CIMB Direct Debit
Last updated
Was this helpful?
Last updated
Was this helpful?
Here is the overview of how to integrate with CIMB Direct Debit ::
Merchant can binding CIMB account to customer id, each account can only binding to one customer on one merchant. Customer need to verify OTP and input PIN on CIMB page.
Here is the flow for Account Binding :
API Endpoint
HTTP Method
POST
API Sandbox
API Production
Path
/direct-debit/allo/v1.0/registration-account-binding
Here is the sample request header, request body and response body for Account Binding - CIMB
Once a customer has linked their account through the CIMB platform, merchants needs to verify the account. Merchant can hit this API to verify the OTP :
Here is the flow for OTP Verification :
API Endpoint
HTTP Method
POST
API Sandbox
API Production
Path
/direct-debit/merchant/cimb/v1.0/otp-verification
After merchant check the balance, merchant can hit this API to do payment. DOKU will deduct customer's balance.
Here is the flow for Payment CIMB :
API Endpoint
HTTP Method
POST
API Sandbox
API Production
Path
...../direct-debit/merchant/allo/v1.0/payment/host-to-host
After the payment is being made by your customer, DOKU will send HTTP Notification to your defined Notification URL. Learn how to handle the notification from DOKU .
Merchant can refund the transaction to DOKU. Hit this API to refund the transaction. Currently DOKU Support Full Refund.
Here is the Refund Flow :
API Endpoint
HTTP Method
POST
API Sandbox
API Production
Path
...../direct-debit/merchant/cimb/v1.0/debit/refund
In case you need to remove the customer data on DOKU, hit this API to unbinding the customer data.
API Endpoint
HTTP Method
POST
API Sandbox
API Production
Path
...../direct-debit/cimb/v1.0/registration-account-unbinding
Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000ZAlgorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5Unique ID for a partner (DOKU'S Client ID)
821508239190Numeric String. Reference number that should be unique in the same day (request-id)
418075533589Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols
95221conditional. IP address of the end user (customer) using IPv4 format
95221Access Token obtained from Get B2B Token API
95221Account phone number | min length: 9 | max length: 16
62857957868761Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000ZAlgorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5Unique ID for a partner (DOKU'S Client ID)
821508239190Numeric String. Reference number that should be unique in the same day (request-id)
418075533589Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols
95221conditional. IP address of the end user (customer) using IPv4 format
95221Access Token obtained from Get B2B Token API
Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQCIMB20000001123456PAYMENTClient's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000ZAlgorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5Unique ID for a partner (DOKU'S Client ID)
821508239190Numeric String. Reference number that should be unique in the same day (request-id)
418075533589Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols
95221conditional. IP address of the end user (customer) using IPv4 format
95221Access token obtained from B2B2C API
Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9aAccess Token obtained from Get B2B Token API
Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQPartner Reference Number as Invoice | min length: 1 | max length: 64
SIM_20230829_0001Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000ZAlgorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5Unique ID for a partner (DOKU'S Client ID)
821508239190Numeric String. Reference number that should be unique in the same day (request-id)
418075533589Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols
95221conditional. IP address of the end user (customer) using IPv4 format
95221Access token obtained from B2B2C API
Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9aAccess Token obtained from Get B2B Token API
Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQOriginal Partner Reference Number | min length: 1 | max length: 64
INV-592566712725External Id used on payment| min length: 1 | max length: 36
10052019Refund Number from merchant | min length: 1 | max length: 64
239850918204981205970Reason of refund | max length: 255
Customer complainClient's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000ZAlgorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5Unique ID for a partner (DOKU'S Client ID)
821508239190Numeric String. Reference number that should be unique in the same day (request-id)
418075533589Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols
95221conditional. IP address of the end user (customer) using IPv4 format
95221Access Token obtained from Get B2B Token API
95221DOKU Gateway token | Format : AN
hdiwh3h832d832h382h3duh2