Create Payment URL
Step 1: Get Access Token
Please refer to Access Token on how to get Access Token, and then place it into Request Headers' Authorization.
Step 2: Prepare Request Parameter
Generate nonceStr and timestamp, which will be placed into Request Headers and also be used to create Signature.
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
nonceStr | String | Yes | Random String | 7a70f55482a5566c |
timestamp | String | Yes | UNIX timestamp of request | 1667061151361 |
Request Parameters
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
order | Object | Yes | order information, with keys of [id, title, amount, currencyType, additionalData] | |
customer | Object | Yes | customer information, with keys of [name, phone, email] | |
method | String | No | List of Type, please refer to Deposit / Payment - Financial Process Exchange (FPX), If this is given, user will be redirected straight to the specific 3rd party payment page. If not, user will be redirected to Payment page to select the Payment Method |
Order [Object]
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
title | String | Yes | Order title, max: 32 | "Deposit" |
additionalData | String | No | Order description | |
amount | String | Yes | Amount of order in Dollar. 100 = RM 100.00 | 100 |
currencyType | String | Yes | Currency notation (currently only support MYR or USDT) | "MYR" |
id | String | Yes | ID of the Order |
Customer [Object]
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
name | String | Yes | Customer Name | "Long Wan" |
email | String | Yes | Customer Email | "" |
phone | String | Yes | Customer Phone Number | "" |
Example Request
{
"order": {
"id": "A20221111",
"title": "Payment",
"amount": "88.50",
"currencyType": "MYR",
"additionalData": ""
},
"customer": {
"name": "Long Wan",
"phone": "0123456789",
"email": "[email protected]"
},
"method": "CIMB_MY"
}
Sort the above json key alphabetically and make it compact
{"customer":{"name":"Long Wan","phone":"0123456789","email":"[email protected]"},"method":"CIMB_MY","order":{"id":"A20221111","title":"Payment","amount":"88.50","currencyType":"MYR","additionalData":""}}
Encode the data to Base64 format
eyJjdXN0b21lciI6eyJuYW1lIjoiTGVvbiBUYW4iLCJwaG9uZSI6IjAxMjM0NTY3ODkiLCJlbWFpbCI6Imxlb25AZ2dncGF5Lm9yZyJ9LCJtZXRob2QiOiJGUFgiLCJvcmRlciI6eyJpZCI6IkEyMDIyMTExMSIsInRpdGxlIjoiUGF5bWVudCIsImFtb3VudCI6Ijg4LjUwIiwiY3VycmVuY3lUeXBlIjoiTVlSIiwiYWRkaXRpb25hbERhdGEiOiIifX0=
Encode the base64 format data with CLIENT_SYMMETRIC_KEY
e4e9ac1120ed867a7af108af8b1ab9183319f8a334bcdbbea47232359ae0a5c9c4ad1e46450ef4b36775aeb624b14b722a6884abd9b1f7572f1fdb33ce7a8bfec3d69d3e2e1aa77487c55b181613bfbef1028c8da984f5b59c8d6241eefcaf70
Step 3: Generate Signature
Please refer to Signature Algorithm on how to get Signature, and then place it into Request Headers' X-Signature.
Step 4: POST to /gateway/v1/createPayment endpoint
Method : POST
Request
Headers
| Parameter | Type | Description |
|---|---|---|
Authorization | String | Token get from Step 1 |
X-Nonce-Str | String | nonceStr from Step 2 |
X-Timestamp | String | timestmap from Step 2 |
X-Signature | String | signature from Step 3 |
Body
| Parameter | Type | Description | Example |
|---|---|---|---|
data | String | Encrypted Data with CLIENT_SYMMETRIC_KEY | e4e9ac1127af1...b59c8d62af70 |
Example Request Header & Body
{
"headers": {
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjEwMDIOjE2NjczMTYwOTJ9.UnVBt6Opxd_ZOMns1gCT40Ihdj1nbndi2V43Xt3fIuE",
"X-Nonce-Str": "7a70f55482a5566c",
"X-Timestamp": "1667061151361",
"X-Signature": "sha256 zOzjz8QoGTbesuAO5CCFbPCF3EMDtohKtkQPro8O61jbXhurgl+wIYzTv1BQPB6z1+bRn7gXx1YpsItk+Zed+Wd9PqmexoGdDrAAoUKjCcMks9g0/kiVui381jscVAyCUzdMtkW25P4QyTeq5+ES7D66j/Jwk+9JqYXhMnX5aAUdMjlrADp1RC1zrZUc1Mfqs+MA26J3X5uQ8xLhh9FaAhDdoyWctKQSTHZyMVuDtmFaGdzaGI3LCWm5w1gvtHC43mTMccc3WrlirYbDrZvN2c81cNMfRJjgJZNnjjY27OAMvGsJJgpo0b+EW4UO74QzZ2VI60fgf7uIajIOgQRzzA=="
},
"body": {
"data": "e4e9ac1120ed867a7af108af8b1ab918cbec6db7b4d7c29908085a73e2b29e97547da6eae91928b3330241f1fb898eebd8c3355105fdd5c68b6ceea761f41dc3085ed888d3c0473beef128ebd208c4f60299df64a622d04d21d81513c02e2d47bfcce2a6c246eabcc1c823aaf3d9133004cf7c4c08236395a05dc19a98c33a301c8b73d4e7fd33cd911619de86dfdb45"
}
}
Response
Body
| Parameter | Type | Description | Example |
|---|---|---|---|
code | String | The status code of this API | 200 |
encryptedData | String | Encrypted Data that required be decrypted with CLIENT_SYMMETRIC_KEY | a83cf72884cbbb....3ddf0744646e0cf0b482 |
message | String | PlainText of the information of this request | 'Success' |
Example Response
{
"code": 200,
"encryptedData": "e4e9ac1120ed867a7af108af8b1ab918cbec6db7b4d7c29908085a73e2b29e97547da6eae91928b3330241f1fb898eebd8c3355105fdd5c68b6ceea761f41dc3085ed888d3c0473beef128ebd208c4f60299df64a622d04d21d81513c02e2d47bfcce2a6c246eabcc1c823aaf3d9133004cf7c4c08236395a05dc19a98c33a301c8b73d4e7fd33cd911619de86dfdb45",
"message": "Success"
}
Step 5: Decrypt the encryptedData with CLIENT_SYMMETRIC_KEY
Symmetric decrypt the encryptedData, e4e9ac1120ed867a7af108af8b1ab918cbec6db7b4d7c29908085a73e2b29e97547da6eae91928b3330241f1fb898eebd8c3355105fdd5c68b6ceea761f41dc3085ed888d3c0473beef128ebd208c4f60299df64a622d04d21d81513c02e2d47bfcce2a6c246eabcc1c823aaf3d9133004cf7c4c08236395a05dc19a98c33a301c8b73d4e7fd33cd911619de86dfdb45
with CLIENT_SYMMETRIC_KEY, PCd1dlEmFnBXaVce06Pzp7Vike0oHnVJ
The result is in plaintext as
{
"data": {
"paymentUrl": "https://api.directpay.asia/gateway/v1/createPayment/checkout/payment?orderId=1234567890/",
"transactionId": "1234567890"
}
}