# Direct API ## Direct API Payment Flow ![](https://1274130818-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MkeSVYYObwYaBR-BQ7A%2Fuploads%2Fp7sEZQZaQQvTRF2Aa94l%2Fdirect%20api.jpeg?alt=media\&token=ab0cbfd5-0a14-40ae-9c43-94fbce4c8627) 1. Customer checkout with payment method VA or Over the counter. 2. Merchant request VA number and VA expired date toe E2Pay with the parameter request via Backend H2H. 3. E2Pay response merchant request by sending VA number and VA expired date generated by E2Pay to merchant. 4. Merchant shows VA number and VA expired date to customer. 5. Customer then pay the bill. 6. Issuer get notified regarding payment done by customer and send the inquiry payment detail to E2pay along with payment status. 7. E2pay get payment status from issuer and pass it to merchant. 8. Then merchant show payment status to customer (success/fail). ## Hit URL to E2Pay {% tabs %} {% tab title="Production" %} **E2Pay direct API** \ **URL**: [https://pg.e2pay.co.id/RMS/API/nms2us/direct\_api\_bridge.php](https://pg-uat.e2pay.co.id/RMS/API/nms2us/direct_api_bridge.php) \ \ **E2Pay OPSG payment re-query** \ **URL**: {% endtab %} {% tab title="Staging" %} **E2Pay direct API** \ **URL**: \ \ **E2Pay OPSG payment re-query** \ **URL**: [https://api-uat.e2pay.co.id/RMS/nms/requery\_bridge.php](https://api-uat.e2pay.co.id/RMS/nms/requery_redirect_bridge.php) {% endtab %} {% endtabs %} ## Request & Response Parameter {% tabs %} {% tab title="Request" %} | FieldName | Data Type | Size | M/O | Description | | ------------ | --------- | ---- | --- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | | MerchantCode | String | 20 | M | The Merchant Code provided by E2Pay and use to uniquely identify the Merchant. | | PaymentId | Integer | | M |

Referto E2Pay Merchant Technical Spec

v1.7.1.pdf file for IDR gateway.

| | RefNo | String | 18 | M | Unique merchant transaction number/OrderID. | | VaNumber | String | 13 | O |

● Indicates virtual account number based on merchant unique number.
Example: customer phone number

● This parameter is mandatory for static VA

| | Cashtag | String | 30 | C | This parameter ONLY applicable for JeniusPay | | Amount | Currency | | M | The amount must not contain any decimal points, thousand separators or currency symbols. For example, Rp 10.000,00 is expressed as **1000000**. | | Currency | String | 5 | M | Only IDR | | ProdDesc | String | 100 | M | Product description | | UserName | String | 100 | M | Customer name | | UserEmail | String | 100 | M | Customer email for receiving receipt | | UserContact | String | 20 | M | Customer contact number | | Remark | String | 1000 | O | Merchant remarks | | Lang | String | 20 | O |

Encoding type

ISO-8859– 1–English
UTF-8 – Unicode
GB2312 – Chinese Simplified
GDϭ8030 – Chinese Simplified
BIG5 – Chinese Traditional

| | Signature | String | 100 | M | SHA1 base code 64 signature (refer to 3) | | CallBackURL | String | 200 | M | URL callback to get notification from E2Pay | | {% endtab %} | | | | | {% tab title="Response" %} | Field Name | Type (Size) | M/O | Description | | ---------------------- | ------------- | --- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Code | Varchar (7) | M |

Status Code

Example : ‘pge2101’ is Invalid Parameters (Refer to section 4).

| | Message | Varchar (50) | M |

Status Code message
Example : ‘Invalid Parameters’

| | MerchantCode | Varchar (20) | M | The Merchant Code provided by E2Pay and use to uniquely identify the Merchant. | | PaymentId | Integer | M | Refer to AppendixI.pdf file for **IDR gateway.** | | RefNo | Varchar (18) | M | Unique merchant transaction number / OrderID | | Amount | Currency | M |

The amount must not contain any decimal points, thousands separators or currency symbols.

For example : Rp10.000,00 is expressed as 1000000.

| | TransId | Varchar (30) | M | E2Pay OPSG Transaction ID | | ExpiryDuration | Varchar (100) | O | Transaction time duration (in second) Example, 25200 is mean 7 Hours. | | ExpiryDate | Varchar (100) | O |

Transaction Expired Date (yyyyMMddHHmmss)

example, 20191013235959

| | Signature | Varchar (100) | M | SHA1base code 64 signature(refer to 3) | | VirtualAccountAssigned | Varchar (100) | O | Virtual Account No | | PaymentCode | Varchar (20) | O | Payment Code provided by Merchant | | QRCode | Varchar (200) | O | QR Code generated by E2Pay | | URL | Varchar (300) | O | URL generated by E2Pay | | Data | Json | M |

Contains objects or data,

This key should be Mandatory but its objects should be athere and can be null

| | {% endtab %} | | | | | {% endtabs %} | | | | {% hint style="info" %} M : Mandatory field\ O : Optional field, value can be empty but parameter must exist {% endhint %} ### Request & Response Sample {% tabs %} {% tab title="Request" %} * Path : paytest.e2pay.co.id/merchant-switching/services/directPayment (UAT)\ pay.e2pay.co.id/merchant-switching/services/directPayment (Prod) * Method : POST * Query Param : - * Content-Type : application/json #### Content ```markup { "MerchantCode":"ID00001", "PaymentId":"1", "RefNo":"A00000001", “OVONumber”:”087786541778”, “VaNumber”:”12345678910”, "Amount":"300000", "Currency":"IDR", "ProdDesc":"Photo Print", "UserName":"John Tan", "UserEmail":"john@hotmail.com", "UserContact":"0126500100", "Remark":"", "Lang":"UTF-8", "Signature":"Q/iIMzpjZCrhJ2Yt2dor1PaFEFI=", "CallBackURL":"http://www.abc.com/payment/callBackURL" } ``` {% endtab %} {% tab title="Response" %} * Content-Type : Application/json #### Content ``` { “Code”:”pge2102”, "Message":" Invalid parameters ", "MerchantCode":"ID00001", "PaymentId":"1", "RefNo":"A00000001", “Amount”:”300000”, "TransId":"T0030328000", "Signature":"Q/iIMzpjZCrhJ2Yt2dor1PaFEFI=", “Data”: { “PaymentCode”:”2740030329600”, “VirtualAccountAssigned”:”12345678910”, “QRCode”:”QR11130000007”, “ExpiryDuration”:”25200”, “ExpireDate”:”20191013235959”, "Url":"valueOfUrl" } } ``` {% endtab %} {% endtabs %} ## Backend Post Feature The Backend POST feature is server to server technology where it does not depend on the user’s web browser to return payment response data to merchant website. With this feature implemented, your system still can get the payment status on the backend (asynchronously). #### Note : 1. This Backend post feature will return status the transaction is a payment success or failed. 2. The Backend page should implement checking same like response page such as signature checking, and etc. to prevent user hijack merchant system. 3. The backend page should not have session related code so that merchant systems are still able accept payment status from E2Pay OPSG even if the user is logged out or the session is expired. 4. You need to implement a **check to determine** "backend page" to update the order so it won't update order status in merchant system **more than 1 time.** Note: After receiving the payment success status, E2Pay OPSG will simultaneously return payment status to "backend page". 5. The backend page is not a replacement for the response page. You will still need to continue to use the normal response page as usual. ### Implementation On the merchant website, create another page to accept backend post parameter from E2Pay OPSG. On the request page, specify the backend post URL by using "BackendURL" parameter.\ \ **Example :** ```markup Continue next page... ``` On the 'backend\_response.asp' page you need to write out the word 'OK' only (without quote) as an acknowledgement once the backend page success gets the payment status from E2Pay OPSG. E2Pay OPSG will re-try send the payment status to the 'backend\_response.asp' page up to 5 times on different interval if no 'OK' acknowledgement detected.\ \ **Example :** {% tabs %} {% tab title="ASP" %} ```aspnet response.write "OK" ``` {% endtab %} {% tab title="PHP" %} ```php echo "OK"; ``` {% endtab %} {% endtabs %} {% hint style="info" %} Make sure just the word **'OK'** only on the backend page and without any HTML tag on the page. {% endhint %} ### Backend Notification Parameter | Field Name | Type (Size) | M/O | Description | | ---------------------- | ------------- | --- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | MerchantCode | Varchar (20) | M | The Merchant Code provided by E2Pay and use to uniquely identify the Merchant. | | PaymentId | Integer | M | Refer to AppendixI.pdf file for **IDR gateway.** | | RefNo | Varchar (18) | M | Unique merchant transaction number/ OrderID | | Amount | Currency | M |

The amount must not contain any decimal points, thousands separators or currency symbols.

For example,Rp10.000,00 is expressed as 1000000.

| | Currency | Varchar (5) | M | Refer to AppendixI.pdf file for **IDR gateway.** | | Remark | Varchar (100) | O | Merchant remarks | | TransId | Varchar (30) | M | E2Pay OPSG transaction id | | AuthCode | Varchar (20) | O | Bank's approval code | | Status | Varchar (1) | M |

Payment status

1 – Success

6 – Pending

0 – Fail

| | ErrDesc | Varchar (100) | O |

Payment status description.
(Refer to Appendix I.pdf file).

| | VirtualAccountAssigned | Varchar (100) | O | Virtual account no | | TransactionExpiryDate | Varchar (100) | O | Transaction expired date | | Signature | Varchar (100) | M | SHA1 base code 64 signature (refer to 3.2) | #### Callback Request Sample * Content-type : Application/json **Content** ```markup { "MerchantCode":" ID00001", "PaymentId":"1", "RefNo":" A00000001", “Amount”:”300000”, “Curency: “IDR”, “Remark”: “”, "TransId":"T0030328000", “AuthCode”:”RB0000000000”, “Status”:”1”, “ErrDesc”:””, “VirtualAccountAssigned”: “”, “TransactionExpiryDate”:””, "Signature":" Q/iIMzpjZCrhJ2Yt2dor1PaFEFI=", } ``` ## Re-Query Payment Status Parameter (Response URL to Enquiry.ASP) Merchant HTTPS POST re-query payment status parameters to E2Pay OPSG. | PaymentId | integer | M | Refer to Appendixl.pdf file for IDR gateway. | | ------------ | ------- | - | ---------------------------------------------------------------------- | | MerchantCode | Varchar | M | Merchant Code assigned by E2Pay | | Currency | Varchar | M | Refer to Appendixl.pdf file for IDR gateway. | | TransId | Varchar | M | E2Pay OPSG Transaction ID | | RefNo | Varchar | M | Unique merchant transaction number / Order ID | | Signature | Varchar | M | SHA1 base code 64 signature (Refer to Restful JSON Re-query Signature) | {% hint style="info" %} M : Mandatory field.\ O : Optional field, value can be empty but parameter must exist possible. {% endhint %} {% tabs %} {% tab title="Request Re-Query Status Sample" %} * Content type : application/json * Content : ```json { "PaymentId": 37, "MerchantCode": "IF00305_S0001", "Currency": "IDR", "TransId": "A0000000357", "RefNo": "NR0001009691", "Signature": "PDe4Gw38dh6qnDPguGKX2QrYnTQ=" } ``` {% endtab %} {% tab title="Response Re-Query Status Sample" %} * Content-Type : application/json * Content : ```json { "MerchantCode": "IF00305_S0001", "PaymentId": 37, "RefNo": "NR0001009691", "Amount": 60000, "Currency": "IDR", "TransId": "A0000000357", "AuthCode": "P126202123410950", "Status": "SUCCESS", "ErrDesc": null, "ErrorCode": null, "Signature": "GWE+y+x+t81MI3wCVjkcIuA/sG8=" } ``` {% endtab %} {% endtabs %} ### Message Reply On The Page From E2Pay OPSG | Possible reply from E2Pay OPSG | Description | | ------------------------------ | ----------------------- | | 00 | Successful payment | | Record not found | Cannot found the record | | Incorrect amount | Amount different | | Payment fail | Payment fail | | Payment pending | Payment pending | ## Signature ### Request Page Signature This signature must be included in the request of every transaction. This hash signature for a request is a hash of the following fields: 1. **MerchantKey (Provided by E2Pay OPSG and share between E2Pay and merchant only)** 2. **MerchantCode** 3. **RefNo** 4. **Amount** 5. **Currency** The fields must set in the following order: \ (MerchantKey & MerchantCode & RefNo & Amount & Currency) **Example :** \ MerchantKey = applekey \ MerchantCode = ID00001 \ RefNo = A00000001 \ Amount = 300000 (Note : 300000 represent amount as Rp 3.000,00) \ Currency = IDR The hash would be calculated on the following string : **applekeyID00001A00000001300000IDR** The resulting has signature value equals to (using SHA1 base64 hash algorithm) **Q/iIMzpjZCrhJ2Yt2dor1PaFEFI=** ### Response Page Signature If the Merchant request is successful the response message will contain as SHA1 hashed signature. The hash signature for the response is a hash of the following fields: 1. **MerchantKey (Provided by E2Pay OPSG and share between E2Pay and merchant only)** 2. **MerchantCode** 3. **PaymentId** 4. **RefNo** 5. **Amount** 6. **Currency** 7. **Status** The field must set in the following order :\ (SecretKey & MerchantCode & PaymentId & RefNo & Amount & Currency & Status)\ \ Example : \ SecretKey = merchantkey \ MerchantCode = ID00001 \ PaymentId = 7 \ RefNo = 19201970148AM \ Amount = 300000 (Note: 300000 represent amount as Rp 3000,00) \ Currency = IDR \ Status = 1\ \ The hash would be calculated on the following string: **merchantkeyID0000119201970148AM300000IDR1**\ \ The resulting has signature value equals to (using SHA1 base64 hash algorithm) **OSsMZwT0jH4Wib3G2o/ZTQRSYPM=** ### Payment Re-Query Signature | Parameter | Type (size) | M/O | Description | Sample | | ------------ | ----------- | --- | ----------------------------------------------------------------------------- | ------------- | | SecretKey | varchar(12) | M | Provided by E2Pay. A private key that is used to make digital signature | merchantkey | | MerchantCode | varchar(8) | M | The merchant code provided by E2Pay and use to uniquely identify the merchant | EP00005 | | PaymentId | integer | M | Unique payment channel id | 7 | | RefNo | varchar(20) | M | Unique merchant transaction number | 19201970148AM | | TransId | varchar(20) | M | Payment Transaction Unique ID degenerated by e2pay | P1293365900 | | Currency | varchar(5) | M | Indonesian Rupiah (IDR) | IDR | The fields must set in the following order: (SecretKey & MerchantCode & PaymentId & RefNo & TransID & Currency) **Example :** * SecretKey = merchantkey * MerchantCode = EP00005 * PaymentId = 7 * RefNo = 19201970148AM * TransID = P1293365900 * Currency = IDR The hash would be calculated on the following string: **merchantkeyEP00005719201970148AM P1293365900IDR** The resulting hassignature value equalsto (using SHA1 base64 hash algorithm) **+T/RZFXFPzdLuGp4LUfKljrb/eo=** ## Error Code | Code | Message | Description | | ------- | -------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | | pge2101 | Invalid parameters | Some parameter posted to E2Pay is invalid or empty. | | pge2103 | Invalid merchant code | The merchant code does not exist or incorrect. | | pge2104 | Duplicate reference number | Do not re-use Reference Number that previously payment success for transaction. | | pge2203 | Signature not match | Signature on request page which pass to E2Pay is incorrectly generated. Refer section 8 for more information about Signature for request page. | ## Payment ID | Payment Channel | Payment ID | | --------------- | ---------- | | Permata VA | 22 | | BNI VA | 28 | | CIMB VA | 37 | | BCA VA | 38 | | BRI VA | 40 | | Mandiri VA | 44 | | BSI VA | 47 | ### Additional Note for BRI Virtual Account **Minimum** User Contact: 10 Character (Only Number) **Maximum** User Contact: 14 Character (Only Number)