Create Payout/ Withdraw Request
Step 1: Get Access Token
Please refer to Access Token on how to get Access Token, and then place it into Request Headers' Authorization.
Step 2: Prepare Request Parameter
Generate nonceStr and timestamp, which will be placed into Request Headers and also be used to create Signature.
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
nonceStr | String | Yes | Random String | 7a70f55482a5566c |
timestmap | String | Yes | UNIX timestamp of request | 1667061151361 |
Request Parameters
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
order | Object | Yes | order information, with keys of [id, amount, currencyType] | |
recipient | Object | Yes | Recipient information, with keys of [name, phone, email, methodType, methodValue, methodRef] |
Order [Object]
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
amount | String | Yes | Amount of order in Dollar. 100 = RM 100.00 | 100 |
currencyType | String | Yes | Currency notation (currently only support MYR) | "MYR" |
id | String | Yes | "6170506694335521334" |
Recipient [Object]
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
name | String | Yes | Customer Name | "13245876" |
email | String | Yes | Customer Email | "" |
phone | String | Yes | Customer Phone Number | "" |
methodType | String | Yes | Type of Method, please refer to Withdraw / Payout - Swift Code | "RHBBMYKL" |
methodValue | String | Yes | Refer to Bank Account | "" |
methodRef | String | Yes | If there is any additional information, such as PASSPORT would require COUNTRY_CODE | "" |
Example Request
{
"order": {
"id": "10006",
"amount": "1",
"currencyType": "MYR"
},
"recipient": {
"name": "Long Wan",
"phone": "0123456789",
"email": "[email protected]",
"methodType": "CIBBMYKL",
"methodValue": "8044591766",
"methodRef": ""
}
}
Sort the above json key alphabetically and make it compact
{"order":{"id":"10006","amount":"1","currencyType":"MYR"},"recipient":{"name":"Long Wan","phone":"0123456789","email":"[email protected]","methodType":"CIBBMYKL","methodValue":"8044591766","methodRef":""}}
Encode the data to Base64 format
eyJjdXN0b21lciI6eyJuYW1lIjoiTGVvbiBUYW4iLCJwaG9uZSI6IjAxMjM0NTY3ODkiLCJlbWFpbCI6Imxlb25AZ2dncGF5Lm9yZyJ9LCJtZXRob2QiOiJGUFgiLCJvcmRlciI6eyJpZCI6IkEyMDIyMTExMSIsInRpdGxlIjoiUGF5bWVudCIsImFtb3VudCI6Ijg4LjUwIiwiY3VycmVuY3lUeXBlIjoiTVlSIiwiYWRkaXRpb25hbERhdGEiOiIifX0=
Encode the base64 format data with CLIENT_SYMMETRIC_KEY
e4e9ac1120ed867a7af108af8b1ab9183319f8a334bcdbbea47232359ae0a5c9c4ad1e46450ef4b36775aeb624b14b722a6884abd9b1f7572f1fdb33ce7a8bfec3d69d3e2e1aa77487c55b181613bfbef1028c8da984f5b59c8d6241eefcaf70
Step 3: Generate Signature
Please refer to Signature Algorithm on how to get Signature, and then place it into Request Headers' X-Signature.
Step 4: POST to /gateway/v1/withdrawRequest endpoint
Method : POST
Request
Headers
| Parameter | Type | Description |
|---|---|---|
Authorization | String | Token get from Step 1 |
X-Nonce-Str | String | nonceStr from Step 2 |
X-Timestamp | String | timestmap from Step 2 |
X-Signature | String | signature from Step 3 |
Body
| Parameter | Type | Description | Example |
|---|---|---|---|
data | String | Encrypted Data with CLIENT_SYMMETRIC_KEY | e4e9ac1127af1...b59c8d62af70 |
Example Request Header & Body
{
"headers": {
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjEwMDIOjE2NjczMTYwOTJ9.UnVBt6Opxd_ZOMns1gCT40Ihdj1nbndi2V43Xt3fIuE",
"X-Nonce-Str": "7a70f55482a5566c",
"X-Timestamp": "1667061151361",
"X-Signature": "sha256 zOzjz8QoGTbesuAO5CCFbPCF3EMDtohKtkQPro8O61jbXhurgl+wIYzTv1BQPB6z1+bRn7gXx1YpsItk+Zed+Wd9PqmexoGdDrAAoUKjCcMks9g0/kiVui381jscVAyCUzdMtkW25P4QyTeq5+ES7D66j/Jwk+9JqYXhMnX5aAUdMjlrADp1RC1zrZUc1Mfqs+MA26J3X5uQ8xLhh9FaAhDdoyWctKQSTHZyMVuDtmFaGdzaGI3LCWm5w1gvtHC43mTMccc3WrlirYbDrZvN2c81cNMfRJjgJZNnjjY27OAMvGsJJgpo0b+EW4UO74QzZ2VI60fgf7uIajIOgQRzzA=="
},
"body": {
"data": "e4e9ac1120ed867a7af108af8b1ab918cbec6db7b4d7c29908085a73e2b29e97547da6eae91928b3330241f1fb898eebd8c3355105fdd5c68b6ceea761f41dc3085ed888d3c0473beef128ebd208c4f60299df64a622d04d21d81513c02e2d47bfcce2a6c246eabcc1c823aaf3d9133004cf7c4c08236395a05dc19a98c33a301c8b73d4e7fd33cd911619de86dfdb45"
}
}
Response
Body
| Parameter | Type | Description | Example |
|---|---|---|---|
code | String | The status code of this API | 200 |
encryptedData | String | Encrypted Data that required be decrypted with CLIENT_SYMMETRIC_KEY | a83cf72884cbbb....3ddf0744646e0cf0b482 |
message | String | PlainText of the information of this request | 'Success' |
Example Response
{
"code": 200,
"encryptedData": "e4e9ac1120ed867a7af108af8b1ab918cbec6db7b4d7c29908085a73e2b29e97547da6eae91928b3330241f1fb898eebd8c3355105fdd5c68b6ceea761f41dc3085ed888d3c0473beef128ebd208c4f60299df64a622d04d21d81513c02e2d47bfcce2a6c246eabcc1c823aaf3d9133004cf7c4c08236395a05dc19a98c33a301c8b73d4e7fd33cd911619de86dfdb45",
"message": "Success"
}
Step 5: Decrypt the encryptedData with CLIENT_SYMMETRIC_KEY
Symmetric decrypt the encryptedData, e4e9ac1120ed867a7af108af8b1ab918cbec6db7b4d7c29908085a73e2b29e97547da6eae91928b3330241f1fb898eebd8c3355105fdd5c68b6ceea761f41dc3085ed888d3c0473beef128ebd208c4f60299df64a622d04d21d81513c02e2d47bfcce2a6c246eabcc1c823aaf3d9133004cf7c4c08236395a05dc19a98c33a301c8b73d4e7fd33cd911619de86dfdb45
with CLIENT_SYMMETRIC_KEY, PCd1dlEmFnBXaVce06Pzp7Vike0oHnVJ
The result is in plaintext as
{
"data": {
"transactionId": "10535",
}
}