CIMB Direct Debit
Last updated
Was this helpful?
Last updated
Was this helpful?
Here is the overview of how to integrate with CIMB Direct Debit ::
Merchant can binding CIMB account to customer id, each account can only binding to one customer on one merchant. Customer need to verify OTP and input PIN on CIMB page.
Here is the flow for Account Binding :
API Endpoint
HTTP Method
POST
API Sandbox
API Production
Path
/direct-debit/allo/v1.0/registration-account-binding
Here is the sample request header, request body and response body for Account Binding - CIMB
Once a customer has linked their account through the CIMB platform, merchants needs to verify the account. Merchant can hit this API to verify the OTP :
Here is the flow for OTP Verification :
API Endpoint
HTTP Method
POST
API Sandbox
API Production
Path
/direct-debit/merchant/cimb/v1.0/otp-verification
After merchant check the balance, merchant can hit this API to do payment. DOKU will deduct customer's balance.
Here is the flow for Payment CIMB :
API Endpoint
HTTP Method
POST
API Sandbox
API Production
Path
...../direct-debit/merchant/allo/v1.0/payment/host-to-host
After the payment is being made by your customer, DOKU will send HTTP Notification to your defined Notification URL
. Learn how to handle the notification from DOKU .
Merchant can refund the transaction to DOKU. Hit this API to refund the transaction. Currently DOKU Support Full Refund.
Here is the Refund Flow :
API Endpoint
HTTP Method
POST
API Sandbox
API Production
Path
...../direct-debit/merchant/cimb/v1.0/debit/refund
In case you need to remove the customer data on DOKU, hit this API to unbinding the customer data.
API Endpoint
HTTP Method
POST
API Sandbox
API Production
Path
...../direct-debit/cimb/v1.0/registration-account-unbinding
Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000Z
Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
Unique ID for a partner (DOKU'S Client ID)
821508239190
Numeric String. Reference number that should be unique in the same day (request-id)
418075533589
Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols
95221
conditional. IP address of the end user (customer) using IPv4 format
95221
Access Token obtained from Get B2B Token API
95221
Account phone number | min length: 9 | max length: 16
62857957868761
Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000Z
Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
Unique ID for a partner (DOKU'S Client ID)
821508239190
Numeric String. Reference number that should be unique in the same day (request-id)
418075533589
Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols
95221
conditional. IP address of the end user (customer) using IPv4 format
95221
Access Token obtained from Get B2B Token API
Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQ
CIMB20000001
123456
PAYMENT
Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000Z
Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
Unique ID for a partner (DOKU'S Client ID)
821508239190
Numeric String. Reference number that should be unique in the same day (request-id)
418075533589
Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols
95221
conditional. IP address of the end user (customer) using IPv4 format
95221
Access token obtained from B2B2C API
Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9a
Access Token obtained from Get B2B Token API
Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQ
Partner Reference Number as Invoice | min length: 1 | max length: 64
SIM_20230829_0001
Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000Z
Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
Unique ID for a partner (DOKU'S Client ID)
821508239190
Numeric String. Reference number that should be unique in the same day (request-id)
418075533589
Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols
95221
conditional. IP address of the end user (customer) using IPv4 format
95221
Access token obtained from B2B2C API
Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9a
Access Token obtained from Get B2B Token API
Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQ
Original Partner Reference Number | min length: 1 | max length: 64
INV-592566712725
External Id used on payment| min length: 1 | max length: 36
10052019
Refund Number from merchant | min length: 1 | max length: 64
239850918204981205970
Reason of refund | max length: 255
Customer complain
Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-21T07:56:11.000Z
Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
Unique ID for a partner (DOKU'S Client ID)
821508239190
Numeric String. Reference number that should be unique in the same day (request-id)
418075533589
Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols
95221
conditional. IP address of the end user (customer) using IPv4 format
95221
Access Token obtained from Get B2B Token API
95221
DOKU Gateway token | Format : AN
hdiwh3h832d832h382h3duh2