",
    "amount": {
      "value": 1700.77,
      "currency": "IDR"
    },
    "remark": "Get Refund From payment with invoice null",
    "status": "SUCCESS",
    "type": "REFUND"
  },
  "additionalInfo": {
    "refId": "Zqxdxfbs_Bcl1lxCWFjbdA",
    "transactionId": 678354996
  }
}

17. Transaction History Detail

This API allows partners to get transaction details from an account.

POST snap-adapter/b2b2c/v1.0/transaction-history-detail

post
Header parameters
X-TIMESTAMPstringRequired

Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format

X-PARTNER-IDstringRequired

Credential client ID from DOKU

X-EXTERNAL-IDstringRequired

Reference number that should be unique in the same day

X-SIGNATUREstringRequired

SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp

AuthorizationstringRequired

Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B

Authorization-CustomerstringRequired

Represents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C

Body
partnerReferenceNostringRequiredExample: Transaction ID from partners
Responses
200
OK
application/json
post
POST /snap-adapter/b2b2c/v1.0/transaction-history-detail HTTP/1.1
Host: api-sandbox.doku.com
X-TIMESTAMP: text
X-PARTNER-ID: text
X-EXTERNAL-ID: text
X-SIGNATURE: text
Authorization: text
Authorization-Customer: text
Content-Type: application/json
Accept: */*
Content-Length: 53

{
  "partnerReferenceNo": "Transaction ID from partners"
}
200

OK

{
  "responseCode": 2001300,
  "responseMessage": "Request has been processed successfully",
  "referenceNo": "RendH9Bpwly4CDRxzeAXIw",
  "partnerReferenceNo": "e73771a15652c5aace3f05d0feaa8cb82b40e5cd",
  "amount": {
    "value": 10000,
    "currency": "IDR"
  },
  "dateTime": "2022-11-23T18:39:41+07:00",
  "remark": "Transfer Cash Wallet To Bank Account",
  "status": "SUCCESS",
  "type": "SEND_MONEY"
}

Last updated

Was this helpful?