IDR Pay Api

# Code Example

The code example is for reference only, please refer to request parameter description for specific parameter description

import com.google.gson.Gson;
import com.google.gson.JsonObject;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Map;
import java.util.TreeMap;

public class TopPayDemo {
  private static final String MCH_ID = "S820211021094748000001";
  private static final String PLAT_PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2JoMfFqLsSJjAiCahEnlP3aRj8yCT+WHzR+VvPBTw9S1i7iYWb+MY09CG/HYuHF4+IxshXDJygmndxKf/esuwPybS8mAd//yubHpmZsmBqg1FffT8VH1APa6ZRWASUp4U01ZrbCCp35QA8FuWrJGMJxGx4xk7KUtV2yujxC8noQIDAQAB";  // platform public key
  private static final String MCH_PRIVATE_KEY = "MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAJU8gKFKD0luIYx7X8+JRdCIE0UDBctS6LjXxWLEv/EO7jDBTid6zYP1KmNgpd2DAWWtBFBSQ+gcNwVZZSBHJiSDqVvvJVs2FEbeBvfdv4X93+IYRAXksBasSW5Tpdshbo82pVL4V7wuKCuFLk9UxBHbpQjWAbfyF66RmwIbZD71AgMBAAECgYBjPe7UU2nDDSfmQg0++CyjNjqKRC5QPfxhH6w1uF1kMueXKJWOj42n2RutJpJmsj31nY8m0u4xpsG4HvCu/GGSFhhKZCHLvzp41oY2ubYj9nuFNU//81LycQjulWo2y0UUBY0k2piEt+SwPaiUNbT6nMxNMjlnjRe2okp/3rw+KQJBANG3YlZWoVbCEqzy64bJJLxiPsCA5ErGB0NzRGitq44xkhqGtR8ZZQyVz40pruNa58d73O2xyJSy5+fmZGn4E+sCQQC2LBnguj0CSCKub0mPDcunTTz9V79VXBBZdlB1/YGmRUx2s4sQrJNZS7rL4EqBQ3maIRnG+s+AXCSTfsYrV6CfAkEAxugnVfpelhoGepEAgNuggyivmgfl/2Gpm/jk5l/qOjib+ZrQiQmeBPzGWX4yiSM8eMDrP2sC8r5pJFMp5DRONwJBAJ4n4XuSFJ9jgwCPy3vvzSv9SYLk6E6yM9uHdUlKgoGYzk6Lh6M9QFuY/J49plFdBDiEnj16yCU3WeXXfTJpzB8CQQDMNMR/rIOTE9xGybS3mlQbt22AUnO6XhupWcckEKW4nPGxATwYBQzCY3i/9FTGN0vA+9ZPC2cwHtNxI2kXf3Vp";  // merchant private key
  private static final String payUrl = "https://id-openapi.toppay.asia/gateway/prepaidOrder";
  private static final String cashUrl = "https://id-openapi.toppay.asia/gateway/cash";
  private static final String payNotify = "your notify url";
  private static final String cashNotify = "your notify url";

  public static void main(String[] args) throws Exception {
    pay();
  }
  private static void pay() throws Exception {
    Map<String, String> requestParams = new TreeMap<>();
    requestParams.put("merchantCode", MCH_ID);
    requestParams.put("orderType", "0");
    requestParams.put("method", "BCA");
    requestParams.put("orderNum", "T1642592278863");
    requestParams.put("payMoney", "150");
    requestParams.put("name", "JackMa");
    requestParams.put("phone", "082122965511");
    requestParams.put("email", "[email protected]");
    requestParams.put("notifyUrl", payNotify);
    requestParams.put("dateTime", "20220101235959");
    requestParams.put("expiryPeriod", "1440");
    requestParams.put("productDetail", "Test Pay");
    requestParams.put("redirectUrl", "http://123.com");

    StringBuilder stringBuilder = new StringBuilder();
    for (String key : requestParams.keySet()) {
      stringBuilder.append(requestParams.get(key));
    }

    String keyStr = stringBuilder.toString();
    System.out.println("keyStr:" + keyStr);
    String signedStr = TopPayRequestUtil.privateEncrypt(keyStr, TopPayRequestUtil.getPrivateKey(MCH_PRIVATE_KEY));
    requestParams.put("sign", signedStr);

    String postJson = new Gson().toJson(requestParams);
    System.out.println("Post Json Params:" + postJson);

    String responseJson = TopPayRequestUtil.doPost(payUrl, postJson);
    System.out.println("Response Msg:" + responseJson);

    boolean pass = TopPayRequestUtil.verifySign(new Gson().fromJson(responseJson, JsonObject.class), PLAT_PUBLIC_KEY); // Signature verification
    if (pass) {
      // ... The signature verification passes and normal business logic is executed.
    } else {
      // ... Signature verification error
    }
  }
}

<?php
// platform public key, from Secret key config
$platPublicKey = 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiaKBgQCcEUIvQ/5L+SWbHOeR8VFeZvLbUk7V7OeEAQlQwIVLSZMTef3KtsOKKAsUYPf/aAcKRzZZXECODsPQiDPcdZvM/rFkgrFWkR7lPjTj5SiPxGaiK2Z2sne7A8aDF7fV/D7lfmEwNdZ7FWKVEB84/81BHnlGUwb5HpRTISG+boSO6wIDAQAB';
// mchchant private key
$mchPrivateKey = 'MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMigm7rtWnTeNagwFzGTH+Uw1ypbiy7VhIoFJbgSYSSHdCaXWdT/l2+2fQlEYgAETVZ/IXB29MCnrf3O0dwRFXiipIbsm5zyqSLiS6cKXe8zN1/PlQWUbEt5wyWm0GADB/4bV6eu6gA7sGXmjQqrzfKZkcie3aK7+7ry1NFxTI51AgMBAAECgYEAklqXQAVlt1tiSQ7L3J425jp6u6uMHN4lkYmvuleuBbfKQ1yla3wIPLYjAF+iHeEFidOz0Rb19JRdmIkHDkJoJg2W27LvO6RdUwzgRnsuA3OuNz97w08B3aXXbPmB91nTFjKSlUsbh3IQWP71noxW+iKn844EW5hC5Gvn4L3quAECQQDrz1r0VKIbBSBB2aLuz1XyD/TBT2aRhvOKf0XtTRiQhNjtJxoQmvNbbhvUwj8an7HyCuihAbdbrC2ymFFyOSDZAkEA2c4Yudi48C6COrroi1cWgPlEFeGJXP/V1k5loZ1n2vstYAGPhAB4wUnFBLDvMqaBzWJt7MRkiazT8KnBQCDY/QJAMXpNlEyZwt+deBOpO0BnwSWV7mWxmMFfImU4D+WITPbC7aexsWBBxaJh1o93XCe715RwYTAR//stj3akSDoyaQJAa4FKuxC51/Nc3Fg9R+modeiTLqmv/3NXvPvdNjRXesLX1rduex0wfVdII9ShfEKrdxDKaT9W0NyzD+r6NAkCkQJBAMAnTgPYf0f7rh417GdoP7R7Nwi8KBKwPHlmfRukibOQlKt9xjqpsKJwglLn8pcnXbYbswXIdqzuBvIGAe3OWNg=';
// merchent ID from idntask, from User info
$merchantCode = 'YOUR MERCHANT ID';
$payMoney = '20000';
// Payment method
$method = 'BCA';
$orderType = '0';
// Merchant system unique order number
$orderNum = 'T'.date("YmdHis",time());
// The virtual account description
$productDetail = 'Test Pay';
$dateTime = date("YmdHis",time());
// Customer's email address
$email = '[email protected]';
// Customer's mobile number
$phone = '082112345678';
// Display name on bank confirmation display
$name = 'Neo';
// url for callback
$notifyUrl = 'http://example.com/callback';
$expiryPeriod = '1000';
$redirectUrl = 'http://123.com';
$params = array(
  'merchantCode' => $merchantCode,
  'orderType' => $orderType,
  'method' => $method,
  'orderNum' => $orderNum,
  'payMoney' => $payMoney,
   'name' => $name,
   'email' => $email,
   'phone' => $phone,
   'notifyUrl' => $notifyUrl,
   'dateTime' => $dateTime,
   'expiryPeriod' => $expiryPeriod,
   'productDetail' => $productDetail
 );

ksort($params);
$params_str = '';
foreach ($params as $key => $val) {
  $params_str = $params_str . $val;
}

$sign = pivate_key_encrypt($params_str, $mchPrivateKey);
$params['sign'] = $sign;
$params_string = json_encode($params);
$url = 'https://id-openapi.toppay.asia/gateway/prepaidOrder';
$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $params_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
  'Content-Type: application/json',
  'Content-Length: ' . strlen($params_string))
);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

// execute post
$request = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);

if($httpCode == 200)
{
  $result = json_decode($request, true);
  echo "platRespCode :". $result['platRespCode'] . "\n";
  echo "platRespMessage :". $result['platRespMessage'] . "\n";
  echo "platOrderNum :". $result['platOrderNum'] . "\n";
  echo "orderNum :". $result['orderNum'] . "\n";
  echo "method :". $result['method'] . "\n";
  echo "name :". $result['name'] . "\n";
  echo "email :". $result['email'] . "\n";
  // If you use mode 1, get the url parameter, cash register link
  echo "url :". $result['url'] . "\n";
  // If you use mode 2, get the payData parameter, payment information
  echo "payData :". $result['payData'] . "\n";
  echo "payMoney :". $result['payMoney'] . "\n";
  echo "payFee :". $result['payFee'] . "\n";
  echo "productDetail :". $result['productDetail'] . "\n";
  echo "platSign :". $result['platSign'] . "\n";
  $decryptStr = public_key_decrypt($result['platSign'], $platPublicKey);
  echo "decryptStr :". $decryptStr . "\n";
}
else {
  echo $httpCode;
}

function pivate_key_encrypt($data, $pivate_key)
{
  $pivate_key = '-----BEGIN PRIVATE KEY-----'."\n".$pivate_key."\n".'-----END PRIVATE KEY-----';
  $pi_key = openssl_pkey_get_private($pivate_key);
  $crypto = '';
  foreach (str_split($data, 117) as $chunk) {
    openssl_private_encrypt($chunk, $encryptData, $pi_key);
    $crypto .= $encryptData;
  }

  return base64_encode($crypto);
}

function public_key_decrypt($data, $public_key)
{
  $public_key = '-----BEGIN PUBLIC KEY-----'."\n".$public_key."\n".'-----END PUBLIC KEY-----';
  $data = base64_decode($data);
  $pu_key =  openssl_pkey_get_public($public_key);
  $crypto = '';
  foreach (str_split($data, 128) as $chunk) {
    openssl_public_decrypt($chunk, $decryptData, $pu_key);
    $crypto .= $decryptData;
  }
  return $crypto;
  }

# Request Address

Cashier mode(mode 1): Use the payment information shown in the checkout link
- Request method: POST
- Request address: https://id-openapi.toppay.asia/gateway/prepaidOrder
Direct connection mode (Mode 2): Obtain payment information directly (applicable to merchants with their own checkout page)
- Request method: POST
- Request address: https://id-openapi.toppay.asia/gateway/pay

# Request parameters

Note: Do not fill in Chinese in all parameters! ! !

Cashier mode(mode 1)：

Param	Type	Required	Description	Example
merchantCode	string(32)	Y	merchant ID，Get it in merchant background	S820211021094748000001
orderType	string(10)	Y	order type	0-Fiat Currency (Indonesian Rupiah) Transaction
method	string(10)	N	method 1.If you need to specify a payment method, you can choose one of the payment methods in the example on the right. 2.If you do not specify a payment method, you do not need to pass this parameter (only in cashier mode), and you can select a payment method in our cashier page.	BCA BNC BNI BRI BSI CIMB PERMATA MANDIRI MAYBANK LINKAJA OVO QRIS GOPAY_QRIS DANA DANAMON SHOPEEPAY ALFAMART
orderNum	string(32)	Y	Merchant order number	10000001
payMoney	int(10)	Y	Payment amount (only integers, no decimals)	150000
productDetail	string(32)	Y	payment description	Test goods
notifyUrl	string(100)	Y	Asynchronous notification address of successful order payment (used to receive notification after successful order transaction)	https://host:port/notifyUrl
dateTime	string(32)	Y	Timestamp (format：yyyyMMddHHmmss)	20190101235959
expiryPeriod	int(5)	Y	Order expiration time (unit: minute). If there is no special requirement, try to set the expiration time as large as possible, if the time is too short, it will easily expire	1440
name	string(16)	Y	Customer Name	Jack
email	string(64)	Y	Customer Email	[email protected]
phone	string(14)	Y	Customer Phone(Beginning with 08)	08123456789
redirectUrl	string(200)	N	Return jump address (only for cash register mode)	http://123.com
sign	string(255)	Y	sign	fnbSOvY83pr8hXg+FdNNYi2ubQUGNv/qGYc4TjRl+XxO2jo92dyjKHFU9/4hNECilMooOcH

Direct connection mode (Mode 2)：
- Note 1: Mode 2 cannot be used to pay with OVO. OVO requires entering a mobile phone number at the cashier.
- Mode 2 QRIS will return two kinds of data: QR code Url and QR code original data, which can be judged by whether payData starts with Http.

Param	Type	Required	Description	Example
merchantCode	string(32)	Y	Merchant ID，Get it in Merchant Platform-Personal Center-Personal Information	S820211021094748000001
orderType	string(10)	Y	order type	0-Fiat Currency (Indonesian Rupiah) Transaction
method	string(10)	Y	method you need to specify a payment method, you can choose one of the payment methods in the example on the right.	BCA BNC BNI BRI BSI CIMB PERMATA MANDIRI MAYBANK LINKAJA OVO QRIS GOPAY_QRIS DANA DANAMON SHOPEEPAY ALFAMART
orderNum	string(32)	Y	Merchant order number	10000001
payMoney	int(10)	Y	Payment amount (only integers, no decimals)	150000
productDetail	string(32)	Y	payment description	Test goods
notifyUrl	string(100)	Y	Asynchronous notification address of successful order payment (used to receive notification after successful order transaction)	https://host:port/notifyUrl
dateTime	string(32)	Y	Timestamp format：yyyyMMddHHmmss	20190101235959
expiryPeriod	int(5)	Y	Order expiration time (unit: minute). If there is no special requirement, try to set the expiration time as large as possible, if the time is too short, it will easily expire	1440
name	string(16)	Y	Customer Name	Jack
email	string(64)	Y	Customer Email	[email protected]
phone	string(14)	Y	Customer Phone(Beginning with 08)	08123456789
sign	string(255)	Y	sign	fnbSOvY83pr8hXg+FdNNYi2ubQUGNv/qGYc4TjRl+XxO2jo92dyjKHFU9/4hNECilMooOcH

# Request example

Cashier mode(mode 1)：(The method parameter does not need to be passed, and the page to be jumped is different.)

{
    "merchantCode": "S820211021094748000001",
    "orderType": "0",
    "method": "BCA",
    "orderNum": "T1642593166888",
    "payMoney": "150",
    "productDetail": "Test Pay",
    "notifyUrl": "your notify url",
    "dateTime": "2022-01-01 10:55:00",
    "expiryPeriod": "1440",
    "name": "JackMa",
    "email": "[email protected]",
    "phone": "082122965511",
    "sign": "fnbSOvY83pr8hXg+FdNNYi2ubQUGNv/qGYc4TjRl+Xxd1yc9fpkpTx5UQEDTgmhwdCKBkhHVsx2AiQbYDxZ5WBuU1GZeiJ"
}

Direct connection mode (Mode 2)：(The method parameter must be passed)

{
    "merchantCode": "S820211021094748000001",
    "orderType": "0",
    "method": "BCA",
    "orderNum": "T1642593166888",
    "payMoney": "150",
    "productDetail": "Test Pay",
    "notifyUrl": "your notify url",
    "dateTime": "2022-01-01 10:55:00",
    "expiryPeriod": "1440",
    "name": "JackMa",
    "email": "[email protected]",
    "phone": "082122965511",
    "sign": "fnbSOvY83pr8hXg+FdNNYi2ubQUGNv/qGYc4TjRl+Xxd1yc9fpkpTx5UQEDTgmhwdCKBkhHVsx2AiQbYDxZ5WBuU1GZeiJ"
}

# Response parameters

Note: If it is QRIS, the QR code returned by payData will be in two ways: image link and QR code source code, please pay attention to identification! ! !

Parameters	Type	Required	Description	Example
platRespCode	String	Y	Whether the requested business was successful	FAIL\SUCCESS
platRespMessage	String	Y	Interface response information prompt	Request Transaction Success
platOrderNum	String	Y	platform order number	PI1453242857400963072
payMoney	String	Y	Payment amount	150000
payFee	String	N	Handling fee amount	5.32
method	String	N	payment method	BCA
productDetail	String	Y	Product Details	apple
name	String	Y	Customer Name	Jack
email	String	Y	Customer email	[email protected]
orderNum	String	Y	Merchant order number	23645782
url	String	N	cash register link	Cashier mode(mode 1)，Returned when 'platRespCode' is SUCCESS
payData	String	N	Payment Information	Direct connection mode (Mode 2)，Returned when 'platRespCode' is SUCCESS

# Response message example

Mode 1 response message example (url is the checkout link)

{
    "platOrderNum": "BCA1483771634191044608",
    "payMoney": "150",
    "productDetail": "Test Pay",
    "name": "JackMa",
    "orderNum": "T1642593166888",
    "platRespCode": "SUCCESS",
    "platRespMessage": "Request Transaction Success",
    "url": "https://id-openapi.toppay.asia/gateway/order/BCA1483771634191044608",
    "email": "[email protected]"
}

Mode 2 response message example

{
  "platOrderNum": "BCA1483771634191044608",
  "payMoney": "150",
  "payFee": "16",
  "method": "BCA",
  "productDetail": "Test Pay",
  "name": "JackMa",
  "orderNum": "T1642593166888",
  "platRespCode": "SUCCESS",
  "platRespMessage": "Request Transaction Success",
  "payData": "874961198466",
  "email": "[email protected]"
}

Example of a failure response message

{
    "platRespCode": "FAIL",
    "platRespMessage": "the orderNum already exists"
}

# Pay api callback notify

Please note: The current business will only have a callback notification when the order payment is successful.
When verifying the signature, you must use the platform public key provided in the Merchant Backstage-Receipt and Payment Configuration-API Configuration to decrypt! ! !
After accepting asynchronous notification, you need to respond with the SUCCESS string, which does not contain quotes and is not in Json format. Otherwise TopPay will continue to initiate 5 notifications.

import com.google.gson.JsonObject;

public class TopPayNotify {
    private static final String MCH_ID = "S820211021094748000001";
    private static final String PLAT_PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2JoMfFqLsSJjAiCahEnlP3aRj8yCT+WHzR+VvPBTw9S1i7iYWb+MY09CG/HYuHF4+IxshXDJygmndxKf/esuwPybS8mAd//yubHpmZsmBqg1FffT8VH1APa6ZRWASUp4U01ZrbCCp35QA8FuWrJGMJxGx4xk7KUtV2yujxC8noQIDAQAB";
    public static void main(String[] args) throws Exception {
        JsonObject notifyBody = new jsonObject();
        boolean verifyResult = TopPayRequestUtil.verifySign(notifyBody,PLAT_PUBLIC_KEY);
        if (verifyResult) {
            // ... do something
        } else {
            // ... do something
        }
    }
}

# Notify Params

Parameters	Description	Example
code	response code	00
msg	response message	SUCCESS
status	payment status	View order status description
platOrderNum	platform order number	BK_1563278763273
orderNum	merchant order number	T1231511321515
method	pay type	Requested method
name	Customer Name	Neo
payMoney	payment amount	100000
payFee	Handling fee amount	500
email	Email	[email protected]
phone	Phone number	08123456789
platSign	Platform Sign	ja6R8eukQY9jc8zrhtf34654ungj7u8sdgdfjfs

# Pay api callback notify example

{
    "code": "00",
    "msg": "SUCCESS",
    "status": "SUCCESS",
    "platOrderNum": "BCA1483771634191044608",
    "orderNum": "T1642593166888",
    "method": "BCA",
    "name": "JackMa",
    "payMoney": "150",
    "payFee": "16",
    "email": "[email protected]",
    "phone": "123456789",
    "platSign": "ja6R8eukQY9jc8zrhtf34654ungj7u8sdgdfjfs"
}

API Signature Generate Digital Pay Api

API Document

Choose mode

IDR Pay Api

IDR Pay Api

# Code Example

# Request Address

# Request parameters

# Request example

# Response parameters

# Response message example

# Pay api callback notify

# Notify Params

# Pay api callback notify example