API Docs Midtrans Com
API Docs Midtrans Com
API Docs Midtrans Com
Introduction
NAV
Midtrans API is a RESTful Web Service served as a communication bridge between merchants and our payment
channels.
HTTP(S) Request
Midtrans API can be requested through HTTP(S) Request to Midtrans Base URL endpoint. The HTTP(S) Header has to be
used to allow proper authentication.
Data sent in Development Environment will not trigger an actual purchase. Midtrans service can be fully utilized
in Production Environment.
Maximum allowed size of HTTP(S) request is limited to 16kb. Please strive to keep it under this limit to avoid
request failure.
HTTP(S) Header
Accept application/json The Accept field is used to specify that JSON type is acceptable for the
response
Authorization Basic base64( server ke The Authorization field credentials can be found in Midtrans Merchant
y , : ) Admin Portal
In Midtrans API, the input and output parameters of the methods will be in JSON format. To accept JSON input and
output parameters, you need to add the following HTTP(S) header:
Content-Type: application/json
Accept: application/json
Authorization Header
The authorization header utilizes Midtrans Server Key following HTTP(S) BASIC AUTH convention:
For Development environment, obtain server key in Sandbox MAP Settings - Access Keys.
For Production environment, obtain server key in MAP Settings - Access Keys.
2. Since there is no Password for the server key, leave the password field blank.
3. If the server key is: 94960ece-9513-4265-9cf2-67a4da330213 .
Following BASIC AUTH Username and password format will become:
94960ece-9513-4265-9cf2-67a4da330213:
Note: Make sure there is ":" character a er the server key! 4. Encode this value into base64 format, hence the result is:
OTQ5NjBlY2UtOTUxMy00MjY1LTljZjItNjdhNGRhMzMwMjEzOg== 5. To be authorized to use Midtrans API, you need to add
the following HTTP(S) header:
Authorization: Basic OTQ5NjBlY2UtOTUxMy00MjY1LTljZjItNjdhNGRhMzMwMjEzOg==
The following Authorization Header is just an example. Please use your own Sandbox / Production Server Key!
Payment API
API Methods
HTTP
Endpoint Method Definition
/v2/charge POST Perform a transaction with various available payment methods and
features. Example given: Credit Card Charge.
/v2/ order_id /approve POST Approve a transaction with certain order_id which gets challenge status
from Fraud Detection System
/v2/ order_id /deny POST Deny a transaction with certain order_id which gets challenge status from
Fraud Detection System
/v2/ order_id /cancel POST Cancel a transaction with certain order_id . Cancelation can only be done
before settlement process
/v2/ order_id /expire POST Update order_id with pending status to be expired
/v2/ order_id /refund POST Update order_id with settlement status to be refund
/v2/ order_id /refund/o POST Attempt to send refund to bank or payment provider and update the
nline/direct transaction status to refund if it succeeded
/v2/ order_id /status GET Get information status of a transaction with certain order_id
/v2/ order_id /status/b GET Get information status of multiple B2B transactions related to certain orde
2b r_id
/v2/card/register GET Register card information (card number and expiry) to be used for two clicks
and one click
/v2/point_inquiry/ toke GET Get the point balance of the card in denomination amount
n_id
/v2/pay/account POST Link customer account which can be used to create payment for certain
channel
Get Token
Token ID is a unique value that is associated with the customer’s credit card information during a transaction. Get
Token method sends the credit card info via Midtrans.min.js to Midtrans server and returns the token ID to the
merchant being charged.
**NOTE:** Get Token methods and features are only applicable for Credit Card Transaction.
To utilize this library, please add the following line of code at your payment page inside the <head> tag.
1. Get Card Token: To allows the customer’s credit card to be securely sent to Midtrans server, without the merchant
handling the credit card details.
2. Redirect: To allow customer to be redirected into 3DS authentication page.
Attribute Description
data- To identify which environment the request is pointing to. Possible values: production , sandb
environment ox
var options = {
onSuccess: function(response) {
// Implement success handling here
},
onFailure: function(response) {
// Implement error handling here
}
}
MidtransNew3ds.getCardToken(card, options);
card_number C The 16 digits Credit Card number "4111 1111 1111 1111" or
"4111111111111111"
card_cvv Y The numeric digit printed on the back of the card "123"
token_id C The previously saved token of credit card. Get the "481111-1114-0e68a4c4-
value from saved_token_id from initial charge 85d3-48b5-b6cb-
response 9945b2d3dcc9"
Most of the parameters are required conditionally based on the type of token being requested.
status code The code of the "200" for success, "400" when validation error
response
validation_messages The validation [“card_exp_year must be greater than this year”, "card_expire_month
errors must be greater than this year's month”]
Available options:
Name Description
onSuccess This function is called only when get token responds with status code 200
onFailure This function is called for every other status code but 200
Redirect function
var options = {
// In case, Merchant needs to override for each transactions
callbackUrl = "<ANY LINK>"
}
MidtransNew3ds.redirect(redirect_url, options);
A er proceeding card transaction to /charge API request, if the transaction need 3DS authentication, Merchant will
receive redirect_url as part of the response. Merchant can optionally use built-in MidtransNew3ds.redirect
function to redirect customer.
A er 3DS process completed by customer, Customer will be redirected back to merchant website, either to specified ca
llbackUrl or finish url configured on Merchant Dashboard. This final redirect is HTTP POST method, contains
JSON string encapsulated as value of response key of the POST form-data.
transaction_status String Transaction status a er charge credit card transaction, the possible values
are
capture : Transaction is accepted by the bank and ready for settlement.
deny : transaction is denied by the bank or FDS.
authorize : Credit card is authorized in pre-authorization feature
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it
or transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
masked_card String First 6-digit and last 4-digit of customer's credit card number
approval_code String Approval code. It can be used for refund. This does not exist on denied
transaction
Name Description
callbackUrl Optional. To override where the customer gets redirected a er 3D secure authentication is done.
var options = {
performAuthentication: function(url) {
openDialog(url)
},
onSuccess: function(response) {
// Successful handling
closeDialog()
},
onPending: function(response) {
// Pending handling
closeDialog()
},
onFailure: function(response) {
// Failure handling
closeDialog()
}
}
MidtransNew3ds.authenticate(redirect_url,options)
As an alternative to the redirection scheme, Merchant can also optionally use MidtransNew3ds.performAuthenticatio
transaction_status String Transaction status a er charge credit card transaction, the possible values
are
capture : Transaction is accepted by the bank and ready for settlement.
deny : transaction is denied by the bank or FDS.
authorize : Credit card is authorized in pre-authorization feature
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it
or transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
masked_card String First 6-digit and last 4-digit of customer's credit card number
approval_code String Approval code. It can be used for refund. This does not exist on denied
transaction
Available options:
Name Description
onPending Handle to receive callback response. Only applicable when merchant applied for async
endpoint.
Charge features
{
"payment_type": "bank_transfer",
"bank_transfer": {
"bank": "permata"
},
"transaction_details": {
"order_id": "C17550",
"gross_amount": 145000
},
"custom_field1": "custom field 1 content",
"custom_field2": "custom field 2 content",
"custom_field3": "custom field 3 content"
}
{
"status_code": "200",
"status_message": "Success, Credit Card transaction is successful",
"transaction_id": "1eae238a-cb9e-4f92-b284-aac8b39e4eab",
"order_id": "C17550",
"gross_amount": "145000.00",
"payment_type": "credit_card",
"transaction_time": "2016-06-28 09:42:20",
"transaction_status": "capture",
"fraud_status": "accept",
"approval_code": "256084",
"masked_card": "481111-1114",
"bank": "bni"
}
{
"masked_card": "481111-1114",
"approval_code": "256084",
"bank": "bni",
"transaction_time": "2016-06-28 09:42:20",
"custom_field1": "Toko Rani",
"custom_field2": "Jakarta",
"custom_field3": "RR",
"gross_amount": "10000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "ad7ccda03d8ec6f2f415661fb511d47fcd17dcc7d7e1ade96a305dd5d3bc2bea5438a8bdfe1aeedabdefb22
"status_code": "200",
"transaction_id": "1eae238a-cb9e-4f92-b284-aac8b39e4eab",
"transaction_status": "capture",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
Set Custom Fields is a feature that enables merchants to charge a transaction with a unique data according to the
merchant's need. Midtrans provides merchants with 3 custom fields that can be used for various utilities. Convention of
a custom field can be set from Midtrans Merchant Admin Portal, as follow below:
1. Go to Configuration tab, under General Settings, set the custom fields label.
2. Request Charge transaction with the custom fields value.
3. These custom fields label and value can be checked at the Order ID of a transaction.
4. Midtrans will include these custom fields when the HTTP POST Notification is sent.
{
"payment_type": "bank_transfer",
"bank_transfer": {
"bank": "permata"
},
"transaction_details": {
"order_id": "C17550",
"gross_amount": 145000
},
"custom_expiry": {
"order_time": "2016-12-07 11:54:12 +0700",
"expiry_duration": 60,
"unit": "minute"
}
}
Set Custom Expiry feature enables merchants to set an expiry time of payment with pending status for every
transaction. The following payment is the list of payment with Pending Status:
Bank Transfer: Permata Virtual Account, BCA Virtual Account, Mandiri Bill Payment, BNI Virtual Account, BRI Virtual
Account
Direct Debit: BCA KlikPay, KlikBCA, e-pay BRI, CIMB Clicks, Danamon Online Banking
e-Wallet: QRIS, GO-PAY, ShopeePay
Over the Counter: Indomaret, Kioson
Customer Financing: Akulaku
For QRIS with acquirer airpay shopee (ShopeePay) and shopeepay , the maximum expiry is 60 minutes or 1 hour. The
transaction will be rejected if the custom expiry exceeded the allowed maximum.
Symbol Meaning
Set Metadata
{
"payment_type": "bank_transfer",
"bank_transfer": {
"bank": "permata"
},
"transaction_details": {
"order_id": "C17550",
"gross_amount": 145000
},
"metadata": {
"you": "can",
"put": "any",
"parameter": "you like"
}
}
{
"status_code": "200",
"status_message": "Success, Credit Card transaction is successful",
"transaction_id": "1eae238a-cb9e-4f92-b284-aac8b39e4eab",
"order_id": "C17550",
"gross_amount": "145000.00",
"payment_type": "credit_card",
"transaction_time": "2016-06-28 09:42:20",
"transaction_status": "capture",
"fraud_status": "accept",
"approval_code": "256084",
"masked_card": "481111-1114",
"bank": "bni"
}
Set Metadata Notifications
{
"masked_card": "481111-1114",
"approval_code": "256084",
"bank": "bni",
"transaction_time": "2016-06-28 09:42:20",
"gross_amount": "10000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "ad7ccda03d8ec6f2f415661fb511d47fcd17dcc7d7e1ade96a305dd5d3bc2bea5438a8bdfe1aeedabdefb22
"status_code": "200",
"transaction_id": "1eae238a-cb9e-4f92-b284-aac8b39e4eab",
"transaction_status": "capture",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"metadata": {
"you": "can",
"put": "any",
"parameter": "you like"
}
}
Set Metadata is similar with set custom field which enables merchant to put free-form JSON object instead of String.
Merchants can use this metadata as a transaction tag where merchants retrieve it via Get Status or Notification
payload. Additionally, merchants can also configure their fraud detection rules based on their metadata fields.
Capture Transaction
This method is used to capture transaction balance when transaction_status is authorize . Transaction with status
authorize is only available a er Pre Authorization Credit Card transaction.
{
"transaction_id": "be4f3e44-d6ee-4355-8c64-c1d1dc7f4590",
"gross_amount": 145000
}
JSON
Attribute Type Required Description
{
"status_code" : "200",
"status_message" : "Success, Credit Card capture transaction is successful",
"transaction_id" : "ca297170-be4c-45ed-9dc9-be5ba99d30ee",
"masked_card" : "451111-1117",
"order_id" : "testing-0.4555-1414741517",
"payment_type" : "credit_card",
"transaction_time" : "2014-10-31 14:46:44",
"transaction_status" : "capture",
"fraud_status" : "accept",
"bank" : "bni",
"gross_amount" : "30000.00"
}
{
"status_code" : "412",
"status_message" : "Merchant cannot modify the status of the transaction"
}
JSON Attribute Type Description
masked_card String First 6-digit and last 4-digit of customer's credit card number
Approve Transaction
Approve method can be triggered to accept card payment transaction in which fraud_status is challenge .
{
"status_code" : "412",
"status_message" : "Merchant cannot modify the status of the transaction"
}
transaction_status String Transaction status a er charge credit card transaction, the possible values are
capture : Transaction is accepted by the bank and ready for settlement.
deny : transaction is denied by the bank or FDS.
authorize : Credit card is authorized in pre-authorization feature
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it or
transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
masked_card String First 6-digit and last 4-digit of customer's credit card number
**Possible error codes:** `400`, `401`, `402`, `406`, `410`, and `412`. Please refer to the [status code]
(#status-code).
Deny Transaction
Deny method can be triggered to immediately deny card payment transaction in which fraud_status is challenge .
{
"status_code" : "200",
"status_message" : "Success, transaction is denied",
"transaction_id" : "ca297170-be4c-45ed-9dc9-be5ba99d30ee",
"masked_card" : "451111-1117",
"order_id" : "testing-0.4555-1414741517",
"payment_type" : "credit_card",
"transaction_time" : "2014-10-31 14:46:44",
"transaction_status" : "deny",
"fraud_status" : "deny",
"bank" : "bni",
"gross_amount" : "30000.00"
}
Error Deny Transaction Response
{
"status_code" : "412",
"status_message" : "Merchant cannot modify the status of the transaction"
}
transaction_status String Transaction status a er charge credit card transaction, the possible values are
capture : Transaction is accepted by the bank and ready for settlement.
deny : transaction is denied by the bank or FDS.
authorize : Credit card is authorized in pre-authorization feature
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it or
transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
masked_card String First 6-digit and last 4-digit of customer's credit card number
**Possible error codes:** `400`, `401`, `402`, `406`, `410`, and `412`. Please refer to the [status code]
(#status-code).
Cancel Transaction
Card Payment
Card payment can be voided with cancel method if the transaction has not been settled. For Pre-Authorized
transaction, Cancelling a Pre-Authorized transaction varies depending on the Acquiring Bank.
BCA, BRI, MAYBANK Before and a er pre-authorization payment has been captured
Pending Payment
Payment with Pending Status can be voided with cancel method if the transaction has not expired or has not been
completed. The following payment is the list of payment with Pending Status:
Bank Transfer: Permata Virtual Account, BCA Virtual Account, Mandiri Bill Payment, BNI Virtual Account, BRI Virtual
Account
Direct Debit: BCA KlikPay, KlikBCA, e-pay BRI, CIMB Clicks, Danamon Online Banking
e-Wallet: QRIS, GO-PAY, ShopeePay
Over the Counter: Indomaret, Kioson
Customer Financing: Akulaku
{
"status_code" : "412",
"status_message" : "Merchant cannot modify the status of the transaction"
}
{
"masked_card": "420194-2900",
"approval_code": "325511",
"bank": "mandiri",
"eci": "05",
"transaction_time": "2016-07-04 13:32:44",
"gross_amount": "244108.00",
"order_id": "160288131764",
"payment_type": "credit_card",
"signature_key": "71f3b14d3036d2a60dac7fef1cdde7bebdbb2dbeebc68bcf5e7819fe8be7c9241611ea1e769e0c677573580
"status_code": "202",
"transaction_id": "ffd82cd2-4f0d-4b24-b4b8-e201b0c3d80e",
"transaction_status": "cancel",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
transaction_status String Transaction status a er charge credit card transaction, the possible values are
capture : Transaction is accepted by the bank and ready for settlement. NOTE:
Cancel transaction to deny / cancel it. Otherwise, transaction will automatically
be settled during settlement.
deny : transaction is denied by the bank or FDS.
authorize : Credit card is authorized in pre-authorization feature
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS.
deny : Denied by FDS. Transaction automatically failed
masked_card String First 6-digit and last 4-digit of customer's credit card number
**Possible error codes:** `400`, `401`, `402`, `406`, `410`, and `412`. Please refer to the [status code]
(#status-code). `412` will occur if the `transaction_status` is not pending or capture.
Expire transaction
Transaction status can be updated into expired if the customer has not complete the payment. The expired order id can
be reused again with the same or different payment method.
{
"status_code": "407",
"status_message": "Success, transaction has expired",
"transaction_id": "447e846a-403e-47db-a5da-d7f3f06375d6",
"order_id": "vtmbill05",
"payment_type": "echannel",
"transaction_time": "2015-06-15 13:36:24",
"transaction_status": "expire",
"gross_amount": "10000.00"
}
{
"status_code" : "412",
"status_message" : "Merchant cannot modify the status of the transaction"
}
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "841c7da8-530b-435a-9f67-c9d632d15537",
"order_id": "1000176721005355",
"gross_amount": "698879.00",
"payment_type": "bank_transfer",
"transaction_time": "2016-07-04 00:53:55",
"transaction_status": "expire",
"permata_va_number": "8778004890127981",
"signature_key": "f1066b06ec8a4b7d6ffb941fd9772f6df304618e15e02cf17c2914cec12793e19c71653042f7f617b027eae
}
transaction_status String Transaction status a er charge credit card transaction, the possible values are
capture : Transaction is accepted by the bank and ready for settlement.
deny : transaction is denied by the bank or FDS.
authorize : Credit card is authorized in pre-authorization feature
**Possible error codes:** `400`, `401`, `402`, `406`, `410`, and `412`. Please refer to the [status code]
(#status-code). `412` will occur if the `transaction_status` is not pending.
Refund transaction
Transaction status can be updated into refund if the customer decides to cancel completed/settlement payment. The
same refund id cannot be reused again.
This API only supports payment type credit_card . For credit_card , we only supports bank bni , mandiri , and c
imb .
{
"refund_key": "reference1",
"amount": 5000,
"reason": "for some reason"
}
JSON
Attribute Type Required Description
refund_key String N Merchant refund ID. If not passed then Midtrans will randomize one. It is
recommended to use this param to avoid double refund attempt.
Allowable characters are alphanumeric and selected symbols such as: - ,
_ .
amount Long N Amount to be refunded. By default will refund whole transaction amount
{
"status_code": "200",
"status_message": "Success, refund request is approved",
"transaction_id": "447e846a-403e-47db-a5da-d7f3f06375d6",
"order_id": "vtcc05",
"payment_type": "credit_card",
"transaction_time": "2015-06-15 13:36:24",
"transaction_status": "refund",
"gross_amount": "10000.00",
"refund_chargeback_id": 1,
"refund_amount": "10000.00",
"refund_key": "reference1"
}
{
"status_code": "200",
"status_message": "Success, refund request is approved",
"transaction_id": "447e846a-403e-47db-a5da-d7f3f06375d6",
"order_id": "vtcc05",
"payment_type": "credit_card",
"transaction_time": "2015-06-15 13:36:24",
"transaction_status": "partial_refund",
"gross_amount": "10000.00",
"refund_chargeback_id": 1,
"refund_amount": "5000.00",
"refund_key": "reference1"
}
Error Invalid Refund Transaction Response
{
"status_code" : "412",
"status_message" : "Merchant cannot modify the status of the transaction"
}
{
"status_code" : "414",
"status_message" : "Refund request is rejected due to invalid amount"
}
{
"status_code" : "406",
"status_message" : "Duplicate refund ID"
}
{
"status_code" : "200",
"status_message" : "midtrans payment notification",
"transaction_id" : "249fc620-6017-4540-af7c-5a1c25788f46",
"masked_card" : "481111-1114",
"order_id" : "example-1424936368",
"payment_type" : "credit_card",
"transaction_time" : "2015-02-26 14:39:33",
"transaction_status" : "partial_refund",
"fraud_status" : "accept",
"approval_code" : "1424936374393",
"signature_key" : "2802a264cb978fbc59f631c68d120cbda8dc853f5dfdc52301c615cf4f14e7a0b09aa...",
"bank" : "bni",
"gross_amount" : "30000.00",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit",
"refund_amount": "12000.00",
"refunds": [
{
"refund_chargeback_id": 1,
"refund_amount": "5000.00",
"created_at": "2015-02-27 00:14:20",
"reason": "some reason",
"refund_key": "reference1",
"refund_method": "online"
},
{
"refund_chargeback_id": 2,
"refund_amount": "7000.00",
"created_at": "2015-02-28 01:23:15",
"reason": "",
"refund_key": "reference2",
"refund_method": "offline"
},
]
}
{
"status_code" : "200",
"status_message" : "midtrans payment notification",
"transaction_id" : "249fc620-6017-4540-af7c-5a1c25788f46",
"masked_card" : "481111-1114",
"order_id" : "example-1424936368",
"payment_type" : "credit_card",
"transaction_time" : "2015-02-26 14:39:33",
"transaction_status" : "partial_refund",
"fraud_status" : "accept",
"approval_code" : "1424936374393",
"signature_key" : "2802a264cb978fbc59f631c68d120cbda8dc853f5dfdc52301c615cf4f14e7a0b09aa...",
"bank" : "bni",
"gross_amount" : "30000.00",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit",
"refund_amount": "12000.00",
"refunds": [
{
"refund_chargeback_id": 1,
"refund_amount": "5000.00",
"created_at": "2015-02-27 00:14:20",
"reason": "some reason",
"refund_key": "reference1",
"refund_method": "online",
"bank_confirmed_at": "2015-02-27 02:30:20"
},
{
"refund_chargeback_id": 2,
"refund_amount": "7000.00",
"created_at": "2015-02-28 01:23:15",
"reason": "",
"refund_key": "reference2",
"refund_method": "offline",
"bank_confirmed_at": "2015-02-27 02:30:20"
},
]
}
For notification JSON attributes, please follow the description on Get Status Response
For ShopeePay, GoPay, and QRIS transactions, merchants need to call Direct Refund API to refund the
transactions.
**Possible error codes:** `400`, `401`, `402`, `406`, `410`, `412`, and `414`. Please refer to the [status code]
(#status-code). `412` occurs when the `transaction_status` is not settlement and `414` occurs when requested
refund exceeding transaction amount.
As opposed to previous refund API, this is used to directly send the refund request to bank or payment provider (third
party). This API is useful to skip the standard operation process which may take 1 or 2 days a er the initial refund
request. The status of corresponding transaction will immediately be updated following the refund result received from
third party. It will send HTTP notification only if the refund succeeded.
This API only supports payment type gopay , qris , shopeepay and credit_card . Currently for credit_card , we
only supports bank bca , maybank , and bri .
For QRIS with acquirer airpay shopee (ShopeePay) and shopeepay , the maximum refund window is 24 hours since
the transaction is paid. Also, refund is not allowed in between 11:55 PM and 6:00 AM GMT+7. If merchants send direct
refund inside the stated timeframe, then the request will get rejected by ShopeePay.
{
"refund_key": "reference1",
"amount": 5000,
"reason": "for some reason"
}
JSON
Attribute Type Required Description
refund_key String N Merchant refund ID. If not passed then Midtrans will randomize one. It is
recommended to use this param to avoid double refund attempt.
amount Long N Amount to be refunded. By default will refund whole transaction amount
{
"status_code": "200",
"status_message": "Success, refund request is approved by the bank"
}
Rejected Direct Refund Transaction Response
{
"status_code": "202",
"status_message": "Refund denied by the bank"
}
{
"status_code" : "412",
"status_message" : "Merchant cannot modify the status of the transaction"
}
{
"status_code" : "414",
"status_message" : "Refund request is rejected due to invalid amount"
}
{
"status_code" : "406",
"status_message" : "Duplicate refund ID"
}
{
"status_code": "200",
"status_message": "midtrans payment notification",
"transaction_id": "841c7da8-530b-435a-9f67-c9d632d15537",
"order_id": "1000176721005355",
"gross_amount": "698879.00",
"payment_type": "credit_card",
"transaction_time": "2016-07-04 00:53:55",
"transaction_status": "refund",
"permata_va_number": "8778004890127981",
"signature_key": "f1066b06ec8a4b7d6ffb941fd9772f6df304618e15e02cf17c2914cec12793e19c71653042f7f617b027eae
}
{
"status_code": "200",
"status_message": "midtrans payment notification",
"transaction_id": "841c7da8-530b-435a-9f67-c9d632d15537",
"order_id": "1000176721005355",
"gross_amount": "698879.00",
"payment_type": "credit_card",
"transaction_time": "2016-07-04 00:53:55",
"transaction_status": "partial_refund",
"permata_va_number": "8778004890127981",
"signature_key": "f1066b06ec8a4b7d6ffb941fd9772f6df304618e15e02cf17c2914cec12793e19c71653042f7f617b027eae
}
refund_key String Merchant refund referenc. Applicable characters are alphanumeric and selected
symbols such as: - , _ .
**Possible error codes:** `400`, `401`, `402`, `406`, `410`, `412`, and `414`. Please refer to the [status code]
(/#status-code). `412` occurs when the `transaction_status` is not settlement and `414` occurs when requested
refund exceeding transaction amount.
{
"status_code" : "200",
"status_message" : "Success, transaction found",
"transaction_id" : "249fc620-6017-4540-af7c-5a1c25788f46",
"masked_card" : "481111-1114",
"order_id" : "example-1424936368",
"payment_type" : "credit_card",
"transaction_time" : "2015-02-26 14:39:33",
"transaction_status" : "capture",
"fraud_status" : "accept",
"approval_code" : "1424936374393",
"signature_key" : "2802a264cb978fbc59f631c68d120cbda8dc853f5dfdc52301c615cf4f14e7a0b09aa...",
"bank" : "bni",
"gross_amount" : "30000.00",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
Success Get Status Refunded Transaction Response
{
"status_code" : "200",
"status_message" : "Success, transaction found",
"transaction_id" : "249fc620-6017-4540-af7c-5a1c25788f46",
"masked_card" : "481111-1114",
"order_id" : "example-1424936368",
"payment_type" : "credit_card",
"transaction_time" : "2015-02-26 14:39:33",
"transaction_status" : "partial_refund",
"fraud_status" : "accept",
"approval_code" : "1424936374393",
"signature_key" : "2802a264cb978fbc59f631c68d120cbda8dc853f5dfdc52301c615cf4f14e7a0b09aa...",
"bank" : "bni",
"gross_amount" : "30000.00",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit",
"refund_amount": "12000.00",
"refunds": [
{
"refund_chargeback_id": 1,
"refund_amount": "5000.00",
"created_at": "2015-02-27 00:14:20",
"reason": "some reason",
"refund_key": "reference1"
},
{
"refund_chargeback_id": 2,
"refund_amount": "7000.00",
"created_at": "2015-02-28 01:23:15",
"reason": "",
"refund_key": "reference2"
},
]
}
{
"status_code" : "200",
"status_message" : "Success, transaction found",
"transaction_id" : "249fc620-6017-4540-af7c-5a1c25788f46",
"masked_card" : "481111-1114",
"order_id" : "example-1424936368",
"payment_type" : "credit_card",
"transaction_time" : "2015-02-26 14:39:33",
"transaction_status" : "partial_refund",
"fraud_status" : "accept",
"approval_code" : "1424936374393",
"signature_key" : "2802a264cb978fbc59f631c68d120cbda8dc853f5dfdc52301c615cf4f14e7a0b09aa...",
"bank" : "bni",
"gross_amount" : "30000.00",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit",
"refund_amount": "12000.00",
"refunds": [
{
"refund_chargeback_id": 1,
"refund_amount": "5000.00",
"created_at": "2015-02-27 00:14:20",
"reason": "some reason",
"refund_key": "reference1",
"refund_method": "online",
"bank_confirmed_at": "2015-02-27 02:30:20"
},
{
"refund_chargeback_id": 2,
"refund_amount": "7000.00",
"created_at": "2015-02-28 01:23:15",
"reason": "",
"refund_key": "reference2",
"refund_method": "offline",
"bank_confirmed_at": "2015-02-27 02:30:20"
},
]
}
transaction_status String Transaction status a er charge credit card transaction, the possible values
are
capture : Transaction is accepted by the bank and ready for settlement.
deny : transaction is denied by the bank or FDS.
authorize : Credit card is authorized in pre-authorization feature
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it
or transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
masked_card String First 6-digit and last 4-digit of customer's credit card number
signature_key String Signature key to validate if the notification is originated from Midtrans
approval_code String Approval code from payment provider for successful transaction. It can be
used for refund
refunds Array List of refund details related to the transaction. Only available on
transaction status partial_refund or refund .
refund_method String Refund confirmation method. The value will be applied a er Midtrans'
operation confirm the refund request (1 day a er request request is made).
Possible values: online , offline
bank_confirmed_at String Timestamp of when refund request received confirmation from acquiring bank
**Possible error codes:** `400`, `401`, `402`, `404`, `410`, and `412`. Please refer to the [status code]
(#status-code).
Say merchant has 5 transactions created under a certain order_id A. The transactions are B, C, D, E, F (ordered to the
latest). Below are the examples on how merchant can use page and per_page parameters.
{
"status_code": "200",
"status_message": "Success, transactions are retrieved",
"transactions": [
{
"payment_type": "echannel",
"bill_key": "990568881594",
"transaction_time": "2016-09-17 06:36:31",
"gross_amount": "6000.00",
"order_id": "vttesta73fb08ebd1-160916233631561",
"signature_key": "ae85d0ade1bcdfdce4400b63918a8250b3ce45056621c743f71c02197e851accae43787190ee343b18f
"status_code": "200",
"transaction_id": "647c9366-596a-4ba2-b20f-77baaa1e6647",
"transaction_status": "settlement",
"fraud_status": "accept",
"status_message": "Success, transaction is found"
},
{
"payment_type": "echannel",
"bill_key": "990568881594",
"transaction_time": "2016-09-17 06:34:52",
"gross_amount": "6000.00",
"order_id": "vttesta73fb08ebd1",
"signature_key": "e8ae2f8cba40fe505c3c0f8bfec8dbc748ee5c8d04ad0699f33d17b7fc6aba5b1218f518226b4ea2ff0
"status_code": "200",
"transaction_id": "f9a6684f-e3b4-46dd-8b6c-b61d805b3c6f",
"transaction_status": "settlement",
"fraud_status": "accept",
"status_message": "Success, transaction is found"
}
]
}
transaction_status String Transaction status a er charge credit card transaction, the possible values are
capture : Transaction is accepted by the bank and ready for settlement.
deny : transaction is denied by the bank or FDS.
authorize : Credit card is authorized in pre-authorization feature
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it or
transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
masked_card String First 6-digit and last 4-digit of customer's credit card number
signature_key String Signature key to validate if the notification is originated from Midtrans
approval_code String Approval code from payment provider for successful transaction. It can be used for
refund
transactions Array Collections of transaction status objects
**Possible error codes:** `400`, `401`, `402`, `404`, `410`, and `412`. Please refer to the [status code]
(#status-code).
Register Card
HTTP
Endpoint Method Definition
BASE_URL/v2/card/register GET Register card information (card number and expiry) to be used for two
clicks and one click
masked_card String First 6-digit and last 4-digit of customer's credit card number
Point Inquiry
HTTP
Endpoint Method Definition
JSON
Attribute Type Required Description
gross_amount String C The volume of the following transaction. This number can decide the
remaining point balance amount which can be used on the response. NOTE:
Needed for Mandiri Point
{
"status_code": "200",
"status_message": "Success, Credit Card Point inquiry is successful",
"transaction_time": "2017-05-29 12:21:40",
"point_balance_amount": "10000.00"
}
BASE_URL/v2/pay/account POST Link customer account to be used for specific payment channels
{
"payment_type": "gopay",
"gopay_partner": {
"phone_number": "81212345678",
"country_code": "62",
"redirect_url": "https://www.gojek.com"
}
}
GoPay Partner
JSON
Attribute Type Required Description
redirect_url String N URL where user will be redirected to a er finishing the confirmation on
Gojek app
{
"status_code": "201",
"payment_type": "gopay",
"account_id": "00000269-7836-49e5-bc65-e592afafec14",
"account_status": "PENDING",
"actions": [
{
"name": "activation-link-url",
"method": "GET",
"url": "http://api.midtrans.com/v2/gopay/redirect/gpar_6123269-1425-21e3-bc44-e592afafec14/link"
},
{
"name": "activation-link-app",
"method": "GET",
"url": "http://api.midtrans.com/v2/gopay/redirect/gpad_6123269-1425-21e3-bc44-e592afafec14/link"
}
]
}
Failed Create Pay Account Response
{
"status_code": "202",
"payment_type": "gopay",
"channel_response_code": "105",
"channel_response_message": "User Not Found"
}
account_status String Status of the account. Possible values: PENDING , EXPIRED , ENABL
ED , DISABLED
Only use between these two redirection urls as the other one is redundant and will be deprecated.
activation-link-url is for customer authentication in browser or webview. This redirection is recommended for
desktop. The customer will need to scan the QR shown in this page using their Gojek app to verify the linking. Once the
linking is verified, then this page will auto redirect back to the merchant page. For merchants with special agreement
with GoPay, this page may show OTP/PIN page instead.
activation-link-app is for customer authentication in gojek app (This might not be applicable for all merchants).
The customer will need to input OTP/PIN from the Gojek app.
BASE_URL/v2/pay/account/ account GET Create customer account to be used for specific payment
_id channels
{
"status_code": "201",
"payment_type": "gopay",
"account_id": "00000269-7836-49e5-bc65-e592afafec14",
"account_status": "PENDING"
}
{
"status_code": "204",
"payment_type": "gopay",
"account_id": "00000269-7836-49e5-bc65-e592afafec14",
"account_status": "EXPIRED"
}
{
"status_code": "200",
"payment_type": "gopay",
"account_id": "00000269-7836-49e5-bc65-e592afafec14",
"account_status": "ENABLED",
"metadata": {
"payment_options": [
{
"name": "GOPAY_WALLET",
"active": true,
"balance": {
"value": "1000000.00",
"currency": "IDR"
},
"metadata": {},
"token": "eyJ0eXBlIjogIkdPUEFZX1dBTExFVCIsICJpZCI6ICIifQ=="
},
{
"name": "PAY_LATER",
"active": true,
"balance": {
"value": "350000.00",
"currency": "IDR"
},
"metadata": {},
"token": "eyJ0eXBlIjogIlBBWV9MQVRFUiIsICJpZCI6ICIifQ=="
}
]
}
}
{
"status_code": "204",
"payment_type": "gopay",
"account_id": "00000269-7836-49e5-bc65-e592afafec14",
"account_status": "DISABLED"
}
account_status String Status of the account. Possible values: PENDING , EXPIRED , ENABLED , DISABLED
metadata Object Additional data from the specific payment provider i.e. GoPay
{
"status_code": "204",
"payment_type": "gopay",
"account_id": "00000269-7836-49e5-bc65-e592afafec14",
"account_status": "DISABLED",
"channel_response_code": "0",
"channel_response_message": "Process service request successfully."
}
{
"status_code": "202",
"payment_type": "gopay",
"account_id": "00000269-7836-49e5-bc65-e592afafec14",
"channel_response_code": "1001",
"channel_response_message": "Caller authentication error."
}
account_status String Status of the account. Possible values: PENDING , EXPIRED , ENABLED , DI
SABLED
Midtrans API provide Bin Lookup API to get metadata for a particular bin, such as card type (Debit/Credit) or the card
brand (ex. Visa, Master)
Endpoint
{
"data": {
"country_name": "Indonesia",
"country_code": "id",
"brand": "visa",
"bin_type": "credit",
"bin_class": "gold",
"bin": "455633",
"bank_code": "bca",
"bank": "bank central asia"
}
}
Authorization Header
The request is authorized using the same method as HTTP(S) Request with an additional note that Midtrans Client Key
can also be used other than Midtrans Server key
It is highly recommended to use client key if the request is made from browser/mobile.
Rate Limit
All bin request is rate-limited by 100 request per minute. If the attempted request is more than the limit, Midtrans API
will respond with 409 status code.
Response Codes
Code Description
200 OK
Response Object
Field | Description | Type | Nullable | Sample ---|---|---| bank | Bank Name of the Card | String | Yes | bank central asia
bank_code | bank code | String | Yes | bca bin | bin number requested | String | No | 455633 bin_type | Card Type | String
(Debit / Credit) | No | credit bin_class | Card Class | String | Yes | gold brand | Card issuer Brand | String | Yes | visa
country_name | Country which issuing the Card | String | Yes | Indonesia country_code | Code name of the respective
country | String | Yes | id
Idempotent Requests
Idempotency-Key is a unique value that is put on header on API request. Midtrans API accept Idempotency-Key on
header to safely handle retry request without performing the same operation twice. This is helpful for cases where
merchant didn't receive the response because of network issue or other unexpected error.
Use case sample: if merchant create a request with idempotency key A but Midtrans doesn't give response due to
unexpected error, merchant can safely retry request with idempotency key A to get response and we will assure that the
request only processed once.
Midtrans handle idempotent request by saving only the successful response, we will return this response to merchant if
merchant create request with the same Idempotency-Key regardless of the request body. Please note that the key
value lifetime is 5 minutes, a er 5 minutes we will process the request again (ex: second charge request might get
conflict exception because it use the same order id). Important thing to note is that the idempotency key is global
across any endpoints. It is recommended to generate a new idempotency key value for each different operations on the
same transaction.
There's also special case where we handle an "on-process" request. If merchant retry a request while the first request is
still on process (doesn't have a response yet), we will return a response with http status code 202 until the first request
finish processing.
Midtrans API accept Idempotency-Key value on all POST request except request to /token and /account endpoint,
the key maximum lenght is 36. We will ignore the usage of Idempotency-Key if it doesn't meet the requirement. To
create random unique key, we suggest the use of UUID to avoid Idempotency-Key collision between each requests.
Recurring API
Recurring API is intended for recurring transaction (transaction that will deduct customer's fund periodically).
Merchant can perform recurring transaction by creating subscription details. Midtrans will attempt to auto deduct
customer funds based on details from merchant's subscription (subscription schedule, amount, etc). This way,
merchant doesn't need to manually do recurring transaction.
API Methods
HTTP
Endpoint Method Definition
/v1/subscriptions POST Create subscription that contains all details for creating
transaction
/v1/subscriptions/ subscription POST Make the subscription inactive (the subscription will not create
_id /disable transaction anymore)
/v1/subscriptions/ subscription POST Make the subscription active (the subscription will create
_id /enable periodic transaction)
Create Subscription
{
"name": "SUBSCRIBE1",
"amount": "14000",
"currency": "IDR",
"payment_type": "credit_card",
"token": "481111DasKBLCCXbuKfEbVlFiBZr1114",
"schedule": {
"interval": 1,
"interval_unit": "month"
}
}
JSON
Attribute Type Required Description
name String(15) Y Subscription's name that will be use to generate transaction's order id.
Note: Allowed symbols are dash(-), underscore(_), tilde (~), and dot (.)
amount Long Y Amount that will be use to make recurring charge. Note: Do not use
decimal
currency String Y ISO-4217 representation for 3 digit alphabetic currency code. Note:
Currently only support IDR
payment_type String Y Transaction payment method. Note: currently only support credit_ca
rd
token String Y Saved payment token. Note: For credit_card should use saved_tok
{
"id": "d98a63b8-97e4-4059-825f-0f62340407e9",
"name": "SUBSCRIBE1",
"amount": "14000",
"currency": "IDR",
"created_at": "2019-05-29T09:11:01.810452",
"schedule": {
"interval": 1,
"interval_unit": "month",
"start_time": "2019-05-29T09:11:01.803677",
"previous_execution_at": "2019-05-29T09:11:01.803677",
"next_execution_at": "2019-06-29T09:11:01.803677"
},
"status": "active",
"token": "481111DasKBLCCXbuKfEbVlFiBZr1114",
"payment_type": "credit_card",
"transaction_ids": []
}
JSON
Attribute Type Description
status String Current subscription Status. Note: Possible status value is active and inactiv
payment_type String Transaction payment method given by merchant. Note: currently only support c
redit_card
Get Subscription
{
"id": "d98a63b8-97e4-4059-825f-0f62340407e9",
"name": "SUBSCRIBE1",
"amount": "14000",
"currency": "IDR",
"created_at": "2019-05-29T09:11:01.810452",
"schedule": {
"interval": 1,
"interval_unit": "month",
"start_time": "2019-05-29T09:11:01.803677",
"previous_execution_at": "2019-05-29T09:11:01.803677",
"next_execution_at": "2019-06-29T09:11:01.803677"
},
"status": "active",
"token": "481111DasKBLCCXbuKfEbVlFiBZr1114",
"payment_type": "credit_card",
"transaction_ids": []
}
JSON
Attribute Type Description
status String Current subscription Status. Note: Possible status value is active and inactiv
payment_type String Transaction payment method given by merchant. Note: currently only support c
redit_card
Make the subscription inactive (the subscription will not create transaction anymore)
{
"status_message": "Subscription is updated."
}
Enable Subscription
Make the subscription active (the subscription will create periodic transaction)
Update Subscription
{
"name": "SUBSCRIBE1",
"amount": "14000",
"currency": "IDR",
"payment_type": "credit_card",
"token": "481111DasKBLCCXbuKfEbVlFiBZr1114",
"schedule": {
"interval": 1,
"interval_unit": "month"
}
}
JSON
Attribute Type Required Description
name String(15) Y Subscription's name that will be use to generate transaction's order id.
Note: Allowed symbols are dash(-), underscore(_), tilde (~), and dot (.)
amount Long Y Amount that will be use to make recurring charge. Note: Do not use
decimal
currency String Y ISO-4217 representation for 3 digit alphabetic currency code. Note:
Currently only support IDR
payment_type String Y Transaction payment method. Note: currently only support credit_ca
rd
token String Y Saved payment token. Note: For credit_card should use saved_tok
{
"status_message": "Subscription is updated."
}
Updating a subscription `interval` schedule will only be effective a er the next subscription. For example, if a
subscription is scheduled to run by the end of this month. Then, the interval will change a er the next month
period. For other parameters, it will be effective starting from the next subscription.
Credit Card
Integration steps:
1. Get token.
2. Perform charge transaction using the token.
3. (Optional) If transaction is 3D secure, do redirection to address specified in the response.
4. Handle notification.
Credit Card Charge
{
"payment_type": "credit_card",
"transaction_details": {
"order_id": "C17550",
"gross_amount": 145000
},
"credit_card": {
"token_id": "< your token ID >"
},
"item_details": [{
"id": "a1",
"price": 145000,
"quantity": 2,
"name": "Apel",
"brand": "Fuji Apple",
"category": "Fruit",
"merchant_name": "Fruit-store"
}],
"customer_details": {
"first_name": "BUDI",
"last_name": "UTOMO",
"email": "[email protected]",
"phone": "+628123456",
"billing_address": {
"first_name": "BUDI",
"last_name": "UTOMO",
"email": "[email protected]",
"phone": "081 2233 44-55",
"address": "Sudirman",
"city": "Jakarta",
"postal_code": "12190",
"country_code": "IDN"
},
"shipping_address": {
"first_name": "BUDI",
"last_name": "UTOMO",
"email": "[email protected]",
"phone": "0 8128-75 7-9338",
"address": "Sudirman",
"city": "Jakarta",
"postal_code": "12190",
"country_code": "IDN"
}
}
}
Charge method is triggered every time a transaction is performed. The attribute that is used is dependent on the
payment method desired.
JSON Attribute Type Required Description
{
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"order_id": "C17550",
"gross_amount": "145000.00",
"payment_type": "credit_card",
"transaction_time": "2014-08-24 15:39:22",
"transaction_status": "capture",
"fraud_status": "accept",
"masked_card": "481111-1114",
"status_code": "200",
"bank": "bni",
"status_message": "Success, Credit Card 3D Secure transaction is successful",
"approval_code": "1408869563148",
"channel_response_code": "00",
"channel_response_message": "Approved",
"currency": "IDR",
"card_type": "credit"
}
{
"status_code": "411",
"status_message": "Token id is missing, invalid, or timed out"
}
{
"masked_card": "481111-1114",
"approval_code": "338016",
"bank": "bni",
"transaction_time": "2014-08-24 15:39:22",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "763713b31cf59c886d3cc4a0c654a060a8e990080fe29fca75ae9e4ff9de804809c4e20977829844dac01a7a
"status_code": "202",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"transaction_status": "deny",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "05",
"channel_response_message": "Do not honor",
"card_type": "credit"
}
{
"masked_card": "481111-1114",
"approval_code": "315762",
"bank": "bni",
"transaction_time": "2014-08-24 15:39:22",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "393f8b6b27f9f6385d8391642942e9534fd20dad20c0631b75b0746bfc314482af4411c93e958b691a63e91
"status_code": "201",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"transaction_status": "capture",
"fraud_status": "challenge",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
{
"masked_card": "481111-1114",
"approval_code": "131755",
"bank": "bni",
"transaction_time": "2014-08-24 15:39:22",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "49e158a0c3f1913eae0902875324075c562daa39b2824b865db2242adea247a228960d2f1002392fdbc29c3
"status_code": "200",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"transaction_status": "settlement",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
Two of the most important information details in the JSON response is the transaction and fraud status, which can be
found in transaction_status and fraud_status attribute.
At this point, the payment process of a transaction is complete. If the transaction_status value is capture and
fraud_status value is accept , the customer’s credit card has been charged to your account. In addition to sending the
transaction status to the customer, you can also update the respective database. Example, to mark if the respective
order_id has been paid.
Transaction status can also be found in Merchant Administration Portal (MAP). You have to login to MAP to see the detail
of the transaction. The other alternative to check on the transaction status is to use the command Acquiring
Transaction Status.
By default, all credit card transactions from 00.00 until 23.59, will be settled on the day a er at 16.00. The transaction
status will be updated from capture into settlement . If there is any unapproved challenged transaction, Midtrans will
cancel the transaction automatically. Midtrans will also send HTTP POST notification to merchant endpoint.
transaction_status String Transaction status a er charge credit card transaction, the possible values
are
capture : Transaction is accepted by the bank and ready for settlement.
deny : transaction is denied by the bank or FDS.
authorize : Credit card is authorized in pre-authorization feature
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it
or transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
masked_card String First 6-digit and last 4-digit of customer's credit card number
approval_code String Approval code. It can be used for refund. This does not exist on denied
transaction
**Possible error codes:** `400`, `401`, `402`, `406`, `410`, and `411`. Please refer to the [status code]
(#status-code).
Card Features: 3D Secure
{
"payment_type": "credit_card",
"transaction_details": {
"order_id": "C17550",
"gross_amount": 145000
},
"credit_card": {
"token_id": "< your token ID >",
"authentication": true
}
}
To configure the 3D Secure feature, an additional attribute will be required in credit_card object:
JSON
Attribute Type Required Description
token_id String Y Token ID represents customer's credit card information acquired from
Get Token Response
authentication Boolean N Flag to enable the 3D secure authentication. Default value is false .
callback_type String N Determine how the transaction status will be updated to the client side.
Possible values: js_event (default) or form . More details will be
explained here.
3D Secure Charge Response has additional redirect_url to forward merchant's user to the authentication page.
Then, a er the authentication process is complete, merchant will receive notification containing both the transaction
and 3D Secure result.
{
"status_code": "201",
"status_message": "Credit Card transaction is in progress",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"order_id": "C17550",
"redirect_url": "https://api.veritrans.co.id/v2/token/rba/redirect/451249-2595-e14aac7f-cfb3-4ab2-98ab-
"gross_amount": "145000.00",
"currency": "IDR",
"payment_type": "credit_card",
"transaction_time": "2018-09-12 22:10:23",
"transaction_status": "pending",
"masked_card": "481111-1114",
"card_type": "credit"
}
{
"status_code": "400",
"status_message": "One or more parameters in the payload is invalid.",
"id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"validation_messages": [
"unsupported token request parameter(s)"
]
}
Capture Notification
{
"masked_card": "481111-1114",
"approval_code": "T58755",
"bank": "bni",
"eci": "05",
"transaction_time": "2014-08-24 15:39:22",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "8d22a6b625f395a1a2cf0e62497e20be433cbad3e8a8ff36bf6b40dbd47308125ccda93546eab8a3acd9139
"status_code": "200",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"transaction_status": "capture",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
Deny Notification
{
"masked_card": "481111-1114",
"approval_code": "338016",
"bank": "bni",
"eci": "06",
"transaction_time": "2014-08-24 15:39:22",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "763713b31cf59c886d3cc4a0c654a060a8e990080fe29fca75ae9e4ff9de804809c4e20977829844dac01a7a
"status_code": "202",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"transaction_status": "deny",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "05",
"channel_response_message": "Do not honor",
"card_type": "credit"
}
Challenge Notification
{
"masked_card": "481111-1114",
"approval_code": "315762",
"bank": "bni",
"eci": "05",
"transaction_time": "2014-08-24 15:39:22",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "393f8b6b27f9f6385d8391642942e9534fd20dad20c0631b75b0746bfc314482af4411c93e958b691a63e91
"status_code": "201",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"transaction_status": "capture",
"fraud_status": "challenge",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
Settlement Notification
{
"masked_card": "481111-1114",
"approval_code": "131755",
"bank": "bni",
"eci": "05",
"transaction_time": "2014-08-24 15:39:22",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "49e158a0c3f1913eae0902875324075c562daa39b2824b865db2242adea247a228960d2f1002392fdbc29c3
"status_code": "200",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"transaction_status": "settlement",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
In additional to the normal credit card attributes, these are the exclusive attributes for 3D Secure response and
notifications:
By default, 3D Secure callback scheme is set as js_event . It is optimized for merchant who prefers to open the 3D
Secure page in the same page
Midtrans javascript library provide function to handle the redirect url and its callback response. Merchant may use the
same callback implemented in the previous API.
Authenticate function from the Javascript Library to handle the redirect url and callback response
//Authenticate function
Veritrans.authenticate(redirect_url, callback);
The response object attributes are the same as the ones from charge response above.
transaction_status String Transaction status a er charge credit card transaction, the possible values
are
capture : Transaction is accepted by the bank and ready for settlement.
deny : transaction is denied by the bank or FDS.
authorize : Credit card is authorized in pre-authorization feature
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it
or transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
masked_card String First 6-digit and last 4-digit of customer's credit card number
approval_code String Approval code. It can be used for refund. This does not exist on denied
transaction
function callback(response) {
if (response.redirect_url) {
// initially Midtrans will put the redirect url into the response
// it will be up to merchant on how to open it
console.log('Open Dialog 3Dsecure');
openDialog(response.redirect_url);
handleSuccessfulResponse(response);
} else {
// failed transaction
// close 3d secure dialog if any
closeDialog();
handleFailedResponse(response);
}
}
function handleSuccessfulResponse(response) {
// dummy function
}
function handleFailedResponse(response) {
// another dummy function
}
To configure the BIN Promo feature, an additional attribute will be required in credit_card object:
JSON
Attribute Type Description
token_id String Token ID represents customer's credit card information acquired from Get Token
Response
bins JSON List of credit card's BIN (Bank Identification Number) that is allowed for transaction.
Array NOTE:
BIN Promo Charge Response and Notifications are identical with Card Payment Charge Response. Successful BIN
Promo transaction is described as capture and is ready for settlement.
**NOTE:** Approve transaction when `fraud_status` = `challenge` to accept it or transaction will auto cancel
during settlement.
{
"payment_type": "credit_card",
"transaction_details": {
"order_id": "C17550",
"gross_amount": 145000
},
"credit_card": {
"token_id": "< your token ID >",
"bank": "bni",
"installment_term": 12
}
}
You need a Normal Token to charge with Installment feature. To charge the installment feature, additional attributes
will be required in charge request credit_card object:
token_id String Token ID represents customer's credit card information acquired from Get Token
Response
bank String Acquiring bank. To make sure transaction is going on-us. Else, it will be treated as
offline installment.
{
"status_code": "200",
"status_message": "Success, Credit Card transaction is successful",
"transaction_id": "c1e1cc28-5208-4965-bc99-076919dc0a26",
"order_id": "20527106",
"gross_amount": "1687180.00",
"payment_type": "credit_card",
"transaction_time": "2016-06-19 09:12:15",
"transaction_status": "capture",
"fraud_status": "accept",
"approval_code": "R71372",
"masked_card": "542640-9747",
"bank": "bni",
"installment_term": "6",
"channel_response_code": "00",
"channel_response_message": "Approved",
"currency": "IDR",
"card_type": "credit"
}
{
"masked_card": "542640-9747",
"approval_code": "R71372",
"bank": "bni",
"eci": "01",
"installment_term": 6,
"transaction_time": "2016-06-19 09:12:15",
"gross_amount": "1687180.00",
"order_id": "20527106",
"payment_type": "credit_card",
"signature_key": "4a4e59bdc26b3c473014f8dbc1bb9faf35c1f29c473f48666ea6faaf9d8eb80bf8e47be8d79ef4cdec820c6a
"status_code": "200",
"transaction_id": "c1e1cc28-5208-4965-bc99-076919dc0a26",
"transaction_status": "capture",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
**NOTE:** Approve transaction when `fraud_status` = `challenge` to accept it or transaction will auto cancel
during settlement.
Offline Installment
{
"payment_type": "credit_card",
"transaction_details": {
"order_id": "C17550",
"gross_amount": 145000
},
"credit_card": {
"token_id": "< your token ID >",
"installment_term": 12,
"bins": ["48111111", "3111", "5"]
}
}
Offline installment feature allow merchants to do installment conversion for transactions which are not supported by
MID installment.
To charge the offline installment feature in Core API, additional attributes installment will be required with combination
bins . The purpose of bins is to limit certain cards that can be used depending on the agreement between merchant
and banks.
{
"status_code": "200",
"status_message": "Success, Credit Card transaction is successful",
"transaction_id": "b046340b-dc40-480a-828f-085fc265850c",
"order_id": "62465770",
"gross_amount": "1352373.00",
"payment_type": "credit_card",
"transaction_time": "2016-06-19 05:41:18",
"transaction_status": "capture",
"fraud_status": "accept",
"approval_code": "854442",
"eci": "05",
"masked_card": "414009-6871",
"bank": "bni",
"installment_term": "6",
"channel_response_code": "00",
"channel_response_message": "Approved",
"currency": "IDR",
"card_type": "credit"
}
{
"masked_card": "414009-4550",
"approval_code": "833736",
"bank": "bni",
"eci": "05",
"installment_term": 12,
"transaction_time": "2016-07-04 14:00:55",
"gross_amount": "16277555.00",
"order_id": "160288134251",
"payment_type": "credit_card",
"signature_key": "1742c43dbda320dfe26a0e570eb8c95f710058967a2bb45b3996b664e19feb30aec8a6458be56ee310e7941
"status_code": "201",
"transaction_id": "3c1b1f1a-bfcf-4fa1-9a93-bebf5b9cb488",
"transaction_status": "capture",
"fraud_status": "challenge",
"status_message": "midtrans payment notification",
"card_type": "credit"
}
{
"payment_type": "credit_card",
"transaction_details": {
"order_id": "C17550",
"gross_amount": 145000
},
"credit_card": {
"token_id": "< your token ID >",
"bank": "bni",
"type": "authorize"
}
}
You need a Normal Token from Get Token to charge with Pre-Authorization feature. To configure the Pre-Authorization
feature in Core API, an additional attribute will be required in charge request credit_card object.
JSON
Attribute Type Description
token_id String Token ID represents customer's credit card information acquired from Get Token
Response
type String Attribute to enable the pre-authorization feature. Valid value authorize
{
"status_code": "200",
"status_message": "Success, Credit Card transaction is successful",
"transaction_id": "be4f3e44-d6ee-4355-8c64-c1d1dc7f4590",
"order_id": "C17550",
"gross_amount": "145000.00",
"payment_type": "credit_card",
"transaction_time": "2016-07-02 14:00:27",
"transaction_status": "authorize",
"fraud_status": "accept",
"approval_code": "003873",
"eci": "05",
"masked_card": "481111-1114",
"bank": "bca",
"channel_response_code": "0",
"channel_response_message": "Approved",
"currency": "IDR",
"card_type": "credit"
}
{
"masked_card": "481111-1114",
"approval_code": "003873",
"bank": "bca",
"eci": "05",
"transaction_time": "2016-07-02 14:00:27",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "7156a83f0beb052c689e3775e60049062dd84379eda494b929704955957a41949df03c7010a0ad888347828
"status_code": "200",
"transaction_id": "be4f3e44-d6ee-4355-8c64-c1d1dc7f4590",
"transaction_status": "authorize",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "0",
"channel_response_message": "Approved",
"card_type": "credit"
}
Pre-Authorization Charge Response is different with Card Payment Charge Response. Successful Pre-Authorization
transaction is described as authorize and can be settled only if the transaction has been captured. If the transaction
is captured, the transaction status will be updated into capture and ready for settlement.
**NOTE:**
Charge method in a Pre-Authorized transaction will only check and block a card limit. Capture transaction for
settlement or transaction will be auto cancelled in 7 days. Approve transaction when `fraud_status` = `challenge`
to accept it or transaction will be auto cancelled during settlement.
To charge for pre-Authorization, capture transaction method is used in which transaction_status is set to authoriz
e .
{
"transaction_id" : "1ac1a089d-a587-40f1-a936-a7770667d6dd",
"gross_amount" : 55000 // <--- Value should not exceed the Charge Value on Pre-Authorizatio
}
Body Message:
JSON
Attribute Type Description
gross_amount Long The value of transactions which will be paid by the customer. Note: Should not exceed
the value of Charge Pre-Authorization transaction. If le undefined, capture full
transaction
{
"status_code": "200",
"status_message": "Success, Credit Card capture transaction is successful",
"transaction_id": "1ac1a089d-a587-40f1-a936-a7770667d6dd",
"order_id": "A27550",
"payment_type": "credit_card",
"transaction_time": "2014-08-25 10:20:54",
"transaction_status": "capture",
"fraud_status": "accept",
"masked_card": "481111-1114",
"bank": "bca",
"eci": "05",
"gross_amount": "55000.00",
"channel_response_code": "0",
"channel_response_message": "Approved",
"currency": "IDR",
"card_type": "credit"
}
{
"masked_card": "481111-1114",
"approval_code": "T67700",
"bank": "bca",
"eci": "05",
"transaction_time": "2014-08-25 10:20:54",
"gross_amount": "55000.00",
"order_id": "A27550",
"payment_type": "credit_card",
"signature_key": "23a7036edb8171b926e5292c7729c6bd26ed3250e22aead55110e34086dbc8fb393e7d3b7f764428a27c76e
"status_code": "200",
"transaction_id": "1ac1a089d-a587-40f1-a936-a7770667d6dd",
"transaction_status": "capture",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "0",
"channel_response_message": "Approved",
"card_type": "credit"
}
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it
or transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
approval_code String Approval code from payment provider for successful transaction, it can be
used for refund
masked_card String First 6-digit and last 4-digit of customer's credit card number
**NOTE:** Approve transaction when `fraud_status` = `challenge` to accept it or transaction will auto cancel
during settlement.
**Possible error codes:** `400`, `401`, `402`, `406`, `410`. Please refer to the [status code](#status-code).
{
"payment_type": "credit_card",
"credit_card": {
"token_id": "4811117d16c884-2cc7-4624-b0a8-10273b7f6cc8",
"save_token_id": true // <-- To flag that token is saved during initial charge
},
"transaction_details": {
"order_id": "A87550",
"gross_amount": 145000
}
}
You need a Normal Token from Get Token to charge with One Click feature. Add additional attribute in charge request c
redit_card object when charging the initial transaction for One Click feature.
JSON
Attribute Type Description
token_id String Token ID represents customer's credit card information acquired from Get Token
Response
save_token_id Boolean A flag to indicate one click feature to return a saved_token_id which can be used
for the next transaction
{
"status_code": "200",
"status_message": "Success, Credit Card 3D Secure transaction is successful",
"transaction_id": "f50c0aef-b629-4a5b-957b-4c52f45e2e63",
"order_id": "A87550",
"payment_type": "credit_card",
"transaction_time": "2014-08-25 11:21:48",
"transaction_status": "capture",
"fraud_status": "accept",
"masked_card": "481111-1114",
"saved_token_id": "4811117d16c884-2cc7-4624-b0a8-10273b7f6cc8",
"saved_token_id_expired_at": "2024-08-25 11:21:48",
"approval_code": "1408940508666",
"gross_amount": "145000.00",
"bank": "bni",
"channel_response_code": "00",
"channel_response_message": "Approved",
"currency": "IDR",
"card_type": "credit"
}
{
"masked_card": "481111-1114",
"approval_code": "1408940508666",
"bank": "bni",
"eci": "05",
"saved_token_id": "4811117d16c884-2cc7-4624-b0a8-10273b7f6cc8",
"saved_token_id_expired_at": "2024-08-25 11:21:48",
"transaction_time": "2014-08-25 11:21:48",
"gross_amount": "145000.00",
"order_id": "A87550",
"payment_type": "credit_card",
"signature_key": "c77f17bf6a8dee35c19f02f2c33f9e4a2ee61b4bad15370a9f0f149a96909c8d887a0e0cddeb47bd02e88f3
"status_code": "200",
"transaction_id": "f50c0aef-b629-4a5b-957b-4c52f45e2e63",
"transaction_status": "capture",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
One Click Initial Charge Response and Notifications are identical with Card Payment Charge Response and
Notifications, with additional attributes:
saved_token_id String Token ID of a credit card to be charged for the following transaction
{
"payment_type": "credit_card",
"credit_card": {
"token_id": "44811117d16c884-2cc7-4624-b0a8-10273b7f6cc8"
},
"transaction_details": {
"order_id": "A87551",
"gross_amount": 145000
}
}
You need saved_token_id from initial Charge Response in order to charge the following One Click transaction.
JSON
Attribute Type Description
token_id String saved_token_id represents customer's credit card information acquired from One Click
initial charge response
Following One Click Charge Response is identical with Card Payment Charge Response and Response. Successful One
Click transaction is described as capture and is ready for settlement.
{
"payment_type": "credit_card",
"credit_card": {
"token_id": "4811117d16c884-2cc7-4624-b0a8-10273b7f6cc8",
"save_token_id": true // To flag that token is saved during initial charge
},
"transaction_details": {
"order_id": "A87550",
"gross_amount": 145000
}
}
You need a Normal Token from Get Token for initial charge with Two Clicks feature. Add this additional attribute in
charge request credit_card object when charging the initial transaction for Two Clicks feature.
JSON
Attribute Type Description
token_id String Token ID represents customer's credit card information acquired from Get Token
Response
{
"status_code": "200",
"status_message": "Success, Credit Card 3D Secure transaction is successful",
"transaction_id": "f50c0aef-b629-4a5b-957b-4c52f45e2e63",
"order_id": "A87550",
"payment_type": "credit_card",
"transaction_time": "2014-08-25 11:21:48",
"transaction_status": "capture",
"fraud_status": "accept",
"masked_card": "481111-1114",
"saved_token_id": "4811117d16c884-2cc7-4624-b0a8-10273b7f6cc8",
"saved_token_id_expired_at": "2024-08-25 11:21:48",
"approval_code": "1408940508666",
"gross_amount": "145000.00",
"bank": "bni",
"channel_response_code": "00",
"channel_response_message": "Approved",
"currency": "IDR",
"card_type": "credit"
}
{
"masked_card": "481111-1114",
"approval_code": "1408940508666",
"bank": "bni",
"eci": "05",
"saved_token_id": "4811117d16c884-2cc7-4624-b0a8-10273b7f6cc8",
"saved_token_id_expired_at": "2024-08-25 11:21:48",
"transaction_time": "2014-08-25 11:21:48",
"gross_amount": "145000.00",
"order_id": "A87550",
"payment_type": "credit_card",
"signature_key": "c77f17bf6a8dee35c19f02f2c33f9e4a2ee61b4bad15370a9f0f149a96909c8d887a0e0cddeb47bd02e88f3
"status_code": "200",
"transaction_id": "f50c0aef-b629-4a5b-957b-4c52f45e2e63",
"transaction_status": "capture",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
Two Clicks Initial Charge Response is identical with Card Payment Charge Response, with the additional attributes:
saved_token_id String Token ID of a credit card to be charged for the following transaction
**NOTE:**
* When initial transaction is successful, save the `saved_token_id` in your database. * This parameter is required
for two clicks get token in every following trasaction.
{
"payment_type": "credit_card",
"credit_card": {
"token_id": "481111-1114-7baba36c-5698-47cf-9170-80efd6a2e973"
},
"transaction_details": {
"order_id": "A87551",
"gross_amount": 145000
}
}
You need the [Two Clicks Token]](#card-object) from Get Token in order to charge the following two clicks transaction.
JSON
Attribute Type Description
token_id String Token ID represents customer's credit card information acquired from Get Token
Response
Following Two Clicks Charge Response is identical with Card Payment Charge Response and Notifications. Successful
Two Clicks transaction is described as capture and is ready for settlement.
{
"payment_type": "credit_card",
"credit_card": {
"token_id": "4811117d16c884-2cc7-4624-b0a8-10273b7f6cc8",
"point_redeem_amount": 145000
},
"transaction_details": {
"order_id": "A87550",
"gross_amount": 145000
}
}
To perform point transaction, you need to supply point_redeem_amount parameter. You may get the value from Point
Inquiry API. Currently, point transaction is only supported by BNI and Mandiri.
token_id String Token ID represents customer's credit card information acquired from Get
Token Response
bank String Acquiring bank. To make sure the request is going on-us.
point_redeem_amount Long Amount to be redeemed with point (use -1 for Full Redemption) NOTE: For
Mandiri Point, you can only do Full Redemption.
{
"status_code": "200",
"status_message": "Success, Credit Card 3D Secure transaction is successful",
"transaction_id": "f50c0aef-b629-4a5b-957b-4c52f45e2e63",
"order_id": "A87550",
"payment_type": "credit_card",
"transaction_time": "2014-08-25 11:21:48",
"transaction_status": "capture",
"fraud_status": "accept",
"masked_card": "481111-1114",
"point_redeem_amount": 145000,
"point_redeem_quantity": 1450,
"point_balance_amount": "0.00",
"approval_code": "1408940508666",
"gross_amount": "145000.00",
"bank": "bni",
"channel_response_code": "00",
"channel_response_message": "Approved",
"currency": "IDR"
}
{
"masked_card": "481111-1114",
"approval_code": "1408940508666",
"bank": "bni",
"eci": "05",
"point_redeem_amount": 145000,
"point_redeem_quantity": 1450,
"point_balance_amount": "0.00",
"transaction_time": "2014-08-25 11:21:48",
"gross_amount": "145000.00",
"order_id": "A87550",
"payment_type": "credit_card",
"signature_key": "c77f17bf6a8dee35c19f02f2c33f9e4a2ee61b4bad15370a9f0f149a96909c8d887a0e0cddeb47bd02e88f3
"status_code": "200",
"transaction_id": "f50c0aef-b629-4a5b-957b-4c52f45e2e63",
"transaction_status": "capture",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
Point Charge Response is identical with Card Payment Charge Response, with the additional attributes:
JSON Attribute Type Description
Non-3DS Integration
{
"payment_type": "credit_card",
"transaction_details": {
"order_id": "C17550",
"gross_amount": 145000
},
"credit_card": {
"card": {
"number": "4811111111111114",
"expiry_month": "3",
"expiry_year": "2020",
"cvv": "123"
},
"dynamic_descriptor": {
"merchant_name": "Fuji Apple Inc",
"city_name": "Jakarta",
"country_code": "ID"
}
},
"item_details": [{
"id": "a1",
"price": 145000,
"quantity": 2,
"name": "Apel",
"brand": "Fuji Apple",
"category": "Fruit",
"merchant_name": "Fruit-store"
}],
"customer_details": {
"first_name": "BUDI",
"last_name": "UTOMO",
"email": "[email protected]",
"phone": "+628123456",
"billing_address": {
"first_name": "BUDI",
"last_name": "UTOMO",
"email": "[email protected]",
"phone": "081 2233 44-55",
"address": "Sudirman",
"city": "Jakarta",
"postal_code": "12190",
"country_code": "IDN"
},
"shipping_address": {
"first_name": "BUDI",
"last_name": "UTOMO",
"email": "[email protected]",
"phone": "0 8128-75 7-9338",
"address": "Sudirman",
"city": "Jakarta",
"postal_code": "12190",
"country_code": "IDN"
}
}
}
For Full PAN API, there are some parameters to note under the credit_card object:
Integration steps:
1. Charge transaction
2. Handle notification
{
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"order_id": "C17550",
"gross_amount": "145000.00",
"payment_type": "credit_card",
"transaction_time": "2014-08-24 15:39:22",
"transaction_status": "capture",
"fraud_status": "accept",
"masked_card": "481111-1114",
"status_code": "200",
"bank": "bni",
"status_message": "Success, Credit Card 3D Secure transaction is successful",
"approval_code": "1408869563148",
"channel_response_code": "00",
"channel_response_message": "Approved",
"currency": "IDR",
"card_type": "credit"
}
Denied Charge Response
{
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"order_id": "C17550",
"gross_amount": "145000.00",
"payment_type": "credit_card",
"transaction_time": "2014-08-24 15:39:22",
"transaction_status": "deny",
"fraud_status": "accept",
"masked_card": "481111-1114",
"status_code": "202",
"bank": "bni",
"status_message": "Deny by Bank [CIMB] with code [05] and message [Do not honour]",
"approval_code": " ",
"channel_response_code": "05",
"channel_response_message": "Do not honour",
"currency": "IDR",
"card_type": "credit"
}
{
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"order_id": "C17550",
"gross_amount": "145000.00",
"payment_type": "credit_card",
"transaction_time": "2014-08-24 15:39:22",
"transaction_status": "authorize",
"fraud_status": "challenge",
"masked_card": "481111-1114",
"status_code": "201",
"bank": "bni",
"status_message": "Success, Credit Card 3D Secure transaction is successful",
"approval_code": "1408869563148",
"channel_response_code": "00",
"channel_response_message": "Approved",
"currency": "IDR",
"card_type": "credit"
}
{
"status_code": "400",
"status_message": "One or more parameters in the payload is invalid.",
"id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"validation_messages": [
"unsupported token request parameter(s)"
]
}
Settlement Notification
{
"masked_card": "481111-1114",
"approval_code": "131755",
"bank": "bni",
"transaction_time": "2014-08-24 15:39:22",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "49e158a0c3f1913eae0902875324075c562daa39b2824b865db2242adea247a228960d2f1002392fdbc29c3
"status_code": "200",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"transaction_status": "settlement",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
transaction_status String Transaction status a er charge credit card transaction, the possible values
are
capture : Transaction is accepted by the bank and ready for settlement.
deny : transaction is denied by the bank or FDS.
authorize : Credit card is authorized in pre-authorization feature.
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it
or transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
masked_card String First 6-digit and last 4-digit of customer's credit card number
approval_code String Approval code. It can be used for refund. This does not exist on denied
transaction
**Possible error codes:** `400`, `401`, `402`, `406`, `410`, and `411`. Please refer to the [status code]
(#status-code).
3DS Integration
{
"payment_type": "credit_card",
"transaction_details": {
"order_id": "C17550",
"gross_amount": 145000
},
"credit_card": {
"card": {
"number": "4811111111111114",
"expiry_month": "3",
"expiry_year": "2020",
"cvv": "123"
},
"dynamic_descriptor": {
"merchant_name": "Fuji Apple Inc",
"city_name": "Jakarta",
"country_code": "ID"
},
"authentication": true,
},
"item_details": [{
"id": "a1",
"price": 145000,
"quantity": 2,
"name": "Apel",
"brand": "Fuji Apple",
"category": "Fruit",
"merchant_name": "Fruit-store"
}],
"customer_details": {
"first_name": "BUDI",
"last_name": "UTOMO",
"email": "[email protected]",
"phone": "+628123456",
"billing_address": {
"first_name": "BUDI",
"last_name": "UTOMO",
"email": "[email protected]",
"phone": "081 2233 44-55",
"address": "Sudirman",
"city": "Jakarta",
"postal_code": "12190",
"country_code": "IDN"
},
"shipping_address": {
"first_name": "BUDI",
"last_name": "UTOMO",
"email": "[email protected]",
"phone": "0 8128-75 7-9338",
"address": "Sudirman",
"city": "Jakarta",
"postal_code": "12190",
"country_code": "IDN"
}
}
}
JSON
Attribute Type Required Description
authentication Boolean N Flag to determine whether transaction should be authenticated for 3DS
or not.
callback_type String N Determine how the transaction status will be updated to the client side.
Possible values: js_event (default) or form . More details will be
explained here.
Integration steps:
1. Charge transaction
2. Open redirect_url
3. Handle notification
{
"status_code": "201",
"status_message": "Credit Card transaction is in progress",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"order_id": "C17550",
"redirect_url": "https://api.veritrans.co.id/v2/token/rba/redirect/451249-2595-e14aac7f-cfb3-4ab2-98ab-
"gross_amount": "145000.00",
"currency": "IDR",
"payment_type": "credit_card",
"transaction_time": "2018-09-12 22:10:23",
"transaction_status": "pending",
"masked_card": "481111-1114",
"card_type": "credit"
}
{
"status_code": "400",
"status_message": "One or more parameters in the payload is invalid.",
"id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"validation_messages": [
"unsupported token request parameter(s)"
]
}
Capture Notification
{
"masked_card": "481111-1114",
"approval_code": "T58755",
"bank": "bni",
"eci": "05",
"transaction_time": "2014-08-24 15:39:22",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "8d22a6b625f395a1a2cf0e62497e20be433cbad3e8a8ff36bf6b40dbd47308125ccda93546eab8a3acd9139
"status_code": "200",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"transaction_status": "capture",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
Deny Notification
{
"masked_card": "481111-1114",
"approval_code": "338016",
"bank": "bni",
"eci": "06",
"transaction_time": "2014-08-24 15:39:22",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "763713b31cf59c886d3cc4a0c654a060a8e990080fe29fca75ae9e4ff9de804809c4e20977829844dac01a7a
"status_code": "202",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"transaction_status": "deny",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "05",
"channel_response_message": "Do not honor",
"card_type": "credit"
}
Challenge Notification
{
"masked_card": "481111-1114",
"approval_code": "315762",
"bank": "bni",
"eci": "05",
"transaction_time": "2014-08-24 15:39:22",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "393f8b6b27f9f6385d8391642942e9534fd20dad20c0631b75b0746bfc314482af4411c93e958b691a63e91
"status_code": "201",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"transaction_status": "capture",
"fraud_status": "challenge",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
Settlement Notification
{
"masked_card": "481111-1114",
"approval_code": "131755",
"bank": "bni",
"eci": "05",
"transaction_time": "2014-08-24 15:39:22",
"gross_amount": "145000.00",
"order_id": "C17550",
"payment_type": "credit_card",
"signature_key": "49e158a0c3f1913eae0902875324075c562daa39b2824b865db2242adea247a228960d2f1002392fdbc29c3
"status_code": "200",
"transaction_id": "1a1a66f7-27a7-4844-ba1f-d86dcc16ab27",
"transaction_status": "settlement",
"fraud_status": "accept",
"status_message": "midtrans payment notification",
"channel_response_code": "00",
"channel_response_message": "Approved",
"card_type": "credit"
}
transaction_status String Transaction status a er charge credit card transaction, the possible values
are
capture : Transaction is accepted by the bank and ready for settlement.
deny : transaction is denied by the bank or FDS.
authorize : Credit card is authorized in pre-authorization feature
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it
or transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
masked_card String First 6-digit and last 4-digit of customer's credit card number
approval_code String Approval code. It can be used for refund. This does not exist on denied
transaction
redirect_url String URL which needs to be opened by customer to finish 3DS authentication
**Possible error codes:** `400`, `401`, `402`, `406`, `410`, and `411`. Please refer to the [status code]
(#status-code).
Bank Transfer
One of the payment method offered by Midtrans is Bank Transfer. By using this payment method, customers will have
the option to make a payment via bank transfer and Midtrans will send real time notification when the customer
complete the payment.
At this moment, Midtrans has integrated following bank transfer payment methods:
NOTE: There may be cases where SETTLEMENT turns into DENY . It is caused by reversal triggered by corresponding
payment provider. It may happen in the span of 1 minute.
Integration steps:
{
"payment_type": "bank_transfer",
"bank_transfer": {
"bank": "permata",
"permata": {
"recipient_name": "SUDARSONO"
}
},
"transaction_details": {
"order_id": "H17550",
"gross_amount": 145000
}
}
{
"status_code": "201",
"status_message": "Success, PERMATA VA transaction is successful",
"transaction_id": "6fd88567-62da-43ff-8fe6-5717e430ffc7",
"order_id": "H17550",
"gross_amount": "145000.00",
"payment_type": "bank_transfer",
"transaction_time": "2016-06-19 13:42:29",
"transaction_status": "pending",
"fraud_status": "accept",
"permata_va_number": "8562000087926752"
}
{
"status_code": "201",
"status_message": "midtrans payment notification",
"transaction_id": "6fd88567-62da-43ff-8fe6-5717e430ffc7",
"order_id": "H17550",
"gross_amount": "145000.00",
"payment_type": "bank_transfer",
"transaction_time": "2016-06-19 13:42:29",
"transaction_status": "pending",
"fraud_status": "accept",
"permata_va_number": "8562000087926752",
"signature_key": "66aa11a65b18e9ee5da966ed18d5d2163812000eee37824ceb59aba1ded005e992e05a7dfac39098ebdb0e2
}
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "6fd88567-62da-43ff-8fe6-5717e430ffc7",
"order_id": "H17550",
"gross_amount": "145000.00",
"payment_type": "bank_transfer",
"transaction_time": "2016-06-20 13:42:30",
"transaction_status": "expire",
"fraud_status": "accept",
"permata_va_number": "8562000087926752",
"signature_key": "f1066b06ec8a4b7d6ffb941fd9772f6df304618e15e02cf17c2914cec12793e19c71653042f7f617b027eae
}
transaction_status String Transaction status of bank transfer transaction, the possible value is
pending : Bank Transfer transaction is created
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
permata_va_number String Generated Virtual Account number. Customer has to know this number to
complete the payment
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
Integration steps:
{
"payment_type": "bank_transfer",
"transaction_details": {
"gross_amount": 10000,
"order_id": "{{$timestamp}}"
},
"customer_details": {
"email": "[email protected]",
"first_name": "budi",
"last_name": "utomo",
"phone": "+6281 1234 1234"
},
"item_details": [
{
"id": "1388998298204",
"price": 5000,
"quantity": 1,
"name": "Ayam Zozozo"
},
{
"id": "1388998298205",
"price": 5000,
"quantity": 1,
"name": "Ayam Xoxoxo"
}
],
"bank_transfer":{
"bank": "bca",
"va_number": "111111",
"free_text": {
"inquiry": [
{
"id": "Free Text ID Free Text ID Free Text ID",
"en": "Free Text EN Free Text EN Free Text EN"
}
],
"payment": [
{
"id": "Free Text ID Free Text ID Free Text ID",
"en": "Free Text EN Free Text EN Free Text EN"
}
]
},
"bca": {
"sub_company_code": "00000"
}
}
}
{
"status_code": "201",
"status_message": "Success, Bank Transfer transaction is created",
"transaction_id": "9aed5972-5b6a-401e-894b-a32c91ed1a3a",
"order_id": "1466323342",
"gross_amount": "20000.00",
"payment_type": "bank_transfer",
"transaction_time": "2016-06-19 15:02:22",
"transaction_status": "pending",
"va_numbers": [
{
"bank": "bca",
"va_number": "91019021579"
}
],
"fraud_status": "accept",
"currency": "IDR"
}
{
"va_numbers": [
{
"bank": "bca",
"va_number": "91019021579"
}
],
"transaction_time": "2016-06-19 15:02:22",
"gross_amount": "20000.00",
"order_id": "1466323342",
"payment_type": "bank_transfer",
"signature_key": "74d9b6f4cc36585d74e06c9dba360331e455171bcec35df60cf28a786436f8f96e6afcc1f091d6cb61411ae
"status_code": "201",
"transaction_id": "a9aed5972-5b6a-401e-894b-a32c91ed1a3a",
"transaction_status": "pending",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
{
"va_numbers": [
{
"bank": "bca",
"va_number": "91019021579"
}
],
"transaction_time": "2016-06-19 19:12:22",
"gross_amount": "20000.00",
"order_id": "1466323342",
"payment_type": "bank_transfer",
"signature_key": "fe5f725ea770c451017e9d6300af72b830a668d2f7d5da9b778ec2c4f9177efe5127d492d9ddfbcf6806ea5
"status_code": "200",
"transaction_id": "9aed5972-5b6a-401e-894b-a32c91ed1a3a",
"transaction_status": "settlement",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
BCA Virtual Account Expired notification
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "9aed5972-5b6a-401e-894b-a32c91ed1a3a",
"order_id": "1466323342",
"gross_amount": "20000.00",
"payment_type": "bank_transfer",
"transaction_time": "2016-06-20 15:02:23",
"transaction_status": "expire",
"signature_key": "e4e829a5d9a1e342daf181c5fd750afa64dd5a5c9a6e0cfb636e7966295b2613fda22b4dc52b01c30618a50
}
transaction_status String Transaction status of bank transfer transaction, the possible value is
pending : Bank Transfer transaction is created
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
va_numbers Array of JSON Generated Virtual Account number and virtual account bank
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
Mandiri Bill Payment
NOTE: There may be cases where SETTLEMENT turns into DENY . It is caused by reversal triggered by corresponding
payment provider. It may happen in the span of 1 minute.
Integration steps:
{
"payment_type": "echannel",
"transaction_details": {
"order_id": "1388",
"gross_amount": 95000
},
"item_details": [
{
"id": "a1",
"price": 50000,
"quantity": 2,
"name": "Apel"
},
{
"id": "a2",
"price": 45000,
"quantity": 1,
"name": "Jeruk"
}
],
"echannel" : {
"bill_info1" : "Payment For:",
"bill_info2" : "debt"
}
}
The following attribute can be used to perform a charge transaction with Mandiri Bill Payment:
{
"status_code": "201",
"status_message": "Success, Mandiri Bill transaction is successful",
"transaction_id": "883af6a4-c1b4-4d39-9bd8-b148fcebe853",
"order_id": "tes",
"gross_amount": "1000.00",
"payment_type": "echannel",
"transaction_time": "2016-06-19 14:40:19",
"transaction_status": "pending",
"fraud_status": "accept",
"bill_key": "990000000260",
"biller_code": "70012",
"currency": "IDR"
}
{
"status_code": "201",
"status_message": "midtrans payment notification",
"transaction_id": "883af6a4-c1b4-4d39-9bd8-b148fcebe853",
"order_id": "tes",
"gross_amount": "1000.00",
"payment_type": "echannel",
"transaction_time": "2016-06-19 14:40:19",
"transaction_status": "pending",
"signature_key": "d1ebf5bf14a7c96ca58e719832de459898f61fa8d81560f59e9a38a5187383b1d507e3075277d9b1c622792
"bill_key": "990000000260",
"biller_code": "70012"
}
{
"status_code": "200",
"status_message": "midtrans payment notification",
"transaction_id": "883af6a4-c1b4-4d39-9bd8-b148fcebe853",
"order_id": "tes",
"gross_amount": "1000.00",
"payment_type": "echannel",
"transaction_time": "2016-06-19 15:10:29",
"transaction_status": "settlement",
"approval_code": "340093197",
"signature_key": "bbceb3724b0b2446c59435795039fed2d249d3438f06bf90c999cc9d383b95170b7b58f9412fba25ce7756da
"bill_key": "990000000260",
"biller_code": "70012"
}
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "883af6a4-c1b4-4d39-9bd8-b148fcebe853",
"order_id": "tes",
"gross_amount": "1000.00",
"payment_type": "echannel",
"transaction_time": "2016-06-20 14:40:19",
"transaction_status": "expire",
"signature_key": "69ef827242b29640a1193b6c2f32ba1374c04b969f7723984a6c676349ee7927cb6b263546d138e3a5c7888
"bill_key": "990000000260",
"biller_code": "70012"
}
transaction_status String Transaction status of bank transfer transaction, the possible value is
pending : Bank Transfer transaction is created
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
Integration steps:
{
"payment_type": "bank_transfer",
"transaction_details": {
"gross_amount": 10000,
"order_id": "{{$timestamp}}"
},
"customer_details": {
"email": "[email protected]",
"first_name": "budi",
"last_name": "utomo",
"phone": "+6281 1234 1234"
},
"item_details": [
{
"id": "1388998298204",
"price": 5000,
"quantity": 1,
"name": "Ayam Zozozo"
},
{
"id": "1388998298205",
"price": 5000,
"quantity": 1,
"name": "Ayam Xoxoxo"
}
],
"bank_transfer":{
"bank": "bni",
"va_number": "111111"
}
}
{
"status_code": "201",
"status_message": "Success, Bank Transfer transaction is created",
"transaction_id": "9aed5972-5b6a-401e-894b-a32c91ed1a3a",
"order_id": "1466323342",
"gross_amount": "20000.00",
"payment_type": "bank_transfer",
"transaction_time": "2016-06-19 15:02:22",
"transaction_status": "pending",
"va_numbers": [
{
"bank": "bni",
"va_number": "8578000000111111"
}
],
"fraud_status": "accept",
"currency": "IDR"
}
{
"va_numbers": [
{
"bank": "bni",
"va_number": "8578000000111111"
}
],
"payment_amounts": [
{
"paid_at": "2016-06-19 20:12:22",
"amount": "20000.00"
}
],
"transaction_time": "2016-06-19 19:12:22",
"gross_amount": "20000.00",
"order_id": "1466323342",
"payment_type": "bank_transfer",
"signature_key": "fe5f725ea770c451017e9d6300af72b830a668d2f7d5da9b778ec2c4f9177efe5127d492d9ddfbcf6806ea5
"status_code": "200",
"transaction_id": "9aed5972-5b6a-401e-894b-a32c91ed1a3a",
"transaction_status": "settlement",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
Send again
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "9aed5972-5b6a-401e-894b-a32c91ed1a3a",
"order_id": "1466323342",
"gross_amount": "20000.00",
"payment_type": "bank_transfer",
"transaction_time": "2016-06-20 15:02:23",
"transaction_status": "expire",
"signature_key": "e4e829a5d9a1e342daf181c5fd750afa64dd5a5c9a6e0cfb636e7966295b2613fda22b4dc52b01c30618a50
}
transaction_status String Transaction status of bank transfer transaction, the possible value is
pending : Bank Transfer transaction is created
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
va_numbers Array of JSON Generated Virtual Account number and virtual account bank
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
Integration steps:
1. Merchant send charge request to Midtrans.
2. Display the virtual account number.
3. Handle notification.
{
"payment_type": "bank_transfer",
"transaction_details": {
"gross_amount": 10000,
"order_id": "1597067145"
},
"customer_details": {
"email": "[email protected]",
"first_name": "budi",
"last_name": "utomo",
"phone": "+6281 1234 1234"
},
"item_details": [
{
"id": "1388998298204",
"price": 5000,
"quantity": 1,
"name": "Ayam Zozozo"
},
{
"id": "1388998298205",
"price": 5000,
"quantity": 1,
"name": "Ayam Xoxoxo"
}
],
"bank_transfer":{
"bank": "bri",
"va_number": "111111"
}
}
{
"status_code": "201",
"status_message": "Success, Bank Transfer transaction is created",
"transaction_id": "9aed5972-5b6a-401e-894b-a32c91ed1a3a",
"order_id": "1466323342",
"gross_amount": "20000.00",
"payment_type": "bank_transfer",
"transaction_time": "2016-06-19 15:02:22",
"transaction_status": "pending",
"va_numbers": [
{
"bank": "bri",
"va_number": "8578000000111111"
}
],
"fraud_status": "accept",
"currency": "IDR"
}
{
"va_numbers": [
{
"bank": "bri",
"va_number": "8578000000111111"
}
],
"transaction_time": "2016-06-19 15:02:22",
"gross_amount": "20000.00",
"order_id": "1466323342",
"payment_type": "bank_transfer",
"signature_key": "74d9b6f4cc36585d74e06c9dba360331e455171bcec35df60cf28a786436f8f96e6afcc1f091d6cb61411ae
"status_code": "201",
"transaction_id": "a9aed5972-5b6a-401e-894b-a32c91ed1a3a",
"transaction_status": "pending",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
Send again
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "9aed5972-5b6a-401e-894b-a32c91ed1a3a",
"order_id": "1466323342",
"gross_amount": "20000.00",
"payment_type": "bank_transfer",
"transaction_time": "2016-06-20 15:02:23",
"transaction_status": "expire",
"signature_key": "e4e829a5d9a1e342daf181c5fd750afa64dd5a5c9a6e0cfb636e7966295b2613fda22b4dc52b01c30618a50
}
transaction_status String Transaction status of bank transfer transaction, the possible value is
pending : Bank Transfer transaction is created
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
status_code String Status code of transaction charge result
va_numbers Array of JSON Generated Virtual Account number and virtual account bank
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
Internet Banking
Internet banking payment methods allow the customer to pay using their internet banking account and debit their
saving account in order to pay online transaction. At this moment, Midtrans has integrated with 5 different internet
banking payment method:
BCA Klikpay
Klikbca
Epay BRI
CIMB Clicks
Danamon Online Banking (DOB)
BCA Klikpay
{
"payment_type": "bca_klikpay",
"transaction_details": {
"order_id": "orderid-01",
"gross_amount": 11000
},
"item_details": [
{
"id": "1",
"price": 11000,
"quantity": 1,
"name": "Mobil "
}
],
"customer_details":{
"first_name": "John",
"last_name": "Baker",
"email": "[email protected]",
"phone": "08123456789"
},
"bca_klikpay": {
"description": "Pembelian Barang"
}
}
BCA KlikPay is the online banking payment method provided by BCA. This method allows customer to perform
transaction using either their internet banking account or their private-label BCA credit card. The highly secure
payment method, utilizes an SMS token for user validation.
Integration steps:
{
"status_code": "201",
"status_message": "OK, BCA KlikPay transaction is successful",
"transaction_id": "ada84cd9-2233-4c67-877a-01884eece45e",
"order_id": "orderid-01",
"redirect_url": "https://api.sandbox.veritrans.co.id/v3/bca/klikpay/redirect/ada84cd9-2233-4c67-877a-0188
"gross_amount": "11000.00",
"payment_type": "bca_klikpay",
"transaction_time": "2016-06-19 15:42:36",
"transaction_status": "pending",
"fraud_status": "accept",
"currency": "IDR"
}
{
"transaction_time": "2016-06-19 15:42:36",
"gross_amount": "11000.00",
"order_id": "orderid-01",
"payment_type": "bca_klikpay",
"signature_key": "e47d73b2a10347d291e85a7c39c5fa2a7b760f0af7d9882f9c1b26db06e1af948968184b78f67112158cdedd
"status_code": "201",
"transaction_id": "ada84cd9-2233-4c67-877a-01884eece45e",
"transaction_status": "pending",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
{
"approval_code": "91231",
"transaction_time": "2016-06-19 15:46:16",
"gross_amount": "11000.00",
"order_id": "orderid-01",
"payment_type": "bca_klikpay",
"signature_key": "35c4111539e184b268b7c1cd62a9c254e5d27c992c8fd55084f930b69b09eaafcfe14b0d512c697648295fdb
"status_code": "200",
"transaction_id": "ada84cd9-2233-4c67-877a-01884eece45e",
"transaction_status": "settlement",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "ada84cd9-2233-4c67-877a-01884eece45e",
"order_id": "orderid-01",
"gross_amount": "11000.00",
"payment_type": "bca_klikpay",
"transaction_time": "2016-06-19 17:42:38",
"transaction_status": "expire",
"fraud_status": "accept",
"signature_key": "62a8c432bb5a288a0495dd4f868b0aede4535e0c8a9fbebb3c6e9d4ea0db6f1963e551e70a99e80512030afa
}
transaction_status String Transaction status of BCA Klikpay transaction, the possible value is
pending
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it or
transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
Klikbca
Klikbca Charge
"payment_type" : "bca_klikbca",
"bca_klikbca" : {
"description" : "testing transaction",
"user_id" : "midtrans1012"
},
"transaction_details" : {
"order_id" : "3176440",
"gross_amount" : "50000.00"
},
"item_details": [
{
"id": "1",
"price": 50000,
"quantity": 1,
"name": "Mobil "
}
],
"customer_details" : {
"first_name" : "Budi",
"last_name" : "435547",
"email" : "[email protected]"
}
KlikBCA is an online banking payment method provided by BCA. This method allows customer to perform online
transaction and complete the payment using BCA internet banking. Klikbca payment method utilizes BCA token for
validation.
Integration steps:
{
"status_code": "201",
"status_message": "Success, KlikBCA transaction is successful",
"redirect_url": "https://www.klikbca.com",
"transaction_id": "c0ba3583-5111-45a5-9f1c-84c9de7cb2f6",
"order_id": "3176440",
"gross_amount": "50000.00",
"payment_type": "bca_klikbca",
"transaction_time": "2016-06-19 15:53:25",
"transaction_status": "pending",
"approval_code": "tes01"
}
approval_code value is used for reconciliation between transactions in Midtrans and in KlikBCA. The values will
be the same as order_id if it is alphanumeric and its length is less than or equals 18.
{
"status_code": "201",
"status_message": "midtrans payment notification",
"transaction_id": "c0ba3583-5111-45a5-9f1c-84c9de7cb2f6",
"order_id": "3176440",
"gross_amount": "50000.00",
"payment_type": "bca_klikbca",
"transaction_time": "2016-06-19 15:53:25",
"transaction_status": "pending",
"approval_code": "YCB62E160704",
"signature_key": "d4ae557ea12a03eed51714693b84e48665af5289bc53df9bae0fda7e3c6b6c03fd0b00bf1978d1932d9c718
}
{
"status_code": "200",
"status_message": "midtrans payment notification",
"transaction_id": "c0ba3583-5111-45a5-9f1c-84c9de7cb2f6",
"order_id": "3176440",
"gross_amount": "50000.00",
"payment_type": "bca_klikbca",
"transaction_time": "2016-06-19 15:58:15",
"transaction_status": "settlement",
"approval_code": "YCRHOM160704",
"signature_key": "ef0f472fa8a5165dc9f2ff6300832eb28657e88b9f3335ae5ebb27c8ef258d203c6da18ac6cd5738d2e38c5
}
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "c0ba3583-5111-45a5-9f1c-84c9de7cb2f6",
"order_id": "3176440",
"gross_amount": "50000.00",
"payment_type": "bca_klikbca",
"transaction_time": "2016-06-19 17:53:25",
"transaction_status": "expire",
"approval_code": "3176440",
"signature_key": "17b0e97425a3e967b91fccab2261f7b26ce8fc79612bf1ea700b503f8a812213d51d171045c084b29ca2d56d
}
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
Epay BRI
{
"payment_type": "bri_epay",
"transaction_details": {
"order_id": "2014111702",
"gross_amount": 11000
},
"item_details": [
{
"id": "1",
"price": 11000,
"quantity": 1,
"name": "Mobil "
}
],
"customer_details" : {
"first_name": "Andri",
"last_name": "Litani", // Optional
"email": "[email protected]",
"phone": "081122334455"
}
}
e-Pay BRI is one of the internet banking payment methods provided by BRI Bank. This method allows customers to
perform transactions by redirecting the customer to the e-Pay BRI payment page.
Integration steps:
{
"status_code": "201",
"status_message": "Success, BRI E-Pay transaction is successful",
"transaction_id": "f8635cd7-615d-4a6d-a806-c9ca4a56257e",
"order_id": "2014111702",
"redirect_url": "https://api.veritrans.co.id/v3/bri/epay/redirect/f8635cd7-615d-4a6d-a806-c9ca4a56257e"
"gross_amount": "145000.00",
"payment_type": "bri_epay",
"transaction_time": "2016-06-19 16:00:05",
"transaction_status": "pending",
"fraud_status": "accept",
"currency": "IDR"
}
{
"transaction_time": "2016-06-19 16:00:05",
"gross_amount": "145000.00",
"order_id": "2014111702",
"payment_type": "bri_epay",
"signature_key": "2ea1c4b7d7a41700848bbd248b85dd933e9fdff1f4d69fefa8eefac2bf92ac8a78dbc40a78b5d77315b7041
"status_code": "201",
"transaction_id": "f8635cd7-615d-4a6d-a806-c9ca4a56257e",
"transaction_status": "pending",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
{
"approval_code": "201373311528",
"transaction_time": "2016-06-19 16:04:02",
"gross_amount": "145000.00",
"order_id": "2014111702",
"payment_type": "bri_epay",
"signature_key": "13b6b8a2da46428812e7685463770e3704ece7fc3242a5f016f068b7b135e12a71afd02259fe4dbd8c97d74
"status_code": "200",
"transaction_id": "f8635cd7-615d-4a6d-a806-c9ca4a56257e",
"transaction_status": "settlement",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
{
"transaction_time": "2016-06-19 16:04:02",
"gross_amount": "145000.00",
"order_id": "2014111702",
"payment_type": "bri_epay",
"signature_key": "6f4c3f00e391e2a97199ace0c243419b12c58eb9ec698600c25f8e9103573ef5258460484d64d742a4cd221
"status_code": "202",
"transaction_id": "f8635cd7-615d-4a6d-a806-c9ca4a56257e",
"transaction_status": "deny",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "f8635cd7-615d-4a6d-a806-c9ca4a56257e",
"order_id": "2014111702",
"gross_amount": "145000.00",
"payment_type": "bri_epay",
"transaction_time": "2016-06-19 18:00:05",
"transaction_status": "expire",
"signature_key": "75969ac3cd1538b860ddb49fce06084eae991093d6d7c4fb653efd0beb19b0f31b3e9c9568f1c1eae3deb98
}
transaction_status String Transaction status of Epay BRI transaction, the possible value is
pending
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it or
transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
CIMB Clicks
{
"payment_type": "cimb_clicks",
"cimb_clicks": {
"description": "Purchase of a special event item"
},
"item_details": [
{
"id": "1",
"price": 11000,
"quantity": 1,
"name": "Mobil "
}
],
"transaction_details": {
"order_id": "H17550",
"gross_amount": 11000
},
"customer_details" : {
"first_name": "Andri",
"last_name": "Litani",
"email": "[email protected]",
"phone": "081122334455"
}
}
CIMB Clicks is one of the internet banking payment methods that is provided by CIMB Niaga Bank. This method allows
the customer to perform a transaction by redirecting the customer to the CIMB Clicks payment page.
Integration steps:
{
"status_code": "201",
"status_message": "Success, CIMB Clicks transaction is successful",
"redirect_url": "https://api.midtrans.com/cimb-clicks/request?id=226f042f-020e-4829-8bd7-2de64b8673ce",
"transaction_id": "226f042f-020e-4829-8bd7-2de64b8673ce",
"order_id": "1000156414164125",
"gross_amount": "392127.00",
"payment_type": "cimb_clicks",
"transaction_time": "2016-06-19 16:41:25",
"transaction_status": "pending"
}
{
"status_code": "201",
"status_message": "midtrans payment notification",
"transaction_id": "226f042f-020e-4829-8bd7-2de64b8673ce",
"order_id": "1000156414164125",
"gross_amount": "392127.00",
"payment_type": "cimb_clicks",
"transaction_time": "2016-06-19 16:41:25",
"transaction_status": "pending",
"signature_key": "666617ddc981eb096b6f08ab8ee132b93c12d3b5b3817f00a02c5d4c71bd53fd7f39d55a92b2a1f729ee070
}
{
"status_code": "200",
"status_message": "midtrans payment notification",
"transaction_id": "226f042f-020e-4829-8bd7-2de64b8673ce",
"order_id": "1000156414164125",
"gross_amount": "392127.00",
"payment_type": "cimb_clicks",
"transaction_time": "2016-06-19 16:45:21",
"transaction_status": "settlement",
"approval_code": "RB5031388093",
"signature_key": "3bcdf0700d3c8a288f279e4fe27a4012e916cb44120d541f6e4c48c83a107b605fdb063ae7c8744d1589104
}
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "226f042f-020e-4829-8bd7-2de64b8673ce",
"order_id": "1000156414164125",
"gross_amount": "392127.00",
"payment_type": "cimb_clicks",
"transaction_time": "2016-06-19 16:44:21",
"transaction_status": "deny",
"signature_key": "b736864661f8cbf04b287ee5a9514589dbe2dc53e3949338d648144b6bad1bc77d1b495921f119e7a6bf552
}
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "226f042f-020e-4829-8bd7-2de64b8673ce",
"order_id": "1000156414164125",
"gross_amount": "392127.00",
"payment_type": "cimb_clicks",
"transaction_time": "2016-06-19 18:41:25",
"transaction_status": "expire",
"signature_key": "3f1ddaf45b269df7a1638d6d4080957e1323df2cbc2da83549f86a23b17c2acae0215994bb60805455daf15
}
JSON Attribute Type Description
transaction_status String Transaction status of CIMB Clicks transaction, the possible value is
pending
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
{
"payment_type": "danamon_online",
"item_details": [
{
"id": "1",
"price": 11000,
"quantity": 1,
"name": "Mobil "
}
],
"transaction_details": {
"order_id": "H17550",
"gross_amount": 11000
},
"customer_details" : {
"first_name": "Andri",
"last_name": "Litani",
"email": "[email protected]",
"phone": "081122334455"
}
}
Danamon Online Banking (DOB) is one of the internet banking payment methods that is provided by Danamon Bank.
This method allows the customer to perform a transaction by redirecting the customer to the DOB payment page.
Integration steps:
{
"status_code": "201",
"status_message": "Success, Danamon Online transaction is successful",
"redirect_url": "https://api.midtrans.com/cimb-clicks/request?id=226f042f-020e-4829-8bd7-2de64b8673ce",
"transaction_id": "226f042f-020e-4829-8bd7-2de64b8673ce",
"order_id": "1000156414164125",
"gross_amount": "392127.00",
"payment_type": "danamon_online",
"transaction_time": "2016-06-19 16:41:25",
"transaction_status": "pending",
"fraud_status": "accept"
}
{
"status_code": "200",
"status_message": "midtrans payment notification",
"transaction_id": "226f042f-020e-4829-8bd7-2de64b8673ce",
"order_id": "1000156414164125",
"gross_amount": "392127.00",
"payment_type": "danamon_online",
"transaction_time": "2016-06-19 16:45:21",
"transaction_status": "settlement",
"fraud_status": "accept",
"approval_code": "RB5031388093",
"signature_key": "3bcdf0700d3c8a288f279e4fe27a4012e916cb44120d541f6e4c48c83a107b605fdb063ae7c8744d1589104
}
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "226f042f-020e-4829-8bd7-2de64b8673ce",
"order_id": "1000156414164125",
"gross_amount": "392127.00",
"payment_type": "danamon_online",
"transaction_time": "2016-06-19 16:44:21",
"transaction_status": "deny",
"fraud_status": "accept",
"signature_key": "b736864661f8cbf04b287ee5a9514589dbe2dc53e3949338d648144b6bad1bc77d1b495921f119e7a6bf552
}
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
E-wallet
One of the payment method offered by Midtrans is e-Wallet. By using this e-Wallet, customer will have an option to
make a payment via e-Wallet and Midtrans will send real time notification when the customer complete the payment.
At this moment, Midtrans has integrated with following e-Wallet payment methods:
QRIS
GoPay
GoPay Tokenization
ShopeePay
QRIS
QRIS Charge
{
"payment_type": "qris",
"transaction_details": {
"order_id": "order03",
"gross_amount": 275000
},
"item_details": [
{
"id": "id1",
"price": 275000,
"quantity": 1,
"name": "Bluedio H+ Turbine Headphone with Bluetooth 4.1 -"
}
],
"customer_details": {
"first_name": "Budi",
"last_name": "Utomo",
"email": "[email protected]",
"phone": "081223323423"
},
"qris": {
"acquirer": "gopay"
}
}
QRIS is a QR payment standard in Indonesia that is developed by Bank Indonesia (BI). Users could scan and pay the QR
from any payment providers registered as the issuer here.
1. gopay
2. airpay shopee (ShopeePay)
Integration steps:
{
"status_code": "201",
"status_message": "QRIS transaction is created",
"transaction_id": "0d8178e1-c6c7-4ab4-81a6-893be9d924ab",
"order_id": "order03",
"merchant_id": "M099098",
"gross_amount": "275000.00",
"currency": "IDR",
"payment_type": "qris",
"transaction_time": "2020-09-29 11:46:13",
"transaction_status": "pending",
"fraud_status": "accept",
"acquirer": "gopay",
"actions": [
{
"name": "generate-qr-code",
"method": "GET",
"url": "https://api.midtrans.com/v2/qris/0d8178e1-c6c7-4ab4-81a6-893be9d924ab/qr-code"
}
]
}
{
"transaction_time":"2020-09-29 11:18:06",
"transaction_status":"pending",
"transaction_id":"ce0a3584-5a0c-4049-ad88-5590a96be4fe",
"status_message":"midtrans payment notification",
"status_code":"201",
"signature_key":"b1798748303cf0817733c1e312d630793b84d8125a96af0cb7251f8266d5c5256285084ba3ffbfae1f264a03
"payment_type":"qris",
"order_id":"order03",
"merchant_id":"M099098",
"gross_amount":"275000.00",
"fraud_status":"accept",
"currency":"IDR",
"acquirer":"gopay"
}
{
"transaction_type":"on-us",
"transaction_time":"2020-09-29 11:27:33",
"transaction_status":"settlement",
"transaction_id":"9f07920a-6145-4d1e-9fc2-66e6fd6bc6fc",
"status_message":"midtrans payment notification",
"status_code":"200",
"signature_key":"155b03b554092326ad9d2ed936f5765fe759b6bc491c0161a26e4340978fb6e8f07683bf012552a9498bfc91
"settlement_time":"2020-09-29 11:30:44",
"payment_type":"qris",
"order_id":"order03",
"merchant_id":"M099098",
"issuer":"gopay",
"gross_amount":"275000.00",
"fraud_status":"accept",
"currency":"IDR",
"acquirer":"gopay"
}
{
"transaction_time":"2020-09-29 11:31:39",
"transaction_status":"expire",
"transaction_id":"9728e0fd-a49c-4c25-8c88-404ef1c45e0e",
"status_message":"midtrans payment notification",
"status_code":"202",
"signature_key":"4580d8fc6c4a8dca3319efc1f629b8b33e923ec62b2e6ad7254ed6230ef0e57977b2f6124ba8f2a7a71c53ac
"payment_type":"qris",
"order_id":"order03",
"merchant_id":"M099098",
"gross_amount":"275000.00",
"fraud_status":"accept",
"currency":"IDR",
"acquirer":"gopay"
}
JSON Attribute Type Description
actions Array(Object) Actions which can be performed which this transaction. Use generate-qr-c
ode action to render the QR code image (PNG format).
acquirer String The provider creating the QR and accepting the payment. The value is the
same as the one set in the charge request.
issuer String The provider that is making the payment over the QR.
transaction_type String To determine how the transaction is being acquired. Possible values are: on-
us or off-us .
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
GoPay
GoPay Charge
{
"payment_type": "gopay",
"transaction_details": {
"order_id": "order03",
"gross_amount": 275000
},
"item_details": [
{
"id": "id1",
"price": 275000,
"quantity": 1,
"name": "Bluedio H+ Turbine Headphone with Bluetooth 4.1 -"
}
],
"customer_details": {
"first_name": "Budi",
"last_name": "Utomo",
"email": "[email protected]",
"phone": "081223323423"
},
"gopay": {
"enable_callback": true,
"callback_url": "someapps://callback"
}
}
GoPay is an e-Wallet payment method by Gojek. Users will pay using the GoJek app. The user flow varies when using a
web browser (on a computer or a tablet) compared to a SmartPhone:
1. QR Code - This is the user flow on a web browser (on a computer or a tablet). User is shown a QR code and asked to
scan using the GoJek app. (Diagram 1)
2. Deeplink - This is the user flow on a SmartPhone/mobile device. User gets redirected to the GoJek app to finish
payment. (Diagram 2)
Diagram 1 Diagram 2
Integration steps:
Instruction Example
For QR Code
For Deeplink
1. Tap Pay using GoPay
2. You will be redirected to GoJek app
3. Check and verify your payment details then tap Pay
4. Enter your security PIN
5. Your transaction is finished
{
"status_code": "201",
"status_message": "GO-PAY billing created",
"transaction_id": "e48447d1-cfa9-4b02-b163-2e915d4417ac",
"order_id": "SAMPLE-ORDER-ID-01",
"gross_amount": "10000.00",
"payment_type": "gopay",
"transaction_time": "2017-10-04 12:00:00",
"transaction_status": "pending",
"actions": [{
"name": "generate-qr-code",
"method": "GET",
"url": "https://api.midtrans.com/v2/gopay/e48447d1-cfa9-4b02-b163-2e915d4417ac/qr-code"
},
{
"name": "deeplink-redirect",
"method": "GET",
"url": "gojek://gopay/merchanttransfer?tref=1509110800474199656LMVO&amount=10000&activity=GP:RR
},
{
"name": "get-status",
"method": "GET",
"url": "https://api.midtrans.com/v2/e48447d1-cfa9-4b02-b163-2e915d4417ac/status"
},
{
"name": "cancel",
"method": "POST",
"url": "https://api.midtrans.com/v2/e48447d1-cfa9-4b02-b163-2e915d4417ac/cancel",
"fields": []
}
],
"channel_response_code": "200",
"channel_response_message": "Success",
"currency": "IDR"
}
{
"status_code": "201",
"status_message": "midtrans payment notification",
"transaction_id": "1c28dbbb-8596-48e4-85d7-9f1382db8a1f",
"order_id": "order03",
"gross_amount": "275000.00",
"payment_type": "gopay",
"transaction_time": "2016-06-19 15:50:12",
"transaction_status": "pending",
"signature_key": "40747f7f8f489c423c8ed72879ca8cb28dcd0c03fc9a192138667c4588f91486ae46094a6695d9fddbce0aba
}
{
"status_code": "200",
"status_message": "midtrans payment notification",
"transaction_id": "1c28dbbb-8596-48e4-85d7-9f1382db8a1f",
"order_id": "order03",
"gross_amount": "275000.00",
"payment_type": "gopay",
"transaction_time": "2016-06-19 15:54:42",
"transaction_status": "settlement",
"signature_key": "973d175e6368ad844b5817882489e6b22934d796a41a0573c066b1e64532dc0001087b87d877a3eac37cba2
}
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "1c28dbbb-8596-48e4-85d7-9f1382db8a1f",
"order_id": "order03",
"gross_amount": "275000.00",
"payment_type": "gopay",
"transaction_time": "2016-06-20 15:50:12",
"transaction_status": "expire",
"signature_key": "53c6e2e3639a6b5c09b9103aa343f00cfd0168c6a69a2d4f2203bdc58072531ad7b340ea01725538996a782
}
actions Array(Object) Actions which can be performed which this transaction. Use gener
ate-qr-code action to render the QR code image (PNG format).
Use deeplink-redirect action to redirect to GO-JEK apps.
In addition to the standard mobile apps flow, e-commerce may opt to implement a deeplink callback to redirect
customer back from GO-JEK to their apps.
Pre-requisites: E-commerce needs to prepare a deeplink which accept two query parameters
Query
Parameter Type Description
result String Result of the transaction to decide what kind of page to show to customer. Possible
values: success or failure .
WARNING: It is highly recommended to avoid using value passed on result to update status on backend. There is
HTTP notification for this use case.
GoPay Tokenization
GoPay Tokenization allows merchant to link their customer GoPay account. The flow is similar to card tokenization
where merchant can use the linked customer account for transaction authorization.
GoPay Tokenization Charge Request
{
"payment_type": "gopay",
"gopay": {
"account_id": "00000269-7836-49e5-bc65-e592afafec14",
"payment_option_token": "eyJ0eXBlIjogIkdPUEFZX1dBTExFVCIsICJpZCI6ICIifQ=="
},
"transaction_details": {
"gross_amount": 100000,
"order_id": "order-1234"
}
}
{
"status_code": "201",
"status_message": "GoPay transaction is created. Action(s) required",
"transaction_id": "00000269-7836-49e5-bc65-e592afafec14",
"order_id": "order-1234",
"gross_amount": "100000.00",
"currency": "IDR",
"payment_type": "gopay",
"transaction_time": "2016-06-28 09:42:20",
"transaction_status": "pending",
"fraud_status": "accept",
"channel_response_code": "0",
"channel_response_message": "Process service request successfully.",
"actions": [
{
"name": "verification-link-url",
"method": "GET",
"url": "http://api.midtrans.com/v2/gopay/redirect/gppr_6123269-1425-21e3-bc44-e592afafec14/charge"
},
{
"name": "verification-link-app",
"method": "GET",
"url": "http://api.midtrans.com/v2/gopay/redirect/gppd_6123269-1425-21e3-bc44-e592afafec14/charge"
}
]
}
{
"status_code": "202",
"status_message": "GoPay transaction is denied",
"transaction_id": "a8a91ece-24f9-427d-a588-b9a2428acda0",
"order_id": "order-1234",
"gross_amount": "100000.00",
"currency": "IDR",
"payment_type": "gopay",
"transaction_time": "2016-06-28 09:42:20",
"transaction_status": "deny",
"fraud_status": "accept",
"channel_response_code": "-1",
"channel_response_message": "System internal error."
}
Integration steps
1. Link customer account only the customer phone number is not yet linked.
2. Fetch customer account. If the linking is sucessful. Look into the metadata and store the token of the payment
option that the customer chosen, be it GOPAY_WALLET or PAY_LATER . Optionally, merchant can also use this API to
fetch the customer balance.
3. If the linking is already successful then the customer can proceed with the charge. Example request on the side.
4. If the status_code in the response is 200 then the transaction is already completed. If the status_code is 201 then
there's additional action needs to be done by the merchant. The merchant will need to open the verification url in
the actions to the customer. Once the verification is done, it will redirect back to the callback URL that is set on the
merchant dashboard.
Only use between these two redirection urls as the other one is redundant and will be deprecated.
verification-link-url is for transaction verification in browser or webview. This redirection is recommended for
desktop. The customer will receive a push notification from their Gojek app. Once they verify the transaction there, then
this page will auto redirect back to the merchant page. For merchants with special agreement with GoPay, this page
may also show OTP/PIN page.
verification-link-app is for transaction verification in Gojek app (This might not be applicable for all merchants).
The customer will need to input OTP/PIN from the Gojek app.
Merchant that enables GoPay Tokenization could opt to do pre-auth transactions. Pre-auth allows merchant to reserve
the customer balance before the goods or services are delivered. The reservation has a time limit of 24 hours for
merchant to capture it. Capturing a reservation is a process to settle the customer balance into merchant account.
{
"payment_type": "gopay",
"gopay": {
"account_id": "00000269-7836-49e5-bc65-e592afafec14",
"payment_option_token": "eyJ0eXBlIjogIkdPUEFZX1dBTExFVCIsICJpZCI6ICIifQ==",
"pre_auth": true, // the default value is false
},
"transaction_details": {
"gross_amount": 100000,
"order_id": "order-1234"
}
}
{
"status_code": "200",
"status_message": "Success, GoPay transaction is successful",
"transaction_id": "00000269-7836-49e5-bc65-e592afafec14",
"order_id": "order-1234",
"gross_amount": "100000.00",
"currency": "IDR",
"payment_type": "gopay",
"transaction_time": "2016-06-28 09:42:20",
"transaction_status": "authorize",
"fraud_status": "accept",
"channel_response_code": "0",
"channel_response_message": "Process service request successfully."
}
{
"status_code": "201",
"status_message": "GoPay transaction is created. Action(s) required",
"transaction_id": "00000269-7836-49e5-bc65-e592afafec14",
"order_id": "order-1234",
"gross_amount": "100000.00",
"currency": "IDR",
"payment_type": "gopay",
"transaction_time": "2016-06-28 09:42:20",
"transaction_status": "pending",
"fraud_status": "accept",
"channel_response_code": "0",
"channel_response_message": "Process service request successfully.",
"actions": [
{
"name": "verification-link-url",
"method": "GET",
"url": "http://api.midtrans.com/v2/gopay/redirect/gppr_6123269-1425-21e3-bc44-e592afafec14/charge"
},
{
"name": "verification-link-app",
"method": "GET",
"url": "http://api.midtrans.com/v2/gopay/redirect/gppd_6123269-1425-21e3-bc44-e592afafec14/charge"
}
]
}
GoPay Tokenization Pre-Auth Charge Deny Response
{
"status_code": "202",
"status_message": "GoPay transaction is denied",
"transaction_id": "a8a91ece-24f9-427d-a588-b9a2428acda0",
"order_id": "order-1234",
"gross_amount": "100000.00",
"currency": "IDR",
"payment_type": "gopay",
"transaction_time": "2016-06-28 09:42:20",
"transaction_status": "deny",
"fraud_status": "accept",
"channel_response_code": "-1",
"channel_response_message": "System internal error."
}
Integration steps
1. The linking process is exactly the same as the GoPay Tokenization linking process above.
2. If the linking is already successful then the customer can proceed with the charge. The only difference is that
merchant needs to pass pre_auth : "true" parameter. See example on the side.
3. If the status_code in the response is 200 then the transaction is authorized. If the status_code is 201 then there's
additional action needs to be done by the merchant. The merchant will need to open the verification url in the acti
ons to the customer. Once the verification is done, it will redirect back to the callback URL that is set on the
merchant dashboard.
4. Before 24 hours from the authorization time, merchant needs to call Capture API. Please note that we do not accept
partial amount capture for GoPay.
5. As an option, merchant could also cancel the authorization by calling the Cancel API.
ShopeePay
{
"payment_type": "shopeepay",
"transaction_details": {
"order_id": "test-order-shopeepay-001",
"gross_amount": 25000
},
"item_details": [
{
"id": "id1",
"price": 25000,
"quantity": 1,
"name": "Brown sugar boba milk tea"
}
],
"customer_details": {
"first_name": "John",
"last_name": "Brandon",
"email": "[email protected]",
"phone": "0819323212312"
},
"shopeepay": {
"callback_url": "https://midtrans.com/"
}
}
ShopeePay is an e-Wallet payment method by Shopee. Users will be redirected from the merchants app to pay using
the Shopee app. Due to this payment method requiring Shopee app, then it is only applicable for merchant integrating
from their mobile app. By default, ShopeePay transaction expiry is 5 minutes.
Integration steps:
{
"transaction_time":"2020-09-29 11:16:23",
"transaction_status":"pending",
"transaction_id":"bb379c3a-218b-47c7-9b0b-25f71f0f1231",
"status_message":"midtrans payment notification",
"status_code":"201",
"signature_key":"dd627b40a8951f8c15af2d0f4e96ceae748af857e1d697f4bdb631a37227a4de45952a909c5f08d92228dd27e
"payment_type":"shopeepay",
"order_id":"test-order-shopeepay-001",
"merchant_id":"YON001",
"gross_amount":"25000.00",
"fraud_status":"accept",
"currency":"IDR"
}
{
"transaction_time":"2020-09-29 11:22:38",
"transaction_status":"settlement",
"transaction_id":"6f4595c8-7ed6-4ade-818f-865fdd0e47aa",
"status_message":"midtrans payment notification",
"status_code":"200",
"signature_key":"a8abc37da315aa7c01c18817f4740db68392a15aa2e01fe4637dbaff49364e18e9367731a53569d23a90c06e
"settlement_time":"2020-09-29 11:23:44",
"payment_type":"shopeepay",
"order_id":"test-order-shopeepay-003",
"merchant_id":"YON001",
"gross_amount":"25000.00",
"fraud_status":"accept",
"currency":"IDR"
}
{
"transaction_time":"2020-09-29 11:24:57",
"transaction_status":"expire",
"transaction_id":"6637ee65-69cd-44ff-8650-5fb746c492aa",
"status_message":"midtrans payment notification",
"status_code":"202",
"signature_key":"d6452333ab67dfb2adb784f529d9c27dc149adffb74fcc1d45d98418f7c7a68a2e86a6f5ede9be83795aa147d
"payment_type":"shopeepay",
"order_id":"test-order-shopeepay-004",
"merchant_id":"YON001",
"gross_amount":"25000.00",
"fraud_status":"accept",
"currency":"IDR"
}
actions Array(Object) Actions which can be performed which this transaction. Use deepl
Indomaret
Alfamart
Indomaret
NOTE: There may be cases where SETTLEMENT turns into DENY . It is caused by a reversal triggered by the
corresponding payment provider. It may happen in the span of 1 minute.
{
"payment_type": "cstore",
"transaction_details": {
"gross_amount": 162500,
"order_id": "order04"
},
"cstore": {
"store": "Indomaret",
"message": "Tiket1 transaction"
},
"customer_details": {
"first_name": "Budi",
"last_name": "Utomo",
"email": "[email protected]",
"phone": "0811223344"
},
"item_details": [
{
"id": "id1",
"price": 162500,
"quantity": 1,
"name": "tiket1"
}
]
}
Indomaret is a feature provided by Indomaret where the customer can make online payment at an Indomaret store. The
customer only has to come to Indomaret cashier to complete the payment. By using this over the counter channel,
customer can pay their bill at any indomaret store. Midtrans will send a notification in real time for every incoming
payment.
Integration steps:
payment_type String Set Over the Counter payment method. Value: cstore
{
"status_code": "201",
"status_message": "Success, cstore transaction is successful",
"transaction_id": "e3f0b1b5-1941-4ffb-9083-4ee5a96d878a",
"order_id": "order04",
"gross_amount": "162500.00",
"payment_type": "cstore",
"transaction_time": "2016-06-19 17:18:07",
"transaction_status": "pending",
"payment_code": "25709650945026"
}
{
"status_code": "200",
"status_message": "midtrans payment notification",
"transaction_id": "991af93c-1049-4973-b38f-d6052c72e367",
"order_id": "order04",
"gross_amount": "162500.00",
"payment_type": "cstore",
"transaction_time": "2016-06-20 11:44:07",
"transaction_status": "settlement",
"approval_code": "59061607081045705101",
"signature_key": "a198f93ac43cf98171dcb4bd0323c7e3afbee77a162a09e2381f0a218c761a4ef0254d7650602971735c486
"payment_code": "25709650945026",
"store": "indomaret"
}
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "fd70880f-3458-4b16-9f09-289924185977",
"order_id": "order04",
"gross_amount": "162500.00",
"payment_type": "cstore",
"transaction_time": "2016-06-20 17:18:08",
"transaction_status": "expire",
"signature_key": "c260504a448018b4c4831b381f8a8c5088c37f2706dcc60b4d7d99a16e0ae3c22bc8945cb5177742386bab1d
"payment_code": "25709650945026",
"store": "indomaret"
}
payment_code String Unique payment code for customer to complete the payment in Indomaret
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
Alfamart
{
"payment_type": "cstore",
"transaction_details": {
"gross_amount": 162500,
"order_id": "order05"
},
"cstore": {
"store": "alfamart",
"alfamart_free_text_1": "1st row of receipt,",
"alfamart_free_text_2": "This is the 2nd row,",
"alfamart_free_text_3": "3rd row. The end."
},
"customer_details": {
"first_name": "Budi",
"last_name": "Utomo",
"email": "[email protected]",
"phone": "0811223344"
},
"item_details": [
{
"id": "id1",
"price": 162500,
"quantity": 1,
"name": "tiket2"
}
]
}
Alfamart provided customer to make online payment at various store under Alfa group. The supported stores are:
Alfamart, Alfamidi, DAN+DAN, and Lawson (Coming soon). The customer needs to visit the cashier of one of the store to
continue their payment. Midtrans will send a notification in real time for every incoming payment.
Integration steps:
payment_type String Set Over the Counter payment method. Value: cstore
{
"status_code": "201",
"status_message": "Success, cstore transaction is successful",
"transaction_id": "f1d381f8-7519-4139-b28f-81c6b3dc38ea",
"order_id": "order05",
"gross_amount": "10500.00",
"payment_type": "cstore",
"transaction_time": "2016-06-28 16:22:49",
"transaction_status": "pending",
"fraud_status": "accept",
"payment_code": "010811223344",
"store": "alfamart"
}
{
"status_code": "201",
"status_message": "midtrans payment notification",
"transaction_id": "e3f0b1b5-1941-4ffb-9083-4ee5a96d878a",
"order_id": "order04",
"gross_amount": "162500.00",
"payment_type": "cstore",
"transaction_time": "2016-06-19 17:18:07",
"transaction_status": "pending",
"signature_key": "2d488c1ff0adc2396ee9b9765807b6d53182a0aa17cd9bb251b99879099d4f727903a75440b1814539f5657
"payment_code": "25709650945026",
"store": "alfamart"
}
{
"status_code": "200",
"status_message": "midtrans payment notification",
"transaction_id": "991af93c-1049-4973-b38f-d6052c72e367",
"order_id": "order04",
"gross_amount": "162500.00",
"payment_type": "cstore",
"transaction_time": "2016-06-20 11:44:07",
"transaction_status": "settlement",
"approval_code": "59061607081045705101",
"signature_key": "a198f93ac43cf98171dcb4bd0323c7e3afbee77a162a09e2381f0a218c761a4ef0254d7650602971735c486
"payment_code": "25709650945026",
"store": "alfamart"
}
{
"status_code": "202",
"status_message": "midtrans payment notification",
"transaction_id": "fd70880f-3458-4b16-9f09-289924185977",
"order_id": "order04",
"gross_amount": "162500.00",
"payment_type": "cstore",
"transaction_time": "2016-06-20 17:18:08",
"transaction_status": "expire",
"signature_key": "c260504a448018b4c4831b381f8a8c5088c37f2706dcc60b4d7d99a16e0ae3c22bc8945cb5177742386bab1d
"payment_code": "25709650945026",
"store": "alfamart"
}
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it or
transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
payment_code String Unique payment code for customer to complete the payment in Alfamart
**Possible error codes:** `400`, `401`, `402`, `406`, and `410`. Please refer to the [status code](#status-
code).
Cardless Credit
Cardless credit allows customers to enroll in an affordable monthly payment plan so they don't have to pay all at once.
It provides e-commerce access to target certain customer market which lack credit cards but prefer installment. At this
moment, Midtrans has integrated to these cardless credits:
Akulaku
Akulaku
Akulaku Charge
{
"payment_type": "akulaku",
"transaction_details": {
"order_id": "orderid-01",
"gross_amount": 11000
},
"item_details": [
{
"id": "1",
"price": 11000,
"quantity": 1,
"name": "Sepatu "
}
],
"customer_details":{
"first_name": "John",
"last_name": "Baker",
"email": "[email protected]",
"phone": "08123456789"
}
}
In addition to their shopping mall business, Akulaku has been enabling e-commerces to sell their merchandise in
installment. It allows their customers to pay in installment without credit card as long as they are registered to Akulaku.
Integration steps:
{
"status_code": "201",
"status_message": "Success, Akulaku transaction is created",
"transaction_id": "b3a40398-d95d-4bb9-afe8-9a57bc0786ea",
"order_id": "orderid-01",
"redirect_url": "https://api.sandbox.veritrans.co.id/v2/akulaku/redirect/b3a40398-d95d-4bb9-afe8-9a57bc
"gross_amount": "11000.00",
"currency": "IDR",
"payment_type": "akulaku",
"transaction_time": "2018-08-24 16:20:36",
"transaction_status": "pending",
"fraud_status": "accept",
"channel_response_code": "",
"channel_response_message": ""
}
{
"transaction_time": "2018-08-24 16:20:36",
"gross_amount": "11000.00",
"order_id": "orderid-01",
"payment_type": "akulaku",
"signature_key": "e47d73b2a10347d291e85a7c39c5fa2a7b760f0af7d9882f9c1b26db06e1af948968184b78f67112158cdedd
"status_code": "201",
"transaction_id": "b3a40398-d95d-4bb9-afe8-9a57bc0786ea",
"transaction_status": "pending",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
{
"transaction_time": "2018-08-24 16:20:36",
"gross_amount": "11000.00",
"order_id": "orderid-01",
"payment_type": "akulaku",
"signature_key": "35c4111539e184b268b7c1cd62a9c254e5d27c992c8fd55084f930b69b09eaafcfe14b0d512c697648295fdb
"status_code": "200",
"transaction_id": "b3a40398-d95d-4bb9-afe8-9a57bc0786ea",
"transaction_status": "settlement",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
{
"transaction_time": "2018-08-24 16:20:36",
"gross_amount": "11000.00",
"order_id": "orderid-01",
"payment_type": "akulaku",
"signature_key": "62a8c432bb5a288a0495dd4f868b0aede4535e0c8a9fbebb3c6e9d4ea0db6f1963e551e70a99e80512030afa
"status_code": "202",
"transaction_id": "b3a40398-d95d-4bb9-afe8-9a57bc0786ea",
"transaction_status": "expire",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
{
"transaction_time": "2018-08-24 16:20:36",
"gross_amount": "11000.00",
"order_id": "orderid-01",
"payment_type": "akulaku",
"signature_key": "c2bdfd8d1b25100f5512b2573ecad8f2d324837a731362491b5a6b0bbd7ec74a032010754129f4c74f77a21
"status_code": "202",
"transaction_id": "b3a40398-d95d-4bb9-afe8-9a57bc0786ea",
"transaction_status": "deny",
"fraud_status": "accept",
"status_message": "midtrans payment notification"
}
fraud_status String Detection result by Fraud Detection System (FDS). Possible Value:
accept : Approved by FDS.
challenge : Questioned by FDS. NOTE: Approve transaction to accept it or
transaction will auto cancel during settlement.
deny : Denied by FDS. Transaction automatically failed
Handing Notifications
Receiving Notifications
SHA512(order_id+status_code+gross_amount+serverkey)
<?php
$orderId = "1111";
$statusCode = "200";
$grossAmount = "100000.00";
$serverKey = "askvnoibnosifnboseofinbofinfgbiufglnbfg";
$input = $orderId.$statusCode.$grossAmount.$serverKey;
$signature = openssl_digest($input, 'sha512');
echo "INPUT: " , $input."<br/>";
echo "SIGNATURE: " , $signature;
?>
In order to increase the security aspect, there are several ways to ensure the notification is received from Midtrans.
Challenge Response
An additional mechanism we provide to verify the content and the origin of the notification is to challenge. This can be
achieved by calling the get status API. The response is the same as the notification status.
Signature Key
We added a signature key information in our notification. The purpose of this signature key is to validate whether the
notification is originated from Midtrans or not. Should the notification not be genuine, merchants can disregard the
notification. Please find on the side, the logic of the signature key and the sample code to generate signature key.
Always use an HTTPS endpoint. It is secure and there cannot be MITM attacks because we validate the certificates
match the hosts. Also do not use self signed certificates.
Use standard port (80/443) for notification callback url
Always implement notification in an idempotent way, in extremely rare cases, we may send multiple notifications for
the same transaction event twice. It should not cause double entries in the merchant end, The simple way of
achieving this is to use orderid as the key to track the entries.
Always check the signature hash of the notification, This will confirm that the notification was actually sent by
Midtrans, because we encode the shared secret (server key). Nobody else can build this signature hash.
Always check all the following three fields for confirming success transaction
status code: Should be 200 for successful transactions
fraud status: ACCEPT
transaction status : settlement/capture
We strive to send the notification immediately a er the transaction has occurred, but in extremely rare cases, it may
be delayed because of transaction spikes. If you have not received a notification, please use the Status API to check
for current status of the transaction.
It is safe to call Status API to get the latest status of the transaction/order on each notification.
We set the HTTP timeout to 15 seconds.
Please strive to keep the response time of the the HTTP notifications under 5 seconds.
In extremely rare cases we may send the HTTP notifications out of order, ie. a "settlement" status for a notification
before the notification for "Pending" status. It's important that such later notifications are ignored. Here's the state
transition diagram that you could use. But again, use our /status API to confirm the actual status.
We send the notification body as JSON, please parse the JSON with a JSON parser. Always expect new fields will be
added to the notification body, so parse it in a non strict format, so if the parser sees new fields, it should not throw
exception. It should gracefully ignore the new fields. This allows us to extend our notification system for newer use
cases without breaking old clients.
Always use the right HTTP Status code for responding to the notification, we handle retry for error cases differently
based on the status code
for 2xx : No retries, it is considered success
for 500 : Retry only once
for 503 : Retry 4 times
for 400/404 : Retry 2 times
for 301/302/303 : No retries. We suggest the notificaiton endpoint should be update in setting instead of reply
these status code.
for 307/308 : Follow the new url with POST method and same notification body. Max redirect is 5 times
for all other failures: Retry 5 times
We do retry at most 5 times with following policy
Different retry interval from 1st time to 5th time (2m, 10m, 30m, 1.5hour, 3.5hour)
Put a random time shi for each time retry base on above interval. For example, the first time retry might be
33s(at most 2m) a er the job failed.
The following are the standard types of notifications. Note that different types of notifications can be added in addition
to the below. Also new fields may be added to the existing notification, please confirm with the latest documentation
for the exact fields.
Merchant can opt to change or add custom notification urls on every transaction. It can be achieved by adding
additional HTTP headers into charge request.
Sample case
curl -X POST \
https://api.midtrans.com/v2/charge \
-H 'Accept: application/json' \
-H 'Authorization: Basic NjJiMTVhN2QtZTVmOC00YjNjLTllYWItY2E4MjdjYTM3ZjU1Og==' \
-H 'Content-Type: application/json' \
-H 'X-Append-Notification: https://example.com/test1,https://example.com/test2' \
-H 'cache-control: no-cache' \
-d '{
"payment_type": "gopay",
"transaction_details": {
"order_id": "1553229166",
"gross_amount": 10000
}
}'
curl -X POST \
https://api.midtrans.com/v2/charge \
-H 'Accept: application/json' \
-H 'Authorization: Basic NjJiMTVhN2QtZTVmOC00YjNjLTllYWItY2E4MjdjYTM3ZjU1Og==' \
-H 'Content-Type: application/json' \
-H 'X-Override-Notification: https://example.com/test1,https://example.com/test2' \
-H 'cache-control: no-cache' \
-d '{
"payment_type": "gopay",
"transaction_details": {
"order_id": "1553229166",
"gross_amount": 10000
}
}'
Assuming merchant has set https://example.com as their notification url on the dashboard.
1. https://example.com,
2. https://example.com/test1, and
3. https://example.com/test2
1. https://example.com/test1 and
2. https://example.com/test2
When both `X-Append-Notification` and `X-Override-Notification` are used together then only override will be
used.
Status Code
Status Codes used by Midtrans API are categorized into 2xx, 3xx, 4xx dan 5xx.
Code 2xx
Status Description
200 Credit Card: Success . Request is successful, and transaction is authorize, capture, settlement, cancel,
approve challenge transactions, accepted by Midtrans and bank.
201 Credit Card: Challenge . The transaction successfully sent to bank but the process has not been
completed, need manual action from merchant to complete the transaction process. If the merchant does
not perform any action until settlement time (H+1 16:00) Midtrans will cancel the transaction.
Bank Transfer: Pending . The transaction successfully sent to bank but the process has not been
completed by the customer. By default, the transaction will expire within 24 hours.
GO-PAY Pending . The transaction has successfully created to GO-PAY but has not been completed by the
customer. By default, the transaction will expire within 15 minutes.
Cimb Clicks: Pending . The transaction successfully sent to bank but the process has not been completed
by the customer. By default, the transaction will expire within 2 hours.
BRI ePay: Pending . The transaction successfully sent to bank but the process has not been completed by
the customer. By default, the transaction will expire within 2 hours.
Klik BCA: Pending . The transaction successfully sent to bank but the process has not been completed by
the customer. By default, the transaction will expire within 2 hours.
BCA Klikpay: Pending . The transaction successfully sent to bank but the process has not been
completed by the customer. By default, the transaction will expire within 2 hours.
Mandiri Bill Payment: Pending . The transaction successfully sent to bank but the process has not been
completed by the customer. By default, the transaction will expire within 2 hours.
XL Tunai: Pending . The transaction successfully sent to provider but the process has not been completed
by the customer. By default, the transaction will expire within 2 hours.
Indomaret: Pending . The transaction successfully sent to provider but the process has not been
completed by the customer. By default, the transaction will expire within 2 hours
202 Credit Card: Denied . The transaction has been processed but is denied by payment provider or Midtrans'
fraud detection system.
Other payment methods: Denied . The transaction has been processed but is denied by payment
provider
Code 3xx
Status Description
300 Move Permanently, current and all future requests should be directed to the new URL
Code 4xx
Status Description
400 Validation Error, merchant sent bad request data example; validation error, invalid transaction type,
invalid credit card format, etc.
401 Access denied due to unauthorized transaction, please check client key or server key
403 The requested resource is only capable of generating content not acceptable according to the accepting
headers that sent in the request
404 The requested resource/transaction is not found (eg. order_id is not exist)
406 Duplicate order ID. Order ID has already been utilized previously
409 Merchant has sent too many transactions for the same card number
413 The request cannot be processed due to malformed syntax in the request body
Code 5xx
Status Description
505 The requested payment reference is not available. Either try again to use different one.
Credit card is divided into two category based on its channel to acquirer: Host-to-Host and MIGS.
Host-to-Host
01 Refer to Issuer The customer’s bank (Card Issuer) has indicated there is a problem with the credit card
number. The customer should contact their bank. The customer should use an alternate
credit card.
02 Refer to The customer’s bank (Card Issuer) has indicated there is a problem with the credit card
Issuer, special number. The customer should contact their bank. The customer should use an alternate
credit card.
03 No Merchant The Merchant ID is invalid, you should contact your Bank and ensure you have provided
the correct Merchant Account Number.
04 Pick Up Card The customer’s bank (Card Issuer) has declined the transaction and requested that your
customer’s credit card be retained. (card reported lost or stolen). The customer should
use an alternate credit card.
05 Do Not The customer’s bank has declined the transaction as the credit card number has failed a
Honour security check, or the funds have been frozen or depleted. The customer should use an
alternate credit card.
06 Error The customer’s bank (Card Issuer) has declined the transaction as there is a problem with
the credit card number. The customer should contact their bank. The customer should
use an alternate credit card.
07 Pick Up Card, The customer’s bank (Card Issuer) has declined the transaction and requested that your
Special customer’s credit card be retained. (card reported lost or stolen) The customer should use
an alternate credit card.
09 Request In The customer’s bank (Card Issuer) has indicated there is a problem with the credit card
Progress number. The customer should contact their bank. The customer should use an alternate
credit card.
12 Invalid The customer’s bank (Card Issuer) has declined the transaction because of an invalid
Transaction format or field. Check the transaction information and try processing the transaction
again.
13 Invalid An invalid character (e.g. a amount sign or a space) may be being passed to the gateway.
Amount Check your website’s code.
14 Invalid Card The customer’s bank (Card Issuer) has declined the transaction as the Credit Card number
Number does not exist. Check the credit card information and try processing the transaction
again.
15 No Issuer The customer’s bank (Card Issuer) does not exist. Check the credit card information and
try processing the transaction again.
19 Re-enter Last The transaction has not been processed and the customer should attempt to process the
Transaction transaction again.
21 No Action The customer’s bank (Card Issuer) has indicated there is a problem with the credit card
Taken number. The customer should contact their bank. The customer should use an alternate
credit card.
22 Suspected The customer’s bank (Card Issuer) cannot be contacted during the transaction. The
Malfunction customer should check the credit card information and try processing the transaction
again.
30 Format Error The customer’s bank (Card Issuer) does not recognise the transaction details. The
customer should check the transaction information and try processing the transaction
again.
31 Bank Not The customer’s bank (Card Issuer) has declined the transaction as it does not allow
Supported By transactions originating through mail / telephone, fax, email or Internet orders. This error
Switch is associated customers attempting to use a Discover Card. The customer should use an
alternate credit card.
33 Expired Card, The customer’s bank (Card Issuer) has declined the transaction as Credit Card has expired
Capture or the date is incorrect. Check the expiry date in the transaction and try processing the
transaction again.
34 Suspected The customer’s bank (Card Issuer) has declined the transaction as there is a suspected
Fraud, Retain fraud on this Credit Card number.
Card
35 Card Acceptor, The customer’s bank (Card Issuer) has declined the transaction and requested that the
Contact customer’s credit card be retained (card reported lost or stolen). The customer should use
Acquirer, an alternate credit card.
Retain Card
36 Restricted The customer’s bank (Card Issuer) has declined the transaction and requested that the
Card, Retain customer’s credit card be retained. (card reported lost or stolen) The customer should use
Card an alternate credit card.
37 Contact The customer’s bank (Card Issuer) has declined the transaction and requested that your
Acquirer customer’s credit card be retained. (card reported lost or stolen) The customer should use
Security an alternate credit card.
Department,
Retain Card
38 PIN Tries The customer’s bank (Card Issuer) has declined the transaction as the customer has
Exceeded, entered the incorrect PIN three times. The customer’s bank (Card Issuer) has requested
Capture you retain the credit card. The customer should use an alternate credit card and contact
their bank.
39 No Credit The customer’s bank has declined the transaction as the Credit Card number used is not a
Account credit account. The customer should use an alternate credit card.
40 Function Not The customer’s bank (Card Issuer) has declined the transaction as it does not allow this
Supported type of transaction. The customer should use an alternate credit card.
41 Lost Card The customer’s bank (Card Issuer) has declined the transaction as the card has been
reported lost. The customer should use an alternate credit card.
42 No Universal The customer’s bank (Card Issuer) has declined the transaction as the account type
Account selected is not valid for this credit card number. The customer should use an alternate
credit card.
43 Stolen Card The customer’s bank (Card Issuer) has declined the transaction as the card has been
reported stolen. The customer should use an alternate credit card.
44 No The customer’s bank (Card Issuer) has declined the transaction as the account type
Investment selected is not valid for this credit card number. The customer should use an alternate
Account credit card.
51 Insufficient The customer’s bank (Card Issuer) has declined the transaction as the credit card does
Funds not have sufficient funds. The customer should use an alternate credit card.
52 No Cheque The customer’s bank (Card Issuer) has declined the transaction as the credit card number
Account is associated to a cheque account that does not exist. The customer should use an
alternate credit card.
53 No Savings The customer’s bank (Card Issuer) has declined the transaction as the credit card number
Account is associated to a savings account that does not exist. The customer should use an
alternate credit card.
54 Expired Card The customer’s bank (Card Issuer) has declined the transaction as the credit card appears
to have expired. The customer should check the expiry date entered and try again, or use
an alternate credit card.
55 Incorrect PIN The customer’s bank (Card Issuer) has declined the transaction as the customer has
entered an incorrect PIN. The customer should re-enter their PIN, otherwise use an
alternate credit card.
56 No Card The Customer’s bank has declined the transaction as the credit card number does not
Record exist. The customer should use an alternate credit card.
57 Function Not The Customer’s bank has declined the transaction as this credit card cannot be used for
Permitted to this type of transaction. The customer should use an alternate credit card.
Cardholder
58 Function Not The Customer’s bank has declined the transaction as this credit card cannot be used for
Permitted to this type of transaction. This may be associated with a test credit card number. The
Terminal customer should use an alternate credit card.
59 Suspected The customer’s bank has declined this transaction as the credit card appears to be
Fraud fraudulent.
60 Acceptor The customer’s bank (card issuer) has declined the transaction. The customer should
Contact contact their bank and retry the transaction.
Acquirer
61 Exceeds The customer’s bank has declined the transaction as it will exceed the customer’s card
Withdrawal limit. The customer should use an alternate credit card.
Limit
62 Restricted The customer’s bank has declined the transaction as the credit card has some
Card restrictions. The customer should use an alternate credit card.
63 Security The customer’s bank has declined the transaction. The customer should use an alternate
Violation credit card.
64 Original The customer’s bank has declined the transaction due to the amount attempting to be
Amount processed. The customer should check the transaction amount and try again.
Incorrect
66 Acceptor The customer’s bank has declined the transaction and request the Merchant to contact
Contact the bank. The customer should use an alternate credit card.
Acquirer,
Security
67 Capture Card The customer’s bank has declined the transaction as the card is suspected to be
counterfeit. The customer’s bank (Card Issuer) has requested that your customer’s credit
card be retained. The customer should use an alternate credit card.
75 PIN Tries The customer’s bank has declined the transaction as the customer has entered the
Exceeded incorrect PIN more than three times. The customer should use an alternate credit card.
82 CVV Validation The customer’s bank has declined the transaction as the CVV is incorrect. The customer
Error should check the CVV details and try again. If not successful, the customer should use an
alternate credit card.
90 Cutoff In The customer’s bank is temporarily not able to process this customer’s credit card. The
Progress customer should attempt to process this transaction again.
91 Card Issuer The customer’s bank is unable to be contacted to authorise the transaction. The customer
Unavailable should attempt to process this transaction again.
92 Unable To The customer’s bank cannot be found for routing. This response code is o en returned
Route when the customer is using a test credit card number. The customer should attempt to
Transaction process this transaction again.
93 Cannot The customer’s bank has declined the transaction and request the customer to contact
Complete, their bank. The customer should use an alternate credit card.
Violation Of
The Law
94 Duplicate The customer’s bank has declined the transaction as this transaction appears to be a
Transaction duplicate transmission. No action required.
96 System Error The customer’s bank was not able to process the transaction. The customer should
attempt to process this transaction again.
N0 CSC not Transaction failed. Customers should try using another card.
provided -
credit
transaction is
not allowed
N7 Decline for The customer’s bank has declined the transaction as the CVV is incorrect. The customer
CVV2 failure should check the CVV details and try again. If not successful, the customer should use an
(for Visa cards alternate credit card.
only)
Z3 Transaction The customer's bank has declined the capture transaction since amount greater than the
amount is authorised amount. The customer should use an alternate credit card.
greater than
authorised
MIGS
1 Transaction could There is an issue with merchant's account or the ID/Access Code the merchant uses
not be processed is incorrect.
2 Transaction Declined The customer should contact their bank. The customer should use an alternate
– Contact Issuing credit card.
Bank
4 Transaction Declined The customer’s bank (Card Issuer) has declined the transaction as Credit Card has
– Expired Card expired or the date is incorrect. Check the expiry date in the transaction and try
processing the transaction again.
5 Transaction Declined The customer’s bank (Card Issuer) has declined the transaction as the credit card
– Insufficient credit does not have sufficient funds. The customer should use an alternate credit card.
6 Transaction Declined The customer's bank/ acquiring bank experienced a system error.
– Bank system error
7 Payment Server Typically caused by invalid input data such as an invalid credit card number.
Processing Error Processing errors can also occur. The customer should check the credit card
information and try processing the transaction again.
8 Transaction Declined The customer’s bank (Card Issuer) has declined the transaction as it does not allow
– Transaction Type this type of transaction. The customer should use an alternate credit card.
Not Supported
9 Bank Declined The customer should use an alternate credit card. Can be caused by following
Transaction (Do not reasons:
contact Bank)
Transaction Aborted (A)
Transaction Blocked (B)
Transaction Cancelled (C)
Deferred Transaction (D)
Transaction Declined – Refer to card issuer (E)
Authentication Failed (F)
Card Security Code Failed (I)
Shopping Transaction Locked - This indicates that there is another
transaction taking place using the same shopping transaction number (L)
Cardholder is not enrolled in 3D Secure - Authentication Only (N)
Transaction is Pending (P)
Retry Limits Exceeded, Transaction Not Processed (R)
Card Security Code Failed (U)
-2 | A server dropped the connection | -1 | A server error occurred | 0 | Success | 1 | Request parameters error | 2 |
Permission denied | 4 | Merchant/store not found | 6 | The user making the payment has not activated their wallet 7
Expired | 9 | User’s account is banned | 11 | Duplicate request/transaction | 24 | User's account is frozen | 42 | Insufficient
balance | 101 | One of the user’s wallet limits has been exceeded | 102 | One of the user’s wallet limits has been exceeded
| 103 | User exceeded daily payment limit. Limit will reset the next day | 104 | One of the user’s wallet limits has been
exceeded | 105 | Authorisation code is invalid | 121 | Client attempts to update completed transaction | 301 | Invalid
payment code or QR content | 303 | Merchant is trying to make payment to their own user account | 304 | Refund/void
cannot be processed due to payment exceeding validity period. Valid refund period is set at 24 hours by default. |
JSON Object
Collection of JSON objects that are used in API Methods
"transaction_details": {
"order_id": "A87551",
"gross_amount": 145000
}
JSON
Attribute Type Required Description
order_id String(50) Y Order id of the transaction NOTE: Allowed Symbols are dash(-),
underscore(_), tilde (~), and dot (.)
gross_amount Long Y Gross value of the transaction NOTE: Don't add decimal
"credit_card": {
"token_id": "4811117d16c884-2cc7-4624-b0a8-10273b7f6cc8",
"bank": "bni",
"installment_term": 6,
"bins": ["4811", "5233"],
"type": "authorize",
"save_token_id": true
}
bank String(255) N Acquiring bank. Valid values: mandiri , bni , cimb , bca , mayban
k , and bri
bins JSON N List of credit card's BIN (Bank Identification Number) that is allowed
Array for transaction
save_token_id Boolean N Used on 'one click' or 'two clicks' feature. Enabling it will return a s
"item_details": [{
"id": "a1",
"price": 50000,
"quantity": 2,
"name": "Apel",
"brand": "Fuji Apple",
"category": "Fruit",
"merchant_name": "Fruit-store",
"tenor": "12",
"code_plan": "000",
"mid": "123456"
}]
id String N Item ID
price Number Y Price of the item
NOTE: Don't add decimal
tenor Numeric(2) C Installment term, use 2 digits numeric (03, 06, 09, 12, 24)
NOTE: BCA KlikPay exclusive field
WARNING: Please avoid using vertical line ( | ) for Alfamart payment type. item_details is required for Akulaku
payment type.
Subtotal (item price multiplied by quantity) of all the item details needs to be exactly the same as the
gross_amount inside transaction_details object
Tips: You can actually make an item with minus price to be presented as discount
"customer_details": {
"first_name": "TEST",
"last_name": "UTOMO",
"email": "[email protected]",
"phone": "+628123456",
"billing_address": {
"first_name": "TEST",
"last_name": "UTOMO",
"phone": "081 2233 44-55",
"address": "Sudirman",
"city": "Jakarta",
"postal_code": "12190",
"country_code": "IDN"
},
"shipping_address": {
"first_name": "TEST",
"last_name": "UTOMO",
"phone": "0 8128-75 7-9338",
"address": "Sudirman",
"city": "Jakarta",
"postal_code": "12190",
"country_code": "IDN"
}
}
WARNING: Please limit customer names (first name and last name) to only 30 characters for BCA VA.
JSON
Attribute Type Required Description
postal_code String(255) N Postal code of the billing address. Note: Format is alpha-numeric. It can
accept "-" and space
country_code String(3) N Country ID of the billing address. (e.g IDN) ISO 3166-1 alpha-3
Shipping address Object
JSON
Attribute Type Required Description
postal_code String(255) N Postal code of the shipping address. Note: Format is alpha-numeric. It
can accept "-" and space
country_code String(3) N Country ID of the shipping address. (e.g IDN) ISO 3166-1 alpha-3
"bank_transfer":{
"bank": "bca",
"va_number": "111111",
"free_text": {
"inquiry": [
{
"id": "Free Text ID Free Text ID Free Text ID",
"en": "Free Text EN Free Text EN Free Text EN"
}
],
"payment": [
{
"id": "Free Text ID Free Text ID Free Text ID",
"en": "Free Text EN Free Text EN Free Text EN"
}
]
},
"bca": {
"sub_company_code": "00000"
}
}
"bank_transfer":{
"bank": "permata",
"va_number": "111111",
"permata": {
"recipient_name": "SUDARSONO"
}
}
JSON
Attribute Type Required Description
bank String(255) Y Bank name which process bank transfer transaction. Valid value is perma
ta , bni , bri , and bca
va_number String(255) N Custom va number assigned by merchant. If shorter than minimum then
we will add trailing 0s as most significant bits. If longer than maximum
then we will trim the remaining least significant bits.
free_text JSON N list of free texts NOTE: Right now only used for BCA VA
Array
sub_company_code String N BCA sub company code directed for this transactions NOTE: Default is
00000
JSON
Attribute Type Required Description
recipient_name String N Recipient name shown on the payment details. It is shown as 20 digit
uppercase string. NOTE: Default is merchant name
Echannel Object
"echannel" : {
"bill_info1" : "Payment For:",
"bill_info2" : "Tuition fee",
"bill_info3" : "Name:",
"bill_info4" : "Budi Utomo",
"bill_info5" : "Class:",
"bill_info6" : "Computer Science",
"bill_info7" : "ID:",
"bill_info8" : "VT-12345"
}
JSON
Attribute Type Required Description
bill_info1 String(255) Y Label 1. Mandiri only allows 10 characters. Exceeding characters will be
truncated.
bill_info2 String(255) Y Value for Label 1. Mandiri only allows 30 characters. Exceeding
characters will be truncated.
bill_info3 String(255) N Label 2. Mandiri only allows 10 characters. Exceeding characters will be
truncated.
bill_info4 String(255) N Value for Label 2. Mandiri only allows 30 characters. Exceeding
characters will be truncated.
bill_info5 String(255) N Label 3. Mandiri only allows 10 characters. Exceeding characters will be
truncated.
bill_info6 String(255) N Value for Label 3. Mandiri only allows 30 characters. Exceeding
characters will be truncated.
bill_info7 String(255) N Label 4. Mandiri only allows 10 characters. Exceeding characters will be
truncated.
bill_info8 String(255) N Value for Label 4. Mandiri only allows 30 characters. Exceeding
characters will be truncated.
VA Number Object
"va_numbers": [
{
"bank": "bca",
"va_number": "91019021579"
}
]
JSON
Attribute Type Required Description
bank String(255) Y Bank name which process bank transfer transaction. Valid value is perm
ata , bii , bri , and bca
"payment_amounts": [
{
"paid_at": "2016-06-19 20:12:22",
"amount": "20000.00"
}
]
"bca_klikpay": {
"description": "Pembelian Barang"
}
"bca_klikbca" : {
"description" : "3176440",
"user_id" : "midtrans1012"
}
"cimb_clicks": {
"description": "Purchase of a special event item"
}
description String(100) Y Description which will be shown on the CIMB email notification.
"cstore" : {
"store" : "indomaret",
"message" : "mangga",
"alfamart_free_text_1": "1st row of receipt,",
"alfamart_free_text_2": "This is the 2nd row,",
"alfamart_free_text_3": "3rd row. The end."
}
alfamart_free_text_1 String N Customize the first row of description in Alfamart printed receipt
(40)
alfamart_free_text_2 String N Customize the second row of description in Alfamart printed
(40) receipt
alfamart_free_text_3 String N Customize the third row of description in Alfamart printed receipt
(40)
Action Object
{
"name": "cancel",
"method": "POST",
"url": "https://api.midtrans.com/v2/e48447d1-cfa9-4b02-b163-2e915d4417ac/cancel",
"fields": []
}
JSON
Attribute Type Required Description
fields Array(String) C Parameters which can be sent for the action. Only for method other
than GET .
Gopay Object
"gopay": {
"enable_callback": true,
"callback_url": "someapps://callback",
"account_id": "00000269-7836-49e5-bc65-e592afafec14",
"payment_option_token": "eyJ0eXBlIjogIkdPUEFZX1dBTExFVCIsICJpZCI6ICIifQ=="
}
account_id String C Required for GoPay Checkout. Linked customer account ID from
create pay account API.
payment_option_token String C Required for GoPay Checkout. Token to specify the payment
option made by the customer from get pay account API
metadata.
pre_auth Boolean N Set the value to true to make payment mode into reservation of
customer balance only. Once, customer balance is reserved, a
subsequent capture call is expected to be initated by merchants.
Default value: false
QRIS Object
"qris": {
"acquirer": "gopay"
}
JSON
Attribute Type Required Description
acquirer String N To select the acquirer for QRIS. Possible values: airpay shopee , gopay .
Default value: gopay
ShopeePay Object
"shopeepay": {
"callback_url": "https://midtrans.com/"
}
JSON
Attribute Type Required Description
callback_url String N To determine where the user will get redirected back from Shopee app.
Default value is the finish url set in the merchant configuration in the portal.
"schedule": {
"interval": 1,
"interval_unit": "month",
"start_time": "2019-05-29T09:11:01.803677",
"previous_execution_at": "2019-05-29T09:11:01.803677",
"next_execution_at": "2019-06-29T09:11:01.803677"
}
interval Integer Subscription's interval given by merchant Note: only allowed 1-12 value
interval_unit String Interval temporal unit Note: currently only support month
previous_execution_at String Timestamp of last succeeded charge. Note: on create subscription, timestamp
value will be the same as start_time
authorize Transaction authorizes the credit card. Must be captured to capture , cancel
process the balance. Note: Credit Card only
capture Transaction captures the credit card balance. Will be settled settlement , cancel
as batch.
t fund , partial_chargeback
deny Payment provider rejects the credentials used for payment. N/A
See status_message for deny details.
pending Transaction is made available in Midtrans to be paid. settlement , deny , cancel , expi
re
Fraud Status
Fraud Status used by Midtrans API.
Status Description
challenge We cannot determine the transaction. Merchant should take action to accept or deny.
Deprecation Notices
November 7, 2017
Starting on February 1st, 2018, channel parameter from Token Card Object and Charge Request Credit Card Object
will be permanently removed. Once it is effective, any channel parameter sent to Midtrans' system will be
disregarded. We advise you to remove channel parameter on your end immediately.
Following this announcement, we have made channel parameter as optional. However, should you choose to do a
transaction via MIGS banks, you will need to send ‘bank’ parameter to Midtrans. Below are few instances where changes
might occur:
Please avoid option number 2, 4, and 6 (where channel parameter is used) in all scenarios.
Notes: MIGS banks: BCA , MAYBANK , or BRI Non-MIGS banks: BNI , CIMB , MANDIRI , OR MEGA
We are introducing the new flow for Mandiri Clickpay. This new flow will enable you to exchange customer card data for
a token_id on client side. Consequently, the token_id is passed as Mandiri Clickpay parameter instead of card_num
ber .
We highly suggest you to update your Mandiri Clickpay implementation to cater this new flow since we are going to
deprecate the old implementation by 1st December 2017. Please see Mandiri ClickPay for implementation details.
August 3, 2017
We are limiting the characters to make sure that Order IDs are URL safe starting 1st November 2017. Please see
Transaction Details Object for details.
December 1, 2016
We are going to prohibit the use of decimal gross_amount starting 15th January 2017. Below are the examples of valid
and invalid parameters.
Example:
"10000" : valid
10000 : valid
"10000.00" : valid
"10000.01" : invalid
Invalid gross_amount will be rejected with 400 (validation error) status code.
User-Agent header in the HTTP notification from Midtrans will no longer be 'Veritrans'. It will be the same as the
http client we are using in code. Please do not use the User-Agent Header or depend on it In line with the change of
the name of the organization, we will also deprecate the usage of veritrans.co.id domain in the next 3-4 months.
This includes the following domains
Please switch to using the new hostnames and URL's immediately to avoid failures.