OVO
OVO offers 2 payment schemes, which are; 1) OVO Open API that provides Tokenization scheme, and 2) OVO Recurring that provides Recurring scheme.
Last updated
Was this helpful?
OVO offers 2 payment schemes, which are; 1) OVO Open API that provides Tokenization scheme, and 2) OVO Recurring that provides Recurring scheme.
Last updated
Was this helpful?
Overview of integration process with both OVO Open API and OVO Recurring.
Account Binding process should be done before payment can be made and processed. Merchant will send account binding request from customer to DOKU. The request includes customer's phone number that is registered to customer's OVO account.
Each OVO account can only be bind to one customer on one merchant. Customer needs to do verification for account binding process by inputting OTP and PIN.
Account Binding Flow
API Endpoint
HTTP Method
POST
API Sandbox
API Production
Path
.../direct-debit/core/v1/registration-account-binding
Sample of Request Header, Request Body and Response Body
Notes:
Parameter with (*) is mandatory
Paramater without (*) is optional/conditional
After customer has bind/linked their OVO account, customer can check their account balance infirmation using Balance Inquiry. Merchant will send balance inquiry request from customer to DOKU.
Merchant can also use balance inquiry API to check if customer has sufficient balance before invoking payment process.
Balance Inquiry Flow
API Endpoint
HTTP Method
POST
API Sandbox
API Production
Path
.../direct-debit/core/v1/balance-inquiry
Sample of Request Header, Request Body and Response Body
Notes:
Parameter with (*) is mandatory
Paramater without (*) is optional/conditional
After customer's account is bind/linked and customer has enough balance for payment, merchant can send payment request from customer to DOKU.
In OVO Open API, every payment needs to be verified by customer with inputting OTP and/or PIN. In order to do that, merchant needs to bring parameter paymentType : "SALE"in payment request body.
And as the response, merchant will receive parameter webRedirectUrl to redirect the customer to merchant's page/platform to complete the payment by inputting OTP and/or PIN. After the payment is completed, merchant then will receive the notification.
In OVO Recurring, the payment process will be scheduled. Hence, verification using OTP and/or PIN is not required in every payment. Customers only need to do the verification during account binding process and it will give merchant the authorization to run scheduled payment. In order to do that, merchant needs to bring parameter paymentType : "RECURRING"in payment request body.
And as the response, merchant will not receive parameter webRedirectUrl to redirect the customer to merchant's page/platform to complete the payment. Payment request will be directly processed by acquirer and merchant will receive the notification.
Payment Flow
This below payment flow is for OVO Open API.
HTTP Method
POST
API Sandbox
API Production
Path
.../direct-debit/core/v1/debit/payment-host-to-host
Sample of Request Header, Request Body and Response Body
Notes:
Parameter with (*) is mandatory
Paramater without (*) is optional/conditional
This endpoint is used to create refund request for previous successful payment. Merchant can request a transaction refund to DOKU.
Online Refund Flow
HTTP Method
POST
API Sandbox
API Production
Path
.../direct-debit/core/v1/debit/refund
Sample of Request Header, Request Body and Response Body
Notes:
Parameter with (*) is mandatory
Paramater without (*) is optional/conditional
If a registered customer no longer wants their account/card to be bind/linked and wish to remove themself from DOKU's and merchant’s system, merchant can send account unbinding request that is initiated by customer.
HTTP Method
POST
API Sandbox
API Production
Path
.../direct-debit/core/v1/registration-account-unbinding
Sample of Request Header, Request Body and Response Body
Notes:
Parameter with (*) is mandatory
Paramater without (*) is optional/conditional
After payment is completed, DOKU will send HTTP Notification to merchant's defined Notification URL.Learn how to .
Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000ZAlgorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5Unique ID for a partner (DOKU'S Client ID)
821508239190Numeric String. Reference number that should be unique in the same day (request-id)
418075533589Access Token obtained from Get B2B Token API
95221Phone Number Customer | Format: 628238748728423 | min length: 9 max length: 16 | Mandatory
628238748728423Successful
Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000ZAlgorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5Unique ID for a partner (DOKU'S Client ID)
821508239190Numeric String. Reference number that should be unique in the same day (request-id)
418075533589Access token obtained from B2B2C API
Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9aAccess Token obtained from Get B2B Token API
95221Partner Reference No from partner | max: 64 | Mandatory
INV-0001Fee type from partner | value should be: OUR/BEN/SHA
OURSuccessful
Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000ZAlgorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5Unique ID for a partner (DOKU'S Client ID)
821508239190Numeric String. Reference number that should be unique in the same day (request-id)
418075533589Access Token obtained from Get B2B Token API
95221Partner Reference No Purchase Transaction | max: 32 | Mandatory
INV-0001External ID Purchase Transaction | max: 36 |
REQ-0001Reason from customer | max: 255
Request by CustomerPartner Refund No| max: 64 | Mandatory
INV-REF-0001Successful
Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000ZAlgorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5Unique ID for a partner (DOKU'S Client ID)
821508239190Numeric String. Reference number that should be unique in the same day (request-id)
418075533589Access token obtained from B2B2C API
Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9aAccess Token obtained from Get B2B Token API
Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQSuccessful
Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000ZAlgorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5Unique ID for a partner (DOKU'S Client ID)
821508239190Numeric String. Reference number that should be unique in the same day (request-id)
418075533589Access Token obtained from Get B2B Token API
95221format: Value from getTokenB2B2C | max: 2048 | Mandatory
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTg4MjI3NTQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjAyLTE2OTAyNzUzNTM3OTgiLCJhY2NvdW50SWQiOiJjZTBhZWIyM2YyMmZhOTgxZWViNTE1MjFmZmNkYmUzNyJ9.QZ2z0p2PoCYbuBSId7LleLqTUwNyNIeM1PUSaV4DwGKO05l7xQ3EbpdAPK62hxKNcczKqQqGY2Om6rzS78s2Tj88dkDD2vl46o3xEPd_plqQW8ayFqS74Z_HcFJfdo-egqFv9rAX7qgiE5AJHSx_hFolET9B3o3Jx82lmQutnXOjYb5gW9PV0FCPIZRWOaXppOSJSVcmTvXZxF0KUID9-2QVmQ5aPZroHjShYJKGyUu-1tCPClD_CbZMCi3TxhKLnI3e2oIoK7VjXEsrJjuil8O1zZTT7_aXAGgTu5UcPCrc0U9_3Nj-wQlEjDpedMVypKAWATWBUVpMo2MAsBRDAwSuccessful