OVO Open API


Integration Steps

Here is the overview of how to integrate with OVO Open API :

  1. Account Binding

  2. Check Balance Inquiry

  3. Payment

  4. Acknowledge Payment Notification


1. Account Binding

Merchant can binding OVO account, each OVO account can only binding to one customer on one merchant. Customer need to verify OTP and input PIN on OVO page.

Here is the flow for Account Binding :

API Endpoint

Type
Value

Service Code

HTTP Method

POST

API Endpoint Sandbox

Copy

https://api-sandbox.doku.com/.../

API Endpoint Production

Copy

https://api.doku.com/..../

Path

Copy

/direct-debit/merchant/ovo/v1.0/registration-account-binding

Here are the sample request header, request body and response body for OVO Open API

Register a merchant account for direct debit

post
Header parameters
X-TIMESTAMPstring · utc timestampRequired

Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format

Example: 2020-12-21T07:56:11.000Z
X-SIGNATUREstringRequired

Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)

Example: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
X-PARTNER-IDstringRequired

Unique ID for a partner (DOKU'S Client ID)

Example: 821508239190
X-EXTERNAL-IDstringRequired

Numeric String. Reference number that should be unique in the same day (request-id)

Example: 418075533589
X-DEVICE-IDstringRequired

Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols

Example: 95221
X-IP-ADDRESSstringOptional

conditional. IP address of the end user (customer) using IPv4 format

Example: 95221
AuthorizationstringRequired

Access Token obtained from Get B2B Token API

Example: 95221
Body
phoneNostringRequired

Account phone number | min length: 9 | max length: 16

Example: 62857957868761
Responses
200
Successful registration
application/json
post
POST /direct-debit/merchant/allo/v1.0/registration-account-binding HTTP/1.1
Host: {api-domain}
X-TIMESTAMP: 2020-12-21T07:56:11.000Z
X-SIGNATURE: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
X-PARTNER-ID: 821508239190
X-EXTERNAL-ID: 418075533589
X-DEVICE-ID: 95221
Authorization: 95221
Content-Type: application/json
Accept: */*
Content-Length: 332

{
  "phoneNo": "62857957868761",
  "additionalInfo": {
    "custIdMerchant": "TEST-123",
    "customerName": "John Doe",
    "email": "[email protected]",
    "idCard": "12345",
    "country": "Indonesia",
    "address": "Bali",
    "dateOfBirth": "19990101",
    "successRegistrationUrl": "https://sandbox.doku.com/bo/login/",
    "failedRegistrationUrl": "https://www.seleniumeasy.com/test"
  }
}
{
  "responseCode": "2000700",
  "responseMessage": "Successful",
  "referenceNo": "129260743966",
  "redirectUrl": "https://sandbox.doku.com/direct-debit/ui/binding/2238230713001534401107183161486001168389",
  "additionalInfo": {
    "custIdMerchant": "CUSTOMER_OVOxDOKU",
    "accountStatus": "PENDING",
    "authCode": "1234123412341234"
  }
}

2. Check Balance Inquiry

Once a customer has linked their account through the OVO platform, merchants can initiate a Balance Inquiry via the this API to obtain accurate and up-to-date account balance information.

Here is the flow for Check Balance Inquiry :

Type
Value

Service Code

HTTP Method

POST

API Endpoint Sandbox

Copy

https://api-sandbox.doku.com/.../

API Endpoint Production

Copy

https://api.doku.com/..../

Path

Copy

/direct-debit/merchant/ovo/v1.0/registration-account-binding

Here is the sample request header, request body and response body for Check Balance Inquiry OVO :

Check Balance API

post
Header parameters
X-TIMESTAMPstring · utc timestampRequired

Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format

Example: 2020-12-21T07:56:11.000Z
X-SIGNATUREstringRequired

Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)

Example: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
X-PARTNER-IDstringRequired

Unique ID for a partner (DOKU'S Client ID)

Example: 821508239190
X-EXTERNAL-IDstringRequired

Numeric String. Reference number that should be unique in the same day (request-id)

Example: 418075533589
X-DEVICE-IDstringRequired

Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols

Example: 95221
X-IP-ADDRESSstringOptional

conditional. IP address of the end user (customer) using IPv4 format

Example: 95221
Authorization-customerstringRequired

Access token obtained from B2B2C API

Example: Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9a
AuthorizationstringRequired

Access Token obtained from Get B2B Token API

Example: Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQ
Body
anyOptional
Responses
200
Successful Balance Inquiry
application/json
post
POST /direct-debit/merchant/ovo/v1.0/balance-inquiry HTTP/1.1
Host: {api-domain}
X-TIMESTAMP: 2020-12-21T07:56:11.000Z
X-SIGNATURE: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
X-PARTNER-ID: 821508239190
X-EXTERNAL-ID: 418075533589
X-DEVICE-ID: 95221
Authorization-customer: Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9a
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQ
Content-Type: application/json
Accept: */*
Content-Length: 2

{}
{
  "responseCode": "2001100",
  "responseMessage": "Successful",
  "accountInfos": [
    {
      "balanceType": "CASH",
      "amount": {
        "currency": "IDR",
        "value": "2000000.00"
      }
    },
    {
      "balanceType": "POINTS",
      "amount": {
        "currency": "IDR",
        "value": "2000000.00"
      }
    }
  ]
}

3. Payment

After merchant check the balance, merchant can hit this API to do payment. DOKU will deduct customer's balance.

Here is the flow for Payment OVO :

Here is the sample request header, request body and response body for Payment OVO :

Payment API

post
Header parameters
X-TIMESTAMPstring · utc timestampRequired

Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format

Example: 2020-12-21T07:56:11.000Z
X-SIGNATUREstringRequired

Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)

Example: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
X-PARTNER-IDstringRequired

Unique ID for a partner (DOKU'S Client ID)

Example: 821508239190
X-EXTERNAL-IDstringRequired

Numeric String. Reference number that should be unique in the same day (request-id)

Example: 418075533589
X-DEVICE-IDstringRequired

Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols

Example: 95221
X-IP-ADDRESSstringOptional

conditional. IP address of the end user (customer) using IPv4 format

Example: 95221
Authorization-customerstringRequired

Access token obtained from B2B2C API

Example: Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9a
AuthorizationstringRequired

Access Token obtained from Get B2B Token API

Example: Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQ
Body
partnerReferenceNostringRequired

Partner Reference Number as Invoice | min length: 1 | max length: 64

Example: SIM_20230829_0001
feeTypestringOptional

Type Of Fee | max length: 3 | value: OUR/BEN/SHA

Example: OUR
Responses
200
Successful Payment
application/json
post
POST /direct-debit/merchant/ovo/v1.0/payment-host-to-host HTTP/1.1
Host: {api-domain}
X-TIMESTAMP: 2020-12-21T07:56:11.000Z
X-SIGNATURE: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
X-PARTNER-ID: 821508239190
X-EXTERNAL-ID: 418075533589
X-DEVICE-ID: 95221
Authorization-customer: Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9a
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2OTgwNTA3NDMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjExLTE2OTY5MTk2NTE5MTgifQ.x-D5VlK6TlVZbLPUSCr-Gbfgh4tnp0QDJmedYFHJGHFjg1c4x39pszU4sLvRhr0Jk0vKdMIzxUZeNhKoesWqDJitnG3kfrNZNsMb_WYUC0tJW91onXzYOKXiTgsHwRNFoWPQHlXIEtT3RQm-SRlCpk_E0gsavgkQn2-kbJEBnPhIs4eKg5IUY9GYi4hRr-_GHsudDl8sd2B5UBB_rHYq36BRmLXH7i7MQADHPsB1ktPVgk3ZWF0jebEjI-lJ88p-omL1vQNvRseXej2HKBa9chGLmPDvXYBQaRmmstHz-tv1boFrHfwsHJebcUec-i3WE1vMvP_3EPXdbqb45N4ciQ
Content-Type: application/json
Accept: */*
Content-Length: 564

{
  "partnerReferenceNo": "SIM_20230829_0001",
  "amount": {
    "value": "10000.00",
    "currency": "IDR"
  },
  "feeType": "OUR",
  "payOptionDetails": [
    {
      "payMethod": "CASH",
      "transAmount": {
        "value": "10000.00",
        "currency": "IDR"
      },
      "feeAmount": {
        "value": "1000.00",
        "currency": "IDR"
      }
    }
  ],
  "additionalInfo": {
    "lineItems": [
      {
        "name": "masker",
        "price": "5000.00",
        "quantity": 1
      },
      {
        "name": "aqua",
        "price": "5000.00",
        "quantity": 1
      }
    ],
    "successPaymentUrl": "https://dribbble.com/shots/14575431-Payment-method-success/attachments/6265573?mode=media",
    "failedPaymentUrl": "https://dribbble.com/shots/4756331-Failed-Transaction"
  }
}
{
  "responseCode": "20054000",
  "responseMessage": "Successful",
  "webRedirectUrl": "https://sandbox.doku.com/direct-debit/ui/payment/328512651824756285712516",
  "referenceNo": "1234"
}

4. Acknowledge Payment Notification

After the payment is being made by your customer, DOKU will send HTTP Notification to your defined Notification URL. Learn how to handle the notification from DOKU .

Additional Feature

1. Account Unbinding

Unbinding process

post
Header parameters
X-TIMESTAMPstring · utc timestampRequired

Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format

Example: 2020-12-21T07:56:11.000Z
X-SIGNATUREstringRequired

Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)

Example: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
X-PARTNER-IDstringRequired

Unique ID for a partner (DOKU'S Client ID)

Example: 821508239190
X-EXTERNAL-IDstringRequired

Numeric String. Reference number that should be unique in the same day (request-id)

Example: 418075533589
X-DEVICE-IDstringRequired

Device identification on which the API services are currently being accessed by the end user (customer). Can’t contain symbols

Example: 95221
X-IP-ADDRESSstringOptional

conditional. IP address of the end user (customer) using IPv4 format

Example: 95221
AuthorizationstringRequired

Access Token obtained from Get B2B Token API

Example: 95221
Body
tokenIdstringRequired

DOKU Gateway token | Format : AN

Example: hdiwh3h832d832h382h3duh2
Responses
200
Successful Unbinding
application/json
post
POST /direct-debit/ovo/v1.0/registration-account-unbinding HTTP/1.1
Host: {api-domain}
X-TIMESTAMP: 2020-12-21T07:56:11.000Z
X-SIGNATURE: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
X-PARTNER-ID: 821508239190
X-EXTERNAL-ID: 418075533589
X-DEVICE-ID: 95221
Authorization: 95221
Content-Type: application/json
Accept: */*
Content-Length: 38

{
  "tokenId": "hdiwh3h832d832h382h3duh2"
}
{
  "responseCode": "2000900",
  "responseMessage": "Successful",
  "referenceNo": "40cd084bdb184ea6ace7bab46ac19d14"
}

Last updated

Was this helpful?