Embedded Wallet
Integration Steps
1. Requirement
2. Signature
X-Signature ONLY for Get Token B2B and B2B2C
X-Signature for Others API B2B / B2B2C
3. Token
a. Token B2B
Credential partner from DOKU
BRN-0256-1676878043376Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Algorithm symmetric signature SHA256withRSA(PrivateKey, StringToSign) SHA256withRSA is used to generate the signature with your Private Key. Generate StringToSign : StringToSign = client_ID+"|"+X-TIMESTAMP
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Grant type for get access token B2B"
client_credentialsOK
2007300SuccessfuleyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2NjYxNjU0NTYsIm5iZiI6MTY2NjE2NDU1NiwiaXNzIjoiRE9L VSIsImlhdCI6MTY2NjE2NDU1NiwianRpIjoiNzRmYmEyYzQtODlmZi00YTFhLWI2NWItMWExZTYwMmZmMj NjIiwiY2xpZW50SWQiOiIzMTg5In0.l-Nv7ajrTtscfRpDK2E7HY_8YN46Fb5KJfIoLB5M5fKzjwWfiYBE mx1gHRoilXhV4v-mAoa7ZTHgmIPW5WJHhNBI-5203fPyhvvkyK7ZgglB4rV7s3gzD9BWh8qm109Qj34PH1 IYQZyw02KOiOq3G1Hs_FKtBlcR9me1S_IlF2ar4uENMfL-wt2_rESU3u9lMm85imDfohSHVRANk1IJjONo VktRVBACZVxR1jOgVs-y-LTEkIETxXf7_JQGAfRbc5ezuj_lN8Zl0Vy70ZMGDAlZZwH2CRL9pBZCdpJLlQ 8-b1OWXEd_QXdFZU-jtyBGw5bxRy0wiWxKo5h68i77gABearer900OK
b. Token B2B2C
Credential partner from DOKU
BRN-0256-1676878043376Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Algorithm symmetric signature SHA256withRSA(PrivateKey, StringToSign) SHA256withRSA is used to generate the signature with your Private Key. Generate StringToSign : StringToSign = client_ID+"|"+X-TIMESTAMP
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Grant type for get access token B2B2C
authorization_codeAuthorization code that you get from redirect url after user login and consent
cfb5de1a-6a40-40e0-8549-0634bcaed8edOK
2007400SuccessfuleyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2Njg1MDI4ODMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IjI5 NjUiLCJhZGRpdGlvbmFsRGF0YSI6IntcImFjY291bnRJZFwiOlwiMTEzMDk2MjY0MlwifSJ9.HA91xn5bL tnp8pytgdQE0wo20yiFdDGfHGSBowm9KyMIdCvk6nrZKJCv3eSB7J7mqJwJ0IvnmU0CJQG2O6adzmNLeqL TXcigmED6b9zVd7A_JQPyg0w-GagP3QnTA0Z859vPgqGZQokRAgSrsmj026V5aFEIbdtyk-C44ESj31nmz D8twtyqWgY0hB7UG_TjL093tWYW3VIK-TZepuzdT24l996CriLjcIkLnSXj6LakkCLkKxG229QHtE6fkeu uTSgCgQWZvMAW3Id9sghqKL0IaFP4wlUfH0AFpPzrB059QT6sHxHQJfNd64FUV_n5jvF7AyQ4zHiImUGXx lKzJgBearer2022-11-15T16:01:23+07:00eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2Njk3OTg4ODMsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IjI5 NjUiLCJhZGRpdGlvbmFsRGF0YSI6IjFiNjRjNGM2LTdhMzYtNGEyMy04OGRiLWRmMzIxMmFkZDg1MCJ9.R o3EzNpe6xUrWggeSOfC4whcdEpVsPXnl6SPrWO63QO7b4nE0azgsCe0lSkJ9wW6KtA42fiHZiXBdZe8PJX L5zthbfdkt1DoZW73WW26uyiZSNZxifWGhURiDhAzbVGTvdAjdDosRQnTgaQhNWfOyKd6ZW0gGuneyfkvX otffNQ5yAKDqDcNxkvr1WFC_gTHL50F6eWIi-uwgwSO_BORk_76zJiJ_iVGmMz6ArZFzN7NgD-xQlko3q_ ivj9ZKh4Awy7SHI5gsfdq4RSLJyy9me-dh5smwj2mniVVbwVeod0DVsNfkgfmF6cBesaz0ufBctx3119LP c-lSQE-65028Q2022-11-30T16:01:23+07:00OK
4. Account
a. Account Creation
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQf1a69bce-41bc-4abd-8c5c-01910574e404SNAPaccount1123001081212340010[email protected]https://doku.comOK
2000600Request has been processed successfullyd2059e29-aebe-4c60-be56-936f85f230e1f1a69bce-41bc-4abd-8c5c-01910574e404OK
b. Request OTP
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQActivity ID partners from request Account Creation / Account Unbinding
AccountSNAP0002DOKU
DOKUAn identifier to uniquly identify a journey. On the first request of the journey, this must be equal to the X-EXTERNAL-ID.
BRN-0229-1689238428325_1692351887640OK
Respond Code for Result API
2008100Detailed Response Message
Request has been processed successfullyActivity ID from partners
f139057a-39f6-468d-a9ec-c30987b6752dActivity ID from DOKU
7f153090-68c5-4f4b-8902-ef779340818bString code for verification OTP
2db4fbf7e00b9931337f6e912c304f9de5c31a60OK
c. Verify OTP
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQActivity ID partners from request AccountCreation
f1a69bce-41bc-4abd-8c5c-01910574e404Activity ID DOKU from respond AccountCreation
934fbec9-2f65-40e1-b7fa-71e62536b83cOne Time Password entered by the user
989029OK
2000400Request has been processed successfullyf139057a-39f6-468d-a9ec-c30987b6752d7f153090-68c5-4f4b-8902-ef779340818b[email protected]857100006YEShttps://sandbox.doku.com/snap-adapter-webview/create-pinOK
d. Account Binding
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQActivity ID partners from request AccountCreation
f1a69bce-41bc-4abd-8c5c-01910574e404Partner URL when user finish binding
https://partner.com/redirectOK
2000700Request has been processed successfully934fbec9-2f65-40e1-b7fa-71e62536b83c478c40b2-e8af-49ed-bd6c-c36aa3a27ef71669794770461PTWZy7qpYcghttps://sandbox.doku.com/snap-adapter-webview/account-binding?token=eyJhbGciOiJI UzUxMiJ9.eyJyZWRpc19rZXlfaWQiOiJzbmFwLWFkYXB0ZXI6OmFjY291bnQtYmluZGluZzo6YXV0aGVu dGljYXRpb246OjYyODEyMTIzNDAwMTAxMTIwMzQwMDEwLTQ3OGM0MGIyLWU4YWYtNDllZC1iZDZjLWMzN mFhM2EyN2VmNyIsImNyZWF0ZWQiOjE2Njk3OTQ3NzA2ODQsImV4cCI6MTY2OTg4MTE3MH0.j9IzFhlw-g -t861S4f76B_k_jy-E_XvkFX1HxDdxD9V7sz49u7rPbuG8XadlPE7aOSsG7E4QjYGbUZIgH9LcNw&phon eNo=6281*****0010https://dwidobelyu-doku.free.beeceptor.comOK
e. Query Account Binding
Additional Info
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQIdentifier activity ID from partners
f1a69bce-41bc-4abd-8c5c-01910574e404OK
2000800Request has been processed successfully0987dc7e-a391-420a-887a-425595acaabd"f314e49a-c2e8-4db1-bbac-335120ea6a731508091937OK
f. Account Unbinding
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQIdentifier activity ID from partners
f1a69bce-41bc-4abd-8c5c-01910574e404Identifier provided from Account Binding
1669794770461PTWZy7qpY2dCredential client ID from DOKU
3189OK
2000900Request has been processed successfully8f560a36-fc69-407a-9b62-6565d15263b2f68f64b5-842e-4298-87c4-6ee7bd2024673189SnpFXl9hINuzcA9gxGwgcJk8inProgressOK
g. Balance Inquiry
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3NTEwOTMxMTYsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYiLCJhY2NvdW50SWQiOiIxMTMwOTYyNjQyIn0.obDKu1k0ioPnAy89PzdhOx9w5ZqqTN_0I26A_N5MgXbxub8szGpwpsaZD5lNme9CMydJT8pBr4cuYb1uU-FUbAVg2I9OsEmioHLHHUhbAhfykOREOm9PXkU4A3e3_7jjt77XuJGTat-0ZG1tGn21GNbaCUa4TswE61PcUu-XM7rPoOSZkwxR_YPg7vWrR9cSNIJV3iECWGWD-t_cGgbi0Jt3Yj-eCA9JIjQGa9o8fPwvW1xmWLcLw6MhUdppYLphd5ulhLTCLeI4wpr8RXP9Kq0K0trcEBrVDFELD9PykcPuG8A_yW8lgjoTcJaep85CHlS07w-9TakwEND0Wu4Y8wActivity ID from partnersOK
Respond Code for Result API
2001100Detailed Response Message
Request has been processed successfully9e5bfe5d-6270-4737-ad45-1091f97c8b6d1eb0db4aa2e642208e71e9252428d91217139626343John DoeOK
5. Authorize Payment and Capture
a. Auth Payment
client_ID or Partner_ID from DOKU
BRN-001-0000000001Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-23T08:58:11+07:00Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Reference number that should be unique in the same day (request-id)
41807553358950093184162180797837Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
“Bearer xxxTheTokenxxxRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
“Bearer xxxTheTokenxxxPartner's reference number for the transaction.
2020102900000000000001Unique ID for a partner (DOKU'S Client ID)
BRN-001-1234567890123410000.00Merchant category code.
5743Payment authorized successfully.
Response code indicating status of transaction.
2006300Response description.
Request has been processed successfullyDOKU reference number that only filled upon successful transaction.
2020102977770000000009Partner's reference number for the transaction.
202010290000000000000110000.00Transaction paid time. Format paid time : (ISO 8601) YYYY-MM-DDThh:mm:ss
2009-07-03T12:08:56+07:00Bad request.
Internal server error.
b. Capture Payment
client_ID or Partner_ID from DOKU
BRN-001-0000000001Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-23T08:58:11+07:00Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Reference number that should be unique in the same day (request-id)
41807553358950093184162180797837Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
“Bearer xxxTheTokenxxxRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
“Bearer xxxTheTokenxxxDOKU reference number that only filled upon successful transaction.
2020102977770000000009Partner's reference number for the transaction.
2020102900000000000001Unique ID for a partner (DOKU'S Client ID)
BRN-001-12345678901234Capture identifier generated by the partner / merchant.
0000710001012344Capture title
ConfirmedGoods ID.
falsePayment capture successfully.
2006500Response description.
Request has been processed successfullyDOKU reference number that only filled upon successful transaction.
2020102977770000000009Partner's reference number for the transaction.
202010290000000000000110000.00Transaction paid time. Format paid time : (ISO 8601) YYYY-MM-DDThh:mm:ss
2009-07-03T12:08:56+07:00Bad request.
Internal server error.
c. Void Auth Payment
client_ID or Partner_ID from DOKU
BRN-001-0000000001Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-23T08:58:11+07:00Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Reference number that should be unique in the same day (request-id)
41807553358950093184162180797837Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
“Bearer xxxTheTokenxxxRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
“Bearer xxxTheTokenxxxDOKU reference number that only filled upon successful transaction.
2020102977770000000009Partner's reference number for the transaction.
2020102900000000000001Unique ID for a partner (DOKU'S Client ID)
BRN-001-12345678901234Void identifier generated by the partner / merchant.
0000710001012344reason cancel of transaction.
-void successfully.
2006700Response description.
Request has been processed successfullyDOKU reference number that only filled upon successful transaction.
2020102977770000000009Partner's reference number for the transaction.
2020102900000000000001Void Number identifier generated by DOKU.
202010173821904898012234423Void identifier generated by the partner / merchant.
0000710001012344Transaction paid time. Format paid time : (ISO 8601) YYYY-MM-DDThh:mm:ss
2009-07-03T12:08:56+07:00Bad request.
Internal server error.
6. Purchase
a. Purchase Web
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3NTEwOTMxMTYsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYiLCJhY2NvdW50SWQiOiIxMTMwOTYyNjQyIn0.obDKu1k0ioPnAy89PzdhOx9w5ZqqTN_0I26A_N5MgXbxub8szGpwpsaZD5lNme9CMydJT8pBr4cuYb1uU-FUbAVg2I9OsEmioHLHHUhbAhfykOREOm9PXkU4A3e3_7jjt77XuJGTat-0ZG1tGn21GNbaCUa4TswE61PcUu-XM7rPoOSZkwxR_YPg7vWrR9cSNIJV3iECWGWD-t_cGgbi0Jt3Yj-eCA9JIjQGa9o8fPwvW1xmWLcLw6MhUdppYLphd5ulhLTCLeI4wpr8RXP9Kq0K0trcEBrVDFELD9PykcPuG8A_yW8lgjoTcJaep85CHlS07w-9TakwEND0Wu4Y8wTransaction ID from partners
f1a69bce-41bc-4abd-8c5c-01910574e404Charge token for the transaction
2db4fbf7e00b9931337f6e912c304f9de5c31a606067OK
2005400Request has been processed successfullyc8c73c4635794cdcae7d9fe325251088c8c73c4635794cdcae7d9fe325251088https://sandbox.doku.com/snap-adapter-webview/direct-debit?token=eyJhbGciOiJIUzU xMiJ9.eyJyZWRpc19rZXlfaWQiOiJzbmFwLWFkYXB0ZXI6OmRpcmVjdC1kZWJpdDo6MTQ1NTM0MDAwNC1 jOGM3M2M0NjM1Nzk0Y2RjYWU3ZDlmZTMyNTI1MTA4OCIsImNyZWF0ZWQiOjE2NjkwODc0OTI1MTgsImV4 cCI6MTY2OTE3Mzg5Mn0.wIL92PT2km7rQ0oHWytEVknE0X6URdIJz4f7s-TQ9E3uH4txLGo2a-GMYdh-w acTcXjl252XS87_634ajnM_dgOK
b. Query Purchase
client_ID or Partner_ID from DOKU
BRN-001-0000000001Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format
2020-12-23T08:58:11+07:00Algorithm symmetric signature HMAC_SHA512 (clientSecret, stringToSign)
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Reference number that should be unique in the same day (request-id)
41807553358950093184162180797837Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
“Bearer xxxTheTokenxxxDOKU reference number that only filled upon successful transaction.
2020102977770000000009Partner's reference number for the transaction.
2020102900000000000001Unique ID for a partner (DOKU'S Client ID)
BRN-001-12345678901234Unique service API
67Payment authorized successfully.
Response code indicating status of transaction.
2006300Response description.
Request has been processed successfullyDOKU reference number that only filled upon successful transaction.
2020102977770000000009Partner's reference number for the transaction.
2020102900000000000001Unique service API
67Unique service API
0510000.00CanceledTransaction paid time. Format paid time : (ISO 8601) YYYY-MM-DDThh:mm:ss
2009-07-03T12:08:56+07:00Bad request.
Internal server error.
c. Cancel Purchase
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3NTEwOTMxMTYsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYiLCJhY2NvdW50SWQiOiIxMTMwOTYyNjQyIn0.obDKu1k0ioPnAy89PzdhOx9w5ZqqTN_0I26A_N5MgXbxub8szGpwpsaZD5lNme9CMydJT8pBr4cuYb1uU-FUbAVg2I9OsEmioHLHHUhbAhfykOREOm9PXkU4A3e3_7jjt77XuJGTat-0ZG1tGn21GNbaCUa4TswE61PcUu-XM7rPoOSZkwxR_YPg7vWrR9cSNIJV3iECWGWD-t_cGgbi0Jt3Yj-eCA9JIjQGa9o8fPwvW1xmWLcLw6MhUdppYLphd5ulhLTCLeI4wpr8RXP9Kq0K0trcEBrVDFELD9PykcPuG8A_yW8lgjoTcJaep85CHlS07w-9TakwEND0Wu4Y8wOriginal Transaction ID from partners
5b4c663897ff488b9db50f789f0c9079Reason cancelation
Customer request cancelationOK
2005700Request has been processed successfullyinv_pm_20221019143243557inv_pm_202210191432435572022-10-18T11:15:07.3764722022-10-18T11:11:00OK
d. Refund Purchase
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3NTEwOTMxMTYsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYiLCJhY2NvdW50SWQiOiIxMTMwOTYyNjQyIn0.obDKu1k0ioPnAy89PzdhOx9w5ZqqTN_0I26A_N5MgXbxub8szGpwpsaZD5lNme9CMydJT8pBr4cuYb1uU-FUbAVg2I9OsEmioHLHHUhbAhfykOREOm9PXkU4A3e3_7jjt77XuJGTat-0ZG1tGn21GNbaCUa4TswE61PcUu-XM7rPoOSZkwxR_YPg7vWrR9cSNIJV3iECWGWD-t_cGgbi0Jt3Yj-eCA9JIjQGa9o8fPwvW1xmWLcLw6MhUdppYLphd5ulhLTCLeI4wpr8RXP9Kq0K0trcEBrVDFELD9PykcPuG8A_yW8lgjoTcJaep85CHlS07w-9TakwEND0Wu4Y8wOriginal Transaction ID from partners
5b4c663897ff488b9db50f789f0c9079Reason for refund
Customer request refundTransaction ID on service consumer system, when for refund payment.
123456OK
2005800Request has been processed successfully4f00d3a6819b439580731b7b77dbbf054f00d3a6819b439580731b7b77dbbf051234561234562022-11-11T10:02:46+07:00"OK
7. Transaction History
a. Transaction History List
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3NTEwOTMxMTYsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYiLCJhY2NvdW50SWQiOiIxMTMwOTYyNjQyIn0.obDKu1k0ioPnAy89PzdhOx9w5ZqqTN_0I26A_N5MgXbxub8szGpwpsaZD5lNme9CMydJT8pBr4cuYb1uU-FUbAVg2I9OsEmioHLHHUhbAhfykOREOm9PXkU4A3e3_7jjt77XuJGTat-0ZG1tGn21GNbaCUa4TswE61PcUu-XM7rPoOSZkwxR_YPg7vWrR9cSNIJV3iECWGWD-t_cGgbi0Jt3Yj-eCA9JIjQGa9o8fPwvW1xmWLcLw6MhUdppYLphd5ulhLTCLeI4wpr8RXP9Kq0K0trcEBrVDFELD9PykcPuG8A_yW8lgjoTcJaep85CHlS07w-9TakwEND0Wu4Y8wActivity ID from partners
5b4c663897ff488b9db50f789f0c9079Starting time range ISO-8601
2022-11-01T00:00:00+07:00Ending time range ISO-8601
2022-11-30T23:59:59+07:00Maximum number of transaction returned in one pagination Default 10
10Current page number Default 0
0OK
2001200Request has been processed successfullyOK
b. Transaction History Detail
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3NTEwOTMxMTYsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYiLCJhY2NvdW50SWQiOiIxMTMwOTYyNjQyIn0.obDKu1k0ioPnAy89PzdhOx9w5ZqqTN_0I26A_N5MgXbxub8szGpwpsaZD5lNme9CMydJT8pBr4cuYb1uU-FUbAVg2I9OsEmioHLHHUhbAhfykOREOm9PXkU4A3e3_7jjt77XuJGTat-0ZG1tGn21GNbaCUa4TswE61PcUu-XM7rPoOSZkwxR_YPg7vWrR9cSNIJV3iECWGWD-t_cGgbi0Jt3Yj-eCA9JIjQGa9o8fPwvW1xmWLcLw6MhUdppYLphd5ulhLTCLeI4wpr8RXP9Kq0K0trcEBrVDFELD9PykcPuG8A_yW8lgjoTcJaep85CHlS07w-9TakwEND0Wu4Y8wTransaction ID from partners
f1a69bce-41bc-4abd-8c5c-01910574e404OK
2001300Request has been processed successfullyRendH9Bpwly4CDRxzeAXIwe73771a15652c5aace3f05d0feaa8cb82b40e5cd2022-11-23T18:39:41+07:00Transfer Cash Wallet To Bank AccountSUCCESSSEND_MONEYOK
8. Transfer
a. Transfer Bank Account Inquiry
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3NTEwOTMxMTYsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYiLCJhY2NvdW50SWQiOiIxMTMwOTYyNjQyIn0.obDKu1k0ioPnAy89PzdhOx9w5ZqqTN_0I26A_N5MgXbxub8szGpwpsaZD5lNme9CMydJT8pBr4cuYb1uU-FUbAVg2I9OsEmioHLHHUhbAhfykOREOm9PXkU4A3e3_7jjt77XuJGTat-0ZG1tGn21GNbaCUa4TswE61PcUu-XM7rPoOSZkwxR_YPg7vWrR9cSNIJV3iECWGWD-t_cGgbi0Jt3Yj-eCA9JIjQGa9o8fPwvW1xmWLcLw6MhUdppYLphd5ulhLTCLeI4wpr8RXP9Kq0K0trcEBrVDFELD9PykcPuG8A_yW8lgjoTcJaep85CHlS07w-9TakwEND0Wu4Y8wpartnerReferenceNo
f1a69bce-41bc-4abd-8c5c-01910574e404customerNumber
1020340010beneficiaryAccountNumber
18520102416246OK
2001200Request has been processed successfullyf1a69bce-41bc-4abd-8c5c-01910574e404f1a69bce-41bc-4abd-8c5c-01910574e40418520102416246John Doe2OK
b. Transfer Bank Account Payment
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3NTEwOTMxMTYsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYiLCJhY2NvdW50SWQiOiIxMTMwOTYyNjQyIn0.obDKu1k0ioPnAy89PzdhOx9w5ZqqTN_0I26A_N5MgXbxub8szGpwpsaZD5lNme9CMydJT8pBr4cuYb1uU-FUbAVg2I9OsEmioHLHHUhbAhfykOREOm9PXkU4A3e3_7jjt77XuJGTat-0ZG1tGn21GNbaCUa4TswE61PcUu-XM7rPoOSZkwxR_YPg7vWrR9cSNIJV3iECWGWD-t_cGgbi0Jt3Yj-eCA9JIjQGa9o8fPwvW1xmWLcLw6MhUdppYLphd5ulhLTCLeI4wpr8RXP9Kq0K0trcEBrVDFELD9PykcPuG8A_yW8lgjoTcJaep85CHlS07w-9TakwEND0Wu4Y8wTransaction ID from partners
f1a69bce-41bc-4abd-8c5c-01910574e404Customer number
1020340010Account type
tabunganBeneficiary account number
18520102416246Beneficiary bank code
2OK
2001300Request has been processed successfullyf1a69bce-41bc-4abd-8c5c-01910574e404f1a69bce-41bc-4abd-8c5c-01910574e4042022-11-11T17:37:37.473153319874OK
9. Top Up
a. Account Inquiry Top Up
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3NTEwOTMxMTYsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYiLCJhY2NvdW50SWQiOiIxMTMwOTYyNjQyIn0.obDKu1k0ioPnAy89PzdhOx9w5ZqqTN_0I26A_N5MgXbxub8szGpwpsaZD5lNme9CMydJT8pBr4cuYb1uU-FUbAVg2I9OsEmioHLHHUhbAhfykOREOm9PXkU4A3e3_7jjt77XuJGTat-0ZG1tGn21GNbaCUa4TswE61PcUu-XM7rPoOSZkwxR_YPg7vWrR9cSNIJV3iECWGWD-t_cGgbi0Jt3Yj-eCA9JIjQGa9o8fPwvW1xmWLcLw6MhUdppYLphd5ulhLTCLeI4wpr8RXP9Kq0K0trcEBrVDFELD9PykcPuG8A_yW8lgjoTcJaep85CHlS07w-9TakwEND0Wu4Y8wpartnerReferenceNo
f1a69bce-41bc-4abd-8c5c-01910574e404transactionDate
2022-11-11T17:37:37.473153OK
2001400Request has been processed successfullyf1a69bce-41bc-4abd-8c5c-01910574e404f1a69bce-41bc-4abd-8c5c-01910574e4041020340010John Doe5000000OK
b. Account Top Up
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3NTEwOTMxMTYsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYiLCJhY2NvdW50SWQiOiIxMTMwOTYyNjQyIn0.obDKu1k0ioPnAy89PzdhOx9w5ZqqTN_0I26A_N5MgXbxub8szGpwpsaZD5lNme9CMydJT8pBr4cuYb1uU-FUbAVg2I9OsEmioHLHHUhbAhfykOREOm9PXkU4A3e3_7jjt77XuJGTat-0ZG1tGn21GNbaCUa4TswE61PcUu-XM7rPoOSZkwxR_YPg7vWrR9cSNIJV3iECWGWD-t_cGgbi0Jt3Yj-eCA9JIjQGa9o8fPwvW1xmWLcLw6MhUdppYLphd5ulhLTCLeI4wpr8RXP9Kq0K0trcEBrVDFELD9PykcPuG8A_yW8lgjoTcJaep85CHlS07w-9TakwEND0Wu4Y8wTransaction ID from partners
f1a69bce-41bc-4abd-8c5c-01910574e404Customer number
1020340010Session ID
192837465Notes for top up transaction
notesOK
2001500Request has been processed successfullyf1a69bce-41bc-4abd-8c5c-01910574e404f1a69bce-41bc-4abd-8c5c-01910574e4041928374651020340010OK
c. Query Top Up
Client's current local time in yyyyMMddTHH:mm:ss.SSST ZD format
2026-01-26T14:33:11+07:00Credential client ID from DOKU
BRN-0256-1676878043376Reference number that should be unique in the same day
BRN-0256-1676878043376_1769412783294SHA-512 HMAC is used to generate the signature with your Client Secret. Generate stringToSign : HTTPMethod + ”:“+ EndpointUrl +":"+ B2BAccessToken + ":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody)))) + ":“ + X-TimeStamp
bySGzXdWfHaFF6L5VD/m/uMnAvZYnO6ry7lv5q4v0RB9sZ+yHqC1JPu8B2HLd7J4hVQhXvVaNqJmKt11KlpNpmq9qgtu2bqHt9qFIa5+0lZJjEYKFOFgjxVWSffF1EcTooeV3BUva1EedEsbjYgbaM3e8QszvNmKGkEEzv3qjkM=Represents access_token of a request, string starts with keyword “Bearer ” followed by Token B2B
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3Njk0MTM2MzQsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYifQ.XPS6T9IKRh5JSI0hGcgkoEJEu1rG68sKf-3BVJNNWxipGPaI7HdGGHOUM3Fi_ivXCTgpgyHEqMC3Ht7kcrvvIwkMHCzxylAbcSKBzZhUm7N-uYdIzfcbTsXbpFk-OMhWF8YROYtlfmfz_PfPmpUYrnrU5vp2phBkrbZBNGVCw9fZBViF6ACuiHDFdcyLjSbM7fSdB0lt6_Tbjum9KeJKTUQNmCXmBX4nI_goFdPR_Y4AewPMDTI7bZUvClBFNrPHzjjaKj-0IxDjFxKeFapZH4BVv6rCbDAlIfQSzIUhTHMJZIE52qcvNMfRy4WGVtaOoaXKgJf3Hvsb3ZP5-cblmQRepresents access_token of a request belong customer; string starts with keyword “Bearer ” followed by Token B2B2C
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE3NTEwOTMxMTYsImlzcyI6IkRPS1UiLCJjbGllbnRJZCI6IkJSTi0wMjU2LTE2NzY4NzgwNDMzNzYiLCJhY2NvdW50SWQiOiIxMTMwOTYyNjQyIn0.obDKu1k0ioPnAy89PzdhOx9w5ZqqTN_0I26A_N5MgXbxub8szGpwpsaZD5lNme9CMydJT8pBr4cuYb1uU-FUbAVg2I9OsEmioHLHHUhbAhfykOREOm9PXkU4A3e3_7jjt77XuJGTat-0ZG1tGn21GNbaCUa4TswE61PcUu-XM7rPoOSZkwxR_YPg7vWrR9cSNIJV3iECWGWD-t_cGgbi0Jt3Yj-eCA9JIjQGa9o8fPwvW1xmWLcLw6MhUdppYLphd5ulhLTCLeI4wpr8RXP9Kq0K0trcEBrVDFELD9PykcPuG8A_yW8lgjoTcJaep85CHlS07w-9TakwEND0Wu4Y8woriginalPartnerReferenceNo
977ebb3b8bdf4520b7ec8ead6c16567aoriginalReferenceNo
977ebb3b8bdf4520b7ec8ead6c16567aoriginalExternalId
977ebb3b8bdf4520b7ec8ead6c16567aserviceCode
50OK
2001600Request has been processed successfully977ebb3b8bdf4520b7ec8ead6c16567a977ebb3b8bdf4520b7ec8ead6c16567a977ebb3b8bdf4520b7ec8ead6c16567a500Request has been processed successfullyOK
Appendix
DOKU e-Wallet Customer Type
Response Code
Last updated