Integration: Direct Debit Payment
Deprecation Notice
The Direct Debit products and features described on this page are no longer officially supported for an indefinite period.
This page will no longer appear publicly in normal navigation, but will remain accessible via a direct link for archival purposes. You may proceed to use the information on this page, but please be aware that the content's accuracy is not guaranteed.
Direct Debit is one of the payment methods offered by Midtrans. Using this payment method, the customer can pay using their E-Banking debit account. Midtrans sends real-time notifications when the customer completes the payment. Currently, Midtrans can integrate with the following Direct Debit payment methods such as BCA KlikPay, CIMB Clicks, Danamon Online Banking, and BRImo (previously known as e-Pay BRI).
Sequence Diagram Transaction Flow
UOB EZPay Integration Guide
Guide coming soon for UOB EZPay. In the meantime, please refer to UOB EZPay Core API Reference
Sandbox Environment
The steps given below uses Midtrans Sandbox environment to test the integration process. Please make sure that you use the Server Key and Client Key for the Sandbox environment. For more details, refer to Retrieving API Access Keys.
Steps for Integration
To integrate with Direct Debit payment method, follow the steps given below.
1. Sending transaction data to Charge API
The Charge API request is sent with the transaction details, from the merchant backend.
Request Details
| Environment | Method | URL |
|---|---|---|
| Sandbox | POST | https://api.sandbox.midtrans.com/v2/charge |
| Production | POST | https://api.midtrans.com/v2/charge |
HTTP Headers
Accept: application/json
Content-Type: application/json
Authorization: Basic AUTH_STRING
AUTH_STRING: Base64Encode("YourServerKey"+":")
Midtrans API validates HTTP request by using Basic Authentication method. The username is your Server Key while the password is empty. The authorization header value is represented by AUTH_STRING. AUTH_STRING is base-64 encoded string of your username and password separated by colon symbol (:). For more details, refer to API Authorization and Headers.
Sample Request
The sample CURL request for Charge API for Direct Debit payment methods are shown below. You may implement according to your backend language. For more details, refer to available Language Libraries.
curl -X POST \
https://api.sandbox.midtrans.com/v2/charge \
-H 'Accept: application/json' \
-H 'Authorization: Basic <YOUR SERVER KEY ENCODED in Base64>' \
-H 'Content-Type: application/json' \
-d '{
"payment_type": "bca_klikpay",
"transaction_details": {
"order_id": "order-101",
"gross_amount": 44000
},
"bca_klikpay": {
"description": "Pembelian Barang"
}
}'
curl -X POST \
https://api.sandbox.midtrans.com/v2/charge \
-H 'Accept: application/json' \
-H 'Authorization: Basic <YOUR SERVER KEY ENCODED in Base64>' \
-H 'Content-Type: application/json' \
-d '{
"payment_type": "cimb_clicks",
"transaction_details": {
"order_id": "order-101",
"gross_amount": 44000
},
"cimb_clicks": {
"description": "Purchase of a Food Delivery"
}
}'
curl -X POST \
https://api.sandbox.midtrans.com/v2/charge \
-H 'Accept: application/json' \
-H 'Authorization: Basic <YOUR SERVER KEY ENCODED in Base64>' \
-H 'Content-Type: application/json' \
-d '{
"payment_type": "danamon_online",
"transaction_details": {
"order_id": "order-101",
"gross_amount": 44000
}
}'
curl -X POST \
https://api.sandbox.midtrans.com/v2/charge \
-H 'Accept: application/json' \
-H 'Authorization: Basic <YOUR SERVER KEY ENCODED in Base64>' \
-H 'Content-Type: application/json' \
-d '{
"payment_type": "bri_epay",
"transaction_details": {
"order_id": "order-101",
"gross_amount": 44000
}
}'
curl -X POST \
https://api.sandbox.midtrans.com/v2/charge \
-H 'Accept: application/json' \
-H 'Authorization: Basic <YOUR SERVER KEY ENCODED in Base64>' \
-H 'Content-Type: application/json' \
-d '{
"payment_type": "uob_ezpay",
"transaction_details": {
"order_id": "order-101",
"gross_amount": 44000
},
"uob_ezpay": {
"callback_url": "https://myshop.com/after-payment/?order_id=order-101"
}
}'
POST JSON Body Attribute Description
| Element | Description | Type | Required |
|---|---|---|---|
| payment_type | Direct Debit payment type. | String | Required |
| transaction_details | The details of the transaction like the order_id and gross_amount. | Object | Required |
| order_id | The order_id of the transaction. | String | Required |
| gross_amount | The total amount of transaction. | Long | Required |
Tips
You can include more information such as
customer_details,item_details, and so on. It is recommended to send more details regarding the transaction, so that these details will be captured on the transaction record. Which can be viewed on the Midtrans Dashboard.
Learn more on why this API request should be securely managed from your backend.
Sample Response and Response Body
The sample API responses and a description of the response body for the available Direct Debit payment methods are shown below.
{
"status_code": "201",
"status_message": "OK, BCA KlikPay transaction is successful",
"transaction_id": "d19a4bcd-ae30-49dc-bde7-57749aede090",
"order_id": "order-101",
"redirect_url": "https://api.sandbox.veritrans.co.id/v3/bca/klikpay/redirect/d19a4bcd-ae30-49dc-bde7-57749aede090",
"merchant_id": "G812785002",
"gross_amount": "44000.00",
"currency": "IDR",
"payment_type": "bca_klikpay",
"transaction_time": "2019-12-12 11:03:55",
"transaction_status": "pending",
"fraud_status": "accept",
}
{
"status_code": "201",
"status_message": "Success, CIMB Clicks transaction is successful",
"redirect_url": "https://api.sandbox.veritrans.co.id/cimb-clicks/request?id=2e8f8ddd-c61a-4d5f-83ad-429432383057",
"transaction_id": "2e8f8ddd-c61a-4d5f-83ad-429432383057",
"order_id": "order-101i-1576124787",
"gross_amount": "44000.00",
"currency": "IDR",
"payment_type": "cimb_clicks",
"transaction_time": "2019-11-11 11:26:27",
"transaction_status": "pending",
"merchant_id": "G812785002"
}
{
"status_code": "201",
"status_message": "Success, Danamon Online transaction is successful",
"transaction_id": "9da1c095-81b2-40d3-8285-8d27c60ae56e",
"order_id": "order-101p-1576124871",
"redirect_url": "https://api.sandbox.veritrans.co.id/v2/danamon/online/redirect/9da1c095-81b2-40d3-8285-8d27c60ae56e",
"merchant_id": "G812785002",
"gross_amount": "44000.00",
"currency": "IDR",
"payment_type": "danamon_online",
"transaction_time": "2019-11-11 11:27:50",
"transaction_status": "pending",
"fraud_status": "accept"
}
{
"status_code": "201",
"status_message": "Success, BRI E-Pay transaction is successful",
"transaction_id": "01c03b08-5e77-40d3-b1df-972f20a92e09",
"order_id": "order-101",
"redirect_url": "https://api.sandbox.veritrans.co.id/v3/bri/epay/redirect/01c03b08-5e77-40d3-b1df-972f20a92e09",
"merchant_id": "G812785002",
"gross_amount": "44000.00",
"currency": "IDR",
"payment_type": "bri_epay",
"transaction_time": "2019-11-11 15:09:35",
"transaction_status": "pending",
"fraud_status": "accept"
}
{
"status_code": "201",
"status_message": "Success, UOB Ez Pay transaction is successful",
"transaction_id": "6bc2a16f-2e5d-456f-8b7b-fdc52eec275f",
"order_id": "order-101",
"merchant_id": "G812785002",
"gross_amount": "44000.00",
"currency": "IDR",
"payment_type": "uob_ezpay",
"transaction_time": "2023-02-14 13:54:39",
"transaction_status": "pending",
"fraud_status": "accept",
"actions": [
{
"name": "web-redirect-url",
"method": "GET",
"url": "https://simulator.sandbox.midtrans.com/uob/ezpay/web?clientId=Midtrans&type=JWT&signature=..."
},
{
"name": "mobile-redirect-url",
"method": "GET",
"url": "https://simulator.sandbox.midtrans.com/uob/ezpay/mobile?link=https://simulator.sandbox.midtrans.com/?clientId%3DMidtrans%26signature%3D...&type=JWT&apn=com.uob.id.digitalbank.uat&isi=1472320289&ibi=com.uob.id.digitalbank.uat"
}
],
"expiry_time": "2023-02-14 14:08:39"
}
Response Body JSON Attribute Description for BCA KlikPay
| Element | Description | Type | Notes |
|---|---|---|---|
| status_code | This is the status of the API call. | String | For more details, refer to Error Code and Response Code. |
| status_message | A message from BCA KlikPay describing the status of the transaction. | String | |
| transaction_id | The Transaction ID of the specific transaction. | String | |
| order_id | The specific Order ID. | String | |
| redirect_url | The URL to which the customer is redirected from the bank's website. | String | |
| merchant_id | Your merchant ID. | String | |
| gross_amount | The total amount of transaction for the specific order. | String | |
| currency | The unit of currency used for the transaction. | String | |
| payment_type | The type of payment method used. | String | |
| transaction_time | The date and time at which the transaction occurred. | String | It is in the format, YYYY-MM-DD HH:MM:SS. Time zone: Western Indonesian Time (GMT+7). |
| transaction_status | The transaction status of the transaction. | String | For more details, refer to Transaction Status. |
| fraud_status | The fraud status of the transaction. | String | For more details, refer to Fraud Status. |
| redirect_data | Technical information from BCA such as transaction number, total amount, currency, and so on. | Object |
Response Body JSON Attribute Description for CIMBClicks/OctoClicks
| Element | Description | Type | Notes |
|---|---|---|---|
| status_code | This is the status of the API call. | String | For more details, refer to Error Code and Response Code. |
| status_message | A message from CIMB Clicks describing the status of the transaction. | String | |
| redirect_url | The URL to which the customer is redirected from the bank's website. | String | |
| transaction_id | The Transaction ID of the specific transaction. | String | |
| order_id | The specific Order ID. | String | |
| gross_amount | The total amount of transaction for the specific order. | String | |
| currency | The unit of currency used for the transaction. | String | |
| payment_type | The type of payment method used by the customer for the transaction. | String | |
| transaction_time | The date and time at which the transaction occurred. | String | It is in the format, YYYY-MM-DD HH:MM:SS. Time zone: Western Indonesian Time (GMT+7). |
| transaction_status | The status of the transaction. | String | For more details, refer to Transaction Status. |
| merchant_id | Your merchant ID. | String |
Response Body JSON Attribute Description for Danamon Online Banking
| Element | Description | Type | Notes |
|---|---|---|---|
| status_code | This is the status of the API call. | String | For more details, refer to Error Code and Response Code. |
| status_message | A message from Danamon Online Bank describing the status of the transaction. | String | |
| transaction_id | The Transaction ID of the specific transaction. | String | |
| order_id | The specific Order ID. | String | |
| redirect_url | The URL to which the customer is redirected from the bank's website. | String | |
| merchant_id | Your merchant ID. | String | |
| gross_amount | The total amount of transaction for the specific order. | String | |
| currency | The unit of currency used for the transaction. | String | |
| payment_type | The type of payment method used by the customer for the transaction. | String | |
| transaction_time | The date and time at which the transaction occurred. | String | It is in the format, YYYY-MM-DD HH:MM:SS. Time zone: Western Indonesian Time (GMT+7). |
| transaction_status | The status of the transaction. | String | For more details, refer to Transaction Status. |
| fraud_status | The fraud status of the transaction. | String | For more details, refer to Fraud Status. |
Response Body JSON Attribute Description for BRIMo
| Element | Description | Type | Notes |
|---|---|---|---|
| status_code | This is the status of the API call. | String | For more details, refer to Error Code and Response Code. |
| status_message | A message from BRImo describing the status of the transaction. | String | |
| transaction_id | The Transaction ID of the specific transaction. | String | |
| order_id | The specific Order ID. | String | |
| redirect_url | The URL to which the customer is redirected from the bank's website. | String | |
| merchant_id | Your merchant ID | String | |
| gross_amount | The total amount of transaction for the specific order. | String | |
| currency | The unit of currency used for the transaction. | String | |
| payment_type | The type of payment method used by the customer for the transaction. | String | |
| transaction_time | The date and time at which the transaction occurred. | String | It is in the format, YYYY-MM-DD HH:MM:SS. Time zone: Western Indonesian Time (GMT+7). |
| transaction_status | The transaction status of the transaction. | String | For more details, refer to Transaction Status. |
| fraud_status | The fraud status of the transaction. | String | For more details, refer to Fraud Status. |
Response Body JSON Attribute Description for UOB EzPay
| Element | Description | Type | Notes |
|---|---|---|---|
| status_code | This is the status of the API call. | String | For more details, refer to Error Code and Response Code. |
| status_message | A message from BRImo describing the status of the transaction. | String | |
| transaction_id | The Transaction ID of the specific transaction. | String | |
| order_id | The specific Order ID. | String | |
| merchant_id | Your merchant ID | String | |
| gross_amount | The total amount of transaction for the specific order. | String | |
| currency | The unit of currency used for the transaction. | String | |
| payment_type | The type of payment method used by the customer for the transaction. | String | |
| transaction_time | The date and time at which the transaction occurred. | String | It is in the format, YYYY-MM-DD HH:MM:SS. Time zone: Western Indonesian Time (GMT+7). |
| transaction_status | The transaction status of the transaction. | String | For more details, refer to Transaction Status. |
| fraud_status | The fraud status of the transaction. | String | For more details, refer to Fraud Status. |
| actions | Actions which can be performed with this transaction. Merchant is required to choose at least one of the provided redirect actions, to redirect the customer to Bank web/app to complete the transaction: Use web-deeplink-redirect action for web-based payment flow; or Use mobile-deeplink-redirect action for mobile-app-based payment flow. | Array(Object) | Merchant is required to choose at least one of the provided redirect actions, to redirect the customer to Payment Provider side to complete the transaction. |
| name | Short name of the Action object. | String | |
| method | HTTP method used for the action. | String | |
| url | HTTP URL target for the action. | String |
Note
The main result of this step is
redirect_url(or action object'surl) retrieved from the API response.
Status Codes and Errors
| Code | Description | Notes |
|---|---|---|
| 201 | Successful transaction | – |
| 400 | The transaction_details are missing. | Make sure the order_id and gross_amount are included. |
| 413 | There is syntax error. | Check the syntax. |
| 500 | Internal system error occurred. | You can try again later. |
2. Redirecting the customer to bank's web/app
The redirect_url (or action object's url) retrieved from the previous step is used to redirect the customer to the bank's web/app. Using methods such as:
- Server-side redirect,
- Using frontend JavaScript like
window.location=[REDIRECT URL], - Using HTML link
<a href="[REDIRECT URL]">Pay Here!</a>, or - App based redirect depending on your project's mobile platform.
The customer then can complete the actual payment on the Bank's web/app.
For more details, refer to Testing Payment on Sandbox.
3. Configuring landing page
After the customer completes the payment, the bank's website redirects the customer to Finish Redirect URL which can be configured on MAP (Merchant Administration Portal).
Configuring Finish Redirect URL
To configure the Finish Redirect URL, follow the steps given below.
- Login to your MAP account.
- On the Home page, go to SETTINGS > CONFIGURATION.
Configuration page is displayed. - Enter Finish Redirect URL with your landing page endpoint.
- Click Update.
A confirmation message is displayed.
The Finish Redirect URL is configured.
Note
Please make sure the Finish Redirect URL endpoint can receive the POST request .
The sample code in PHP is given below as reference. Please make appropriate changes according to your environment & language.
<?php
$response = $_POST['response']; // retrieve response JSON from HTTP request body
$decoded_response = json_decode($response)
// sample of accessing the attributes;
$order_id = $decoded_response->order_id;
$transaction_status = $decoded_response->transaction_status;
?>
{
"status_code" : "200",
"status_message" : "Success, transaction is found",
"transaction_id" : "58b48d1c-3e51-46f8-a2fb-ad5fa668f534",
"order_id" : "34",
"gross_amount" : "19999998.00",
"payment_type" : "cimb_clicks",
"transaction_time" : "2018-01-26 08:57:45",
"transaction_status" : "settlement",
"approval_code" : "1516957074590",
"signature_key" : "30b048ffff95e08c34cf265268224f0b6460d7716b3d70424a7203609a78b335280fe6137a9938cd3af24533fdafcfe8771203f6f30f21fd141a378bba1685fb"
}
BCA KlikPay Specific
Specific to BCA KlikPay you will need to implement a bit differently :
- First, BCA KlikPay only eligible if you fullfil this list of BCA KlikPay requirements.
- Follow BCA KlikPay landing page development guideline.
- Click here to see detailed sequence diagram on the end-to-end BCA KlikPay flow.
4. Handling post-transaction
When the transaction status changes, you are directly notified about the changes in the transaction through redirect URL and also on merchant backend. Midtrans sends HTTP notification to merchant backend. This ensures that you are updated of the transaction status securely.
HTTP POST request with JSON body is sent to your Payment Notification URL configured on Dashboard.
Configuring Payment Notification URL
To configure the Payment Notification URL, follow the steps given below.
- Login to your MAP account.
- On the Home page, go to SETTINGS > CONFIGURATION.
Configuration page is displayed. - Enter Payment Notification URL.
- Click Update.
A confirmation message is displayed.
The Payment Notification URL is configured.
The sample HTTP notification request received at merchant backend for Direct Debit payment method is given below.
{
"transaction_time": "2019-12-11 16:20:48",
"transaction_status": "settlement",
"transaction_id": "34be81bd-1e4f-46b6-80f0-3e0f29776c63",
"status_message": "midtrans payment notification",
"status_code": "200",
"signature_key": "f75192079b47bb2a55d8307d443388f418d139bd13b447b2521fd9fe7b33ffddf9435afaa212f4ef67452fb2f2f109c1852ddd7567bb2d74cefeb2f5aa995de6",
"settlement_time": "2019-12-11 16:21:38",
"payment_type": "bca_klikpay",
"order_id": "order-101",
"merchant_id": "G812785002",
"gross_amount": "44000.00",
"fraud_status": "accept",
"currency": "IDR",
"approval_code": "112233"
}
{
"transaction_time": "2019-12-11 16:23:18",
"transaction_status": "settlement",
"transaction_id": "89cb0bfd-675b-4d4a-942c-7e19ba66d442",
"status_message": "midtrans payment notification",
"status_code": "200",
"signature_key": "65e02e423cca2618a8d9ec201768438684bbf7218b27ab6f05a2197ce5b3c44fc9f4a157dce5a42d49f3ed6b88ac7a163f7e6b532d876d57a4a9297c5802639c",
"settlement_time": "2019-12-11 16:24:00",
"payment_type": "cimb_clicks",
"order_id": "order-101",
"merchant_id": "G812785002",
"gross_amount": "44000.00",
"currency": "IDR",
"approval_code": "1576142640542"
}
{
"transaction_time": "2019-12-11 16:25:34",
"transaction_status": "settlement",
"transaction_id": "e7eb187b-c54c-4960-8558-a995253d61ca",
"status_message": "midtrans payment notification",
"status_code": "200",
"signature_key": "928775783adf67b0578340dc616a30d2c2b307350475fbfbcc5bc1a5ac94892bb6bb972b7fe2394509c32fd431fd3494a358f25e24456f7414b473989ab1e66f",
"settlement_time": "2019-12-11 16:25:49",
"payment_type": "danamon_online",
"order_id": "order-101p-1576142735",
"merchant_id": "G812785002",
"gross_amount": "44000.00",
"fraud_status": "accept",
"currency": "IDR",
"approval_code": "uRaSu1XAnIm56i"
}
{
"transaction_time": "2019-11-11 15:09:35",
"transaction_status": "settlement",
"transaction_id": "01c03b08-5e77-40d3-b1df-972f20a92e09",
"status_message": "midtrans payment notification",
"status_code": "200",
"signature_key": "f0abe6507f42019839e028f9c5da723ff7c220c962af1f1f8fc25ac5a773c1123fd680602443e7cece83d059b9f9c13078d74cc4a79948214059394ec5d18c4b",
"settlement_time": "2019-11-11 15:13:51",
"payment_type": "bri_epay",
"order_id": "order-101h-1576483775",
"merchant_id": "G812785002",
"gross_amount": "44000.00",
"fraud_status": "accept",
"currency": "IDR",
"approval_code": "1576483775235"
}
{
"transaction_time": "2023-02-14 16:27:01",
"transaction_status": "settlement",
"transaction_id": "8f8d3b27-9811-49e5-bb90-f00717adce37",
"status_message": "midtrans payment notification",
"status_code": "200",
"signature_key": "22e8943bb36ac70846d6cd8bcd74392576a09573f8ca21f1a12bc24d7779f0e5ab4b7f38755bbf195a252c40bfb2eb6d3b7ee6e039155d6ce27b52643984e94a",
"settlement_time": "2023-02-14 16:27:31",
"payment_type": "uob_ezpay",
"order_id": "order-101",
"merchant_id": "G812785002",
"gross_amount": "44000.00",
"fraud_status": "accept",
"expiry_time": "2023-02-14 16:41:01",
"currency": "IDR",
"approval_code": "2302140783059014"
}
See also : HTTP(S) Notification/Webhooks.
Switching to Production Environment
Follow the steps given below to switch to Midtrans Production environment and to accept real payments from real customers.
- Change API domain URL from
api.sandbox.midtrans.comtoapi.midtrans.com. - Use Client Key and Server Key for Production environment. For more details, refer to Retrieving API Access Keys.
Note & Limitation
BRImo Rebranding
Since November 2021 E-Pay BRI has been rebranded as BRImo. If you have it integrated on your side, please adjust your frontend/UI accordingly. For example by changing the text & logo displayed to customer side. As for the backend side, you are not required to change.
Updated 5 months ago