OVO Open API

Integration Steps

Here is the overview of how to integrate with OVO Open API :

Account Binding
Check Balance Inquiry
Payment
Acknowledge Payment Notification

1. Account Binding

Merchant can binding OVO account, each OVO account can only binding to one customer on one merchant. Customer need to verify OTP and input PIN on OVO page.

Here is the flow for Account Binding :

API Endpoint

Type

Value

Service Code

HTTP Method

POST

API Endpoint Sandbox

Copy

https://api-sandbox.doku.com/.../

API Endpoint Production

Copy

https://api.doku.com/..../

Path

Copy

/direct-debit/merchant/ovo/v1.0/registration-account-binding

Here are the sample request header, request body and response body for OVO Open API

Register a merchant account for direct debit

post

Required scopes

This endpoint requires the following scopes:

Authorizations

Header parameters

X-TIMESTAMPstring · utc timestampRequired

Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format

Example: 2020-12-21T07:56:11.000Z

X-SIGNATUREstringRequired

Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)

Example: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5

X-PARTNER-IDstringRequired

Unique ID for a partner (DOKU'S Client ID)

Example: 821508239190

X-EXTERNAL-IDstringRequired

Numeric String. Reference number that should be unique in the same day (request-id)

Example: 418075533589

X-DEVICE-IDstringRequired

Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols

Example: 95221

X-IP-ADDRESSstringOptional

conditional. IP address of the end user (customer) using IPv4 format

Example: 95221

AuthorizationstringRequired

Access Token obtained from Get B2B Token API

Example: 95221

Body

phoneNostringRequired

Account phone number | min length: 9 | max length: 16

Example: 62857957868761

Responses

200

Successful registration

application/json

responseCodestringOptionalExample: 2000700

responseMessagestringOptionalExample: Successful

referenceNostringOptionalExample: 129260743966

redirectUrlstringOptionalExample: https://sandbox.doku.com/direct-debit/ui/binding/2238230713001534401107183161486001168389

400

Invalid Field Format

application/json

401

Invalid Token (B2B)

application/json

post

/direct-debit/merchant/allo/v1.0/registration-account-binding

POST /direct-debit/merchant/allo/v1.0/registration-account-binding HTTP/1.1
Host: {api-domain}
X-TIMESTAMP: 2020-12-21T07:56:11.000Z
X-SIGNATURE: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
X-PARTNER-ID: 821508239190
X-EXTERNAL-ID: 418075533589
X-DEVICE-ID: 95221
Authorization: 95221
Content-Type: application/json
Accept: */*
Content-Length: 332

{
  "phoneNo": "62857957868761",
  "additionalInfo": {
    "custIdMerchant": "TEST-123",
    "customerName": "John Doe",
    "email": "[email protected]",
    "idCard": "12345",
    "country": "Indonesia",
    "address": "Bali",
    "dateOfBirth": "19990101",
    "successRegistrationUrl": "https://sandbox.doku.com/bo/login/",
    "failedRegistrationUrl": "https://www.seleniumeasy.com/test"
  }
}

{
  "responseCode": "2000700",
  "responseMessage": "Successful",
  "referenceNo": "129260743966",
  "redirectUrl": "https://sandbox.doku.com/direct-debit/ui/binding/2238230713001534401107183161486001168389",
  "additionalInfo": {
    "custIdMerchant": "CUSTOMER_OVOxDOKU",
    "accountStatus": "PENDING",
    "authCode": "1234123412341234"
  }
}

2. Check Balance Inquiry

Once a customer has linked their account through the OVO platform, merchants can initiate a Balance Inquiry via the this API to obtain accurate and up-to-date account balance information.

Here is the flow for Check Balance Inquiry :

Type

Value

Service Code

HTTP Method

POST

API Endpoint Sandbox

Copy

https://api-sandbox.doku.com/.../

API Endpoint Production

Copy

https://api.doku.com/..../

Path

Copy

/direct-debit/merchant/ovo/v1.0/registration-account-binding

Here is the sample request header, request body and response body for Check Balance Inquiry OVO :

Check Balance API

post

Required scopes

This endpoint requires the following scopes:

Authorizations

Header parameters

X-TIMESTAMPstring · utc timestampRequired

Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format

Example: 2020-12-21T07:56:11.000Z

X-SIGNATUREstringRequired

Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)

Example: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5

X-PARTNER-IDstringRequired

Unique ID for a partner (DOKU'S Client ID)

Example: 821508239190

X-EXTERNAL-IDstringRequired

Numeric String. Reference number that should be unique in the same day (request-id)

Example: 418075533589

X-DEVICE-IDstringRequired

Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols

Example: 95221

X-IP-ADDRESSstringOptional

conditional. IP address of the end user (customer) using IPv4 format

Example: 95221

Authorization-customerstringRequired

Access token obtained from B2B2C API

Example: Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9a

AuthorizationstringRequired

Access Token obtained from Get B2B Token API

Example:

Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQ

Body

anyOptional

Responses

200

Successful Balance Inquiry

application/json

responseCodestringOptionalExample: 2001100

responseMessagestringOptionalExample: Successful

400

Invalid Field Format

application/json

401

Invalid Token (B2B)

application/json

post

/direct-debit/merchant/ovo/v1.0/balance-inquiry

POST /direct-debit/merchant/ovo/v1.0/balance-inquiry HTTP/1.1
Host: {api-domain}
X-TIMESTAMP: 2020-12-21T07:56:11.000Z
X-SIGNATURE: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
X-PARTNER-ID: 821508239190
X-EXTERNAL-ID: 418075533589
X-DEVICE-ID: 95221
Authorization-customer: Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9a
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQ
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

{
  "responseCode": "2001100",
  "responseMessage": "Successful",
  "accountInfos": [
    {
      "balanceType": "CASH",
      "amount": {
        "currency": "IDR",
        "value": "2000000.00"
      }
    },
    {
      "balanceType": "POINTS",
      "amount": {
        "currency": "IDR",
        "value": "2000000.00"
      }
    }
  ]
}

3. Payment

After merchant check the balance, merchant can hit this API to do payment. DOKU will deduct customer's balance.

Here is the flow for Payment OVO :

Here is the sample request header, request body and response body for Payment OVO :

Payment API

post

Required scopes

This endpoint requires the following scopes:

Authorizations

Header parameters

X-TIMESTAMPstring · utc timestampRequired

Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format

Example: 2020-12-21T07:56:11.000Z

X-SIGNATUREstringRequired

Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)

Example: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5

X-PARTNER-IDstringRequired

Unique ID for a partner (DOKU'S Client ID)

Example: 821508239190

X-EXTERNAL-IDstringRequired

Numeric String. Reference number that should be unique in the same day (request-id)

Example: 418075533589

X-DEVICE-IDstringRequired

Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols

Example: 95221

X-IP-ADDRESSstringOptional

conditional. IP address of the end user (customer) using IPv4 format

Example: 95221

Authorization-customerstringRequired

Access token obtained from B2B2C API

Example: Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9a

AuthorizationstringRequired

Access Token obtained from Get B2B Token API

Example:

Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQ

Body

partnerReferenceNostringRequired

Partner Reference Number as Invoice | min length: 1 | max length: 64

Example: SIM_20230829_0001

feeTypestringOptional

Type Of Fee | max length: 3 | value: OUR/BEN/SHA

Example: OUR

Responses

200

Successful Payment

application/json

responseCodestringOptionalExample: 20054000

responseMessagestringOptionalExample: Successful

webRedirectUrlstringOptionalExample: https://sandbox.doku.com/direct-debit/ui/payment/328512651824756285712516

referenceNostringOptionalExample: 1234

400

Invalid Field Format

application/json

401

Invalid Token (B2B)

application/json

post

/direct-debit/merchant/ovo/v1.0/payment-host-to-host

POST /direct-debit/merchant/ovo/v1.0/payment-host-to-host HTTP/1.1
Host: {api-domain}
X-TIMESTAMP: 2020-12-21T07:56:11.000Z
X-SIGNATURE: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
X-PARTNER-ID: 821508239190
X-EXTERNAL-ID: 418075533589
X-DEVICE-ID: 95221
Authorization-customer: Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9a
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQ
Content-Type: application/json
Accept: */*
Content-Length: 564

{
  "partnerReferenceNo": "SIM_20230829_0001",
  "amount": {
    "value": "10000.00",
    "currency": "IDR"
  },
  "feeType": "OUR",
  "payOptionDetails": [
    {
      "payMethod": "CASH",
      "transAmount": {
        "value": "10000.00",
        "currency": "IDR"
      },
      "feeAmount": {
        "value": "1000.00",
        "currency": "IDR"
      }
    }
  ],
  "additionalInfo": {
    "lineItems": [
      {
        "name": "masker",
        "price": "5000.00",
        "quantity": 1
      },
      {
        "name": "aqua",
        "price": "5000.00",
        "quantity": 1
      }
    ],
    "successPaymentUrl": "https://dribbble.com/shots/14575431-Payment-method-success/attachments/6265573?mode=media",
    "failedPaymentUrl": "https://dribbble.com/shots/4756331-Failed-Transaction"
  }
}

{
  "responseCode": "20054000",
  "responseMessage": "Successful",
  "webRedirectUrl": "https://sandbox.doku.com/direct-debit/ui/payment/328512651824756285712516",
  "referenceNo": "1234"
}

4. Acknowledge Payment Notification

After the payment is being made by your customer, DOKU will send HTTP Notification to your defined Notification URL. Learn how to handle the notification from DOKU .

Additional Feature

1. Account Unbinding

Unbinding process

post

Required scopes

This endpoint requires the following scopes:

Authorizations

Header parameters

X-TIMESTAMPstring · utc timestampRequired

Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format

Example: 2020-12-21T07:56:11.000Z

X-SIGNATUREstringRequired

Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)

Example: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5

X-PARTNER-IDstringRequired

Unique ID for a partner (DOKU'S Client ID)

Example: 821508239190

X-EXTERNAL-IDstringRequired

Numeric String. Reference number that should be unique in the same day (request-id)

Example: 418075533589

X-DEVICE-IDstringRequired

Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols

Example: 95221

X-IP-ADDRESSstringOptional

conditional. IP address of the end user (customer) using IPv4 format

Example: 95221

AuthorizationstringRequired

Access Token obtained from Get B2B Token API

Example: 95221

Body

tokenIdstringRequired

DOKU Gateway token | Format : AN

Example: hdiwh3h832d832h382h3duh2

Responses

200

Successful Unbinding

application/json

responseCodestringRequiredExample: 2000900

responseMessagestringRequiredExample: Successful

referenceNostringOptionalExample: 40cd084bdb184ea6ace7bab46ac19d14

400

Invalid Field Format

application/json

401

Invalid Token (B2B)

application/json

post

/direct-debit/ovo/v1.0/registration-account-unbinding

POST /direct-debit/ovo/v1.0/registration-account-unbinding HTTP/1.1
Host: {api-domain}
X-TIMESTAMP: 2020-12-21T07:56:11.000Z
X-SIGNATURE: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
X-PARTNER-ID: 821508239190
X-EXTERNAL-ID: 418075533589
X-DEVICE-ID: 95221
Authorization: 95221
Content-Type: application/json
Accept: */*
Content-Length: 38

{
  "tokenId": "hdiwh3h832d832h382h3duh2"
}

{
  "responseCode": "2000900",
  "responseMessage": "Successful",
  "referenceNo": "40cd084bdb184ea6ace7bab46ac19d14"
}

Previouse-Wallet NextDANA

Last updated 1 year ago

hashtagIntegration Steps

hashtag1. Account Binding

hashtagRegister a merchant account for direct debit

hashtag2. Check Balance Inquiry

hashtagCheck Balance API

hashtag3. Payment

hashtagPayment API

hashtag4. Acknowledge Payment Notification

hashtagAdditional Feature

hashtag1. Account Unbinding

hashtagUnbinding process

Integration Steps

1. Account Binding

Register a merchant account for direct debit

2. Check Balance Inquiry

Check Balance API

3. Payment

Payment API

4. Acknowledge Payment Notification

Additional Feature

1. Account Unbinding

Unbinding process