Tokenization V1

Requirements

Make sure you have integrated with either Credit Card or Direct Debit
Make sure that you sent customer.id parameter on the request to DOKU in order to activate the tokenization feature

Integration steps

Get token list
Show token list to the customer
Use the token for future payment

1. Get token list

To get token list, you will need to hit this API through your backend:

API Request

Type Value

Type	Value
HTTP Method	POST
API endpoint (Sandbox)	`https://api-sandbox.doku.com/tokenization/v1/tokens`
API endpoint (Production)	`https://api.doku.com/tokenization/v1/tokens`

HTTP Method

POST

API endpoint (Sandbox)

https://api-sandbox.doku.com/tokenization/v1/tokens

API endpoint (Production)

https://api.doku.com/tokenization/v1/tokens

Here is the sample of request header to generate payment URL:

Client-Id: MCH-0001-10791114622547
Request-Id: 9716a8cb-5ec1-4f8f-b72c-cd25975bafff
Request-Timestamp: 2020-08-11T08:45:42Z
Signature: HMACSHA256=9UPUFzOqJc47aJzD9ESOTcWg6TMsg3mqSP+DnUO8ENE=

Request Header Explanation

Parameter	Description
Client-Id	Client ID retrieved from DOKU Back Office
Request-Id	Unique random string (max 128 characters) generated from merchant side to protect duplicate request
Request-Timestamp	Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z
Signature	Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to this section to generate the signature

Parameter

Description

Client-Id

Client ID retrieved from DOKU Back Office

Request-Id

Unique random string (max 128 characters) generated from merchant side to protect duplicate request

Request-Timestamp

Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z

Signature

Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to this section to generate the signature

Here is the sample request body to get token list:

{
    "customer": {
        "id": "CUST-0001"
    },
    "token_data": {
        "type": "DIRECT_DEBIT"
    }
}

Request Body Explanation

Parameter Type Mandatory Description

Parameter	Type	Mandatory	Description
`customer.id`	`string`	Mandatory	Unique customer identifier generated by merchant. Allowed chars: `alphabetic, numeric, special chars` Max Length: `50`
`token_data.type`	`string`	Optional	Token type, if not specified then return all type of tokens Possible value: `DIRECT_DEBIT, CREDIT_CARD`

customer.id

string

Mandatory

Unique customer identifier generated by merchant. Allowed chars: alphabetic, numeric, special chars Max Length: 50

token_data.type

string

Optional

Token type, if not specified then return all type of tokens Possible value: DIRECT_DEBIT, CREDIT_CARD

API Response

After hitting the above API request, DOKU will give the response.

Type	Value
HTTP Status	200
Result	SUCCESS

Type

Value

HTTP Status

200

Result

SUCCESS

Here is the sample response header:

Client-Id: MCH-0001-10791114622547
Request-Id: 9716a8cb-5ec1-4f8f-b72c-cd25975bafff
Response-Timestamp: 2020-08-11T08:45:42Z
Signature: HMACSHA256=1jap2tpgvWt83tG4J7IhEwUrwmMt71OaIk0oL0e6sPM=

Response Header Explanation

Client-Id

Same as the request

Request-Id

Same as the request

Response-Timestamp

Timestamp Response on UTC with format ISO8601 UTC+0 from DOKU

Signature

Signature generated by DOKU based on the response body

Here is the sample of response body:

[
    {
        "token_data": {
            "type": "DIRECT_DEBIT"
        },
        "customer": {
            "id": "CUST-0001",
            "name": "Anton Budiman"
        },
        "debit_card": {
            "issuer": "BRI",
            "token_id": "243591d7e49f45109961581718c3ef82",
            "masked_card": "*********8982",
        }
    },
    {
        "token_data": {
            "type": "DIRECT_DEBIT"
        },
        "customer": {
            "id": "CUST-0001",
            "name": "Anton Budiman"
        },
        "debit_card": {
            "issuer": "BRI",
            "token_id": "05fc9236261381647e24a14a691e1590",
            "masked_card": "*********8981",
        }
    },
    {
        "token_data": {
            "type": "CREDIT_CARD"
        },
        "customer": {
            "id": "CUST-0001",
            "name": "Anton Budiman"
        },
        "credit_card": {
            "issuer": "BCA",
            "token_id": "4bc187a24c60fc88977604d170eea4a5",
            "masked_card": "4096****5464",
            "brand": "visa"
        }
    }
]

Response Body Explanation

Parameter Type Mandatory Description

Parameter	Type	Mandatory	Description
`token_data.type`	`string`	Mandatory	Token type: `DIRECT_DEBIT, CREDIT_CARD`
`customer.id`	`string`	Mandatory	Same as the request
`customer.name`	`string`	Optional	Customer name saved on DOKU
`debit_card.issuer`	`string`	Mandatory	Issuer of the debit card
`debit_card.token_id`	`string`	Mandatory	Token generated by DOKU. Use this value when hit request to DOKU for payment request Possible value: `alphabetic, numeric, special characters` Max length: `256`
`debit_card.masked_card`	`string`	Mandatory	Debit card number masked
`credit_card.issuer`	`string`	Mandatory	Issuer of the credit card
`credit_card.token_id`	`string`	Mandatory	Token generated by DOKU. Use this value when hit request to DOKU for payment request Possible value: `alphabetic, numeric, special characters` Max length: `256`
`credit_card.masked_card`	`string`	Mandatory	Credit card number masked
`credit_card.brand`	`string`	Optional	Principal of the credit card

token_data.type

string

Mandatory

Token type: DIRECT_DEBIT, CREDIT_CARD

customer.id

string

Mandatory

Same as the request

customer.name

string

Optional

Customer name saved on DOKU

debit_card.issuer

string

Mandatory

Issuer of the debit card

debit_card.token_id

string

Mandatory

Token generated by DOKU. Use this value when hit request to DOKU for payment request Possible value: alphabetic, numeric, special characters Max length: 256

debit_card.masked_card

string

Mandatory

Debit card number masked

credit_card.issuer

string

Mandatory

Issuer of the credit card

credit_card.token_id

string

Mandatory

Token generated by DOKU. Use this value when hit request to DOKU for payment request Possible value: alphabetic, numeric, special characters Max length: 256

credit_card.masked_card

string

Mandatory

Credit card number masked

credit_card.brand

string

Optional

Principal of the credit card

2. Show Token List to your customer

You can save the debit_card.token_id and credit_card.token_id to your system along with the customer.id, so that the customer will be associated with their respective tokens.

3. Use token for future payment

You can send then the token_id along with the payment request. Learn more for each payment channel:

PreviousNon-SNAP Nexte-Wallet

Last updated 4 months ago

Requirements​

Integration steps​

1. Get token list​

2. Show Token List to your customer​

3. Use token for future payment​

Requirements

Integration steps

1. Get token list

2. Show Token List to your customer

3. Use token for future payment