Integration: Direct Debit Payment

❗️

Deprecation Notice

The Direct Debit products and features described on this page are no longer officially supported for an indefinite period.

This page will no longer appear publicly in normal navigation, but will remain accessible via a direct link for archival purposes. You may proceed to use the information on this page, but please be aware that the content's accuracy is not guaranteed.

Direct Debit is one of the payment methods offered by Midtrans. Using this payment method, the customer can pay using their E-Banking debit account. Midtrans sends real-time notifications when the customer completes the payment. Currently, Midtrans can integrate with the following Direct Debit payment methods such as BCA KlikPay, CIMB Clicks, Danamon Online Banking, and BRImo (previously known as e-Pay BRI).


Sequence Diagram Transaction Flow

📘

UOB EZPay Integration Guide

Guide coming soon for UOB EZPay. In the meantime, please refer to UOB EZPay Core API Reference



Sandbox Environment


The steps given below uses Midtrans Sandbox environment to test the integration process. Please make sure that you use the Server Key and Client Key for the Sandbox environment. For more details, refer to Retrieving API Access Keys.



Steps for Integration


To integrate with Direct Debit payment method, follow the steps given below.


1. Sending transaction data to Charge API

The Charge API request is sent with the transaction details, from the merchant backend.


Request Details


HTTP Headers

Accept: application/json
Content-Type: application/json
Authorization: Basic AUTH_STRING

AUTH_STRING: Base64Encode("YourServerKey"+":")

📘

Midtrans API validates HTTP request by using Basic Authentication method. The username is your Server Key while the password is empty. The authorization header value is represented by AUTH_STRING. AUTH_STRING is base-64 encoded string of your username and password separated by colon symbol (:). For more details, refer to API Authorization and Headers.


Sample Request

The sample CURL request for Charge API for Direct Debit payment methods are shown below. You may implement according to your backend language. For more details, refer to available Language Libraries.

curl -X POST \
  https://api.sandbox.midtrans.com/v2/charge \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <YOUR SERVER KEY ENCODED in Base64>' \
  -H 'Content-Type: application/json' \
  -d '{
  "payment_type": "bca_klikpay",
  "transaction_details": {
      "order_id": "order-101",
      "gross_amount": 44000
  },
  "bca_klikpay": {
      "description": "Pembelian Barang"
  }
}'
curl -X POST \
  https://api.sandbox.midtrans.com/v2/charge \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <YOUR SERVER KEY ENCODED in Base64>' \
  -H 'Content-Type: application/json' \
  -d '{
  "payment_type": "cimb_clicks",
  "transaction_details": {
      "order_id": "order-101",
      "gross_amount": 44000
  },
  "cimb_clicks": {
      "description": "Purchase of a Food Delivery"
  }
}'
curl -X POST \
  https://api.sandbox.midtrans.com/v2/charge \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <YOUR SERVER KEY ENCODED in Base64>' \
  -H 'Content-Type: application/json' \
  -d '{
  "payment_type": "danamon_online",
  "transaction_details": {
      "order_id": "order-101",
      "gross_amount": 44000
  }
}'
curl -X POST \
  https://api.sandbox.midtrans.com/v2/charge \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <YOUR SERVER KEY ENCODED in Base64>' \
  -H 'Content-Type: application/json' \
  -d '{
  "payment_type": "bri_epay",
  "transaction_details": {
      "order_id": "order-101",
      "gross_amount": 44000
  }
}'
curl -X POST \
  https://api.sandbox.midtrans.com/v2/charge \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <YOUR SERVER KEY ENCODED in Base64>' \
  -H 'Content-Type: application/json' \
  -d '{
  "payment_type": "uob_ezpay",
  "transaction_details": {
      "order_id": "order-101",
      "gross_amount": 44000
  },
  "uob_ezpay": {
      "callback_url": "https://myshop.com/after-payment/?order_id=order-101"
   }
}'
POST JSON Body Attribute Description
ElementDescriptionTypeRequired
payment_typeDirect Debit payment type.StringRequired
transaction_detailsThe details of the transaction like the order_id and gross_amount.ObjectRequired
order_idThe order_id of the transaction.StringRequired
gross_amountThe total amount of transaction.LongRequired

📘

Tips

You can include more information such as customer_details, item_details, and so on. It is recommended to send more details regarding the transaction, so that these details will be captured on the transaction record. Which can be viewed on the Midtrans Dashboard.


Learn more on why this API request should be securely managed from your backend.


Sample Response and Response Body

The sample API responses and a description of the response body for the available Direct Debit payment methods are shown below.

{
    "status_code": "201",
    "status_message": "OK, BCA KlikPay transaction is successful",
    "transaction_id": "d19a4bcd-ae30-49dc-bde7-57749aede090",
    "order_id": "order-101",
    "redirect_url": "https://api.sandbox.veritrans.co.id/v3/bca/klikpay/redirect/d19a4bcd-ae30-49dc-bde7-57749aede090",
    "merchant_id": "G812785002",
    "gross_amount": "44000.00",
    "currency": "IDR",
    "payment_type": "bca_klikpay",
    "transaction_time": "2019-12-12 11:03:55",
    "transaction_status": "pending",
    "fraud_status": "accept",
}
{
    "status_code": "201",
    "status_message": "Success, CIMB Clicks transaction is successful",
    "redirect_url": "https://api.sandbox.veritrans.co.id/cimb-clicks/request?id=2e8f8ddd-c61a-4d5f-83ad-429432383057",
    "transaction_id": "2e8f8ddd-c61a-4d5f-83ad-429432383057",
    "order_id": "order-101i-1576124787",
    "gross_amount": "44000.00",
    "currency": "IDR",
    "payment_type": "cimb_clicks",
    "transaction_time": "2019-11-11 11:26:27",
    "transaction_status": "pending",
    "merchant_id": "G812785002"
}
{
    "status_code": "201",
    "status_message": "Success, Danamon Online transaction is successful",
    "transaction_id": "9da1c095-81b2-40d3-8285-8d27c60ae56e",
    "order_id": "order-101p-1576124871",
    "redirect_url": "https://api.sandbox.veritrans.co.id/v2/danamon/online/redirect/9da1c095-81b2-40d3-8285-8d27c60ae56e",
    "merchant_id": "G812785002",
    "gross_amount": "44000.00",
    "currency": "IDR",
    "payment_type": "danamon_online",
    "transaction_time": "2019-11-11 11:27:50",
    "transaction_status": "pending",
    "fraud_status": "accept"
}
{
    "status_code": "201",
    "status_message": "Success, BRI E-Pay transaction is successful",
    "transaction_id": "01c03b08-5e77-40d3-b1df-972f20a92e09",
    "order_id": "order-101",
    "redirect_url": "https://api.sandbox.veritrans.co.id/v3/bri/epay/redirect/01c03b08-5e77-40d3-b1df-972f20a92e09",
    "merchant_id": "G812785002",
    "gross_amount": "44000.00",
    "currency": "IDR",
    "payment_type": "bri_epay",
    "transaction_time": "2019-11-11 15:09:35",
    "transaction_status": "pending",
    "fraud_status": "accept"
}
{
  "status_code": "201",
  "status_message": "Success, UOB Ez Pay transaction is successful",
  "transaction_id": "6bc2a16f-2e5d-456f-8b7b-fdc52eec275f",
  "order_id": "order-101",
  "merchant_id": "G812785002",
  "gross_amount": "44000.00",
  "currency": "IDR",
  "payment_type": "uob_ezpay",
  "transaction_time": "2023-02-14 13:54:39",
  "transaction_status": "pending",
  "fraud_status": "accept",
  "actions": [
    {
      "name": "web-redirect-url",
      "method": "GET",
      "url": "https://simulator.sandbox.midtrans.com/uob/ezpay/web?clientId=Midtrans&type=JWT&signature=..."
    },
    {
      "name": "mobile-redirect-url",
      "method": "GET",
      "url": "https://simulator.sandbox.midtrans.com/uob/ezpay/mobile?link=https://simulator.sandbox.midtrans.com/?clientId%3DMidtrans%26signature%3D...&type=JWT&apn=com.uob.id.digitalbank.uat&isi=1472320289&ibi=com.uob.id.digitalbank.uat"
    }
  ],
  "expiry_time": "2023-02-14 14:08:39"
}

Response Body JSON Attribute Description for BCA KlikPay
ElementDescriptionTypeNotes
status_codeThis is the status of the API call.StringFor more details, refer to Error Code and Response Code.
status_messageA message from BCA KlikPay describing the status of the transaction.String
transaction_idThe Transaction ID of the specific transaction.String
order_idThe specific Order ID.String
redirect_urlThe URL to which the customer is redirected from the bank's website.String
merchant_idYour merchant ID.String
gross_amountThe total amount of transaction for the specific order.String
currencyThe unit of currency used for the transaction.String
payment_typeThe type of payment method used.String
transaction_timeThe date and time at which the transaction occurred.StringIt is in the format, YYYY-MM-DD HH:MM:SS.
Time zone: Western Indonesian Time (GMT+7).
transaction_statusThe transaction status of the transaction.StringFor more details, refer to Transaction Status.
fraud_statusThe fraud status of the transaction.StringFor more details, refer to Fraud Status.
redirect_dataTechnical information from BCA such as transaction number, total amount, currency, and so on.Object
Response Body JSON Attribute Description for CIMBClicks/OctoClicks
ElementDescriptionTypeNotes
status_codeThis is the status of the API call.StringFor more details, refer to Error Code and Response Code.
status_messageA message from CIMB Clicks describing the status of the transaction.String
redirect_urlThe URL to which the customer is redirected from the bank's website.String
transaction_idThe Transaction ID of the specific transaction.String
order_idThe specific Order ID.String
gross_amountThe total amount of transaction for the specific order.String
currencyThe unit of currency used for the transaction.String
payment_typeThe type of payment method used by the customer for the transaction.String
transaction_timeThe date and time at which the transaction occurred.StringIt is in the format, YYYY-MM-DD HH:MM:SS.
Time zone: Western Indonesian Time (GMT+7).
transaction_statusThe status of the transaction.StringFor more details, refer to Transaction Status.
merchant_idYour merchant ID.String
Response Body JSON Attribute Description for Danamon Online Banking
ElementDescriptionTypeNotes
status_codeThis is the status of the API call.StringFor more details, refer to Error Code and Response Code.
status_messageA message from Danamon Online Bank describing the status of the transaction.String
transaction_idThe Transaction ID of the specific transaction.String
order_idThe specific Order ID.String
redirect_urlThe URL to which the customer is redirected from the bank's website.String
merchant_idYour merchant ID.String
gross_amountThe total amount of transaction for the specific order.String
currencyThe unit of currency used for the transaction.String
payment_typeThe type of payment method used by the customer for the transaction.String
transaction_timeThe date and time at which the transaction occurred.StringIt is in the format, YYYY-MM-DD HH:MM:SS.
Time zone: Western Indonesian Time (GMT+7).
transaction_statusThe status of the transaction.StringFor more details, refer to Transaction Status.
fraud_statusThe fraud status of the transaction.StringFor more details, refer to Fraud Status.
Response Body JSON Attribute Description for BRIMo
ElementDescriptionTypeNotes
status_codeThis is the status of the API call.StringFor more details, refer to Error Code and Response Code.
status_messageA message from BRImo describing the status of the transaction.String
transaction_idThe Transaction ID of the specific transaction.String
order_idThe specific Order ID.String
redirect_urlThe URL to which the customer is redirected from the bank's website.String
merchant_idYour merchant IDString
gross_amountThe total amount of transaction for the specific order.String
currencyThe unit of currency used for the transaction.String
payment_typeThe type of payment method used by the customer for the transaction.String
transaction_timeThe date and time at which the transaction occurred.StringIt is in the format, YYYY-MM-DD HH:MM:SS.
Time zone: Western Indonesian Time (GMT+7).
transaction_statusThe transaction status of the transaction.StringFor more details, refer to Transaction Status.
fraud_statusThe fraud status of the transaction.StringFor more details, refer to Fraud Status.
Response Body JSON Attribute Description for UOB EzPay
ElementDescriptionTypeNotes
status_codeThis is the status of the API call.StringFor more details, refer to Error Code and Response Code.
status_messageA message from BRImo describing the status of the transaction.String
transaction_idThe Transaction ID of the specific transaction.String
order_idThe specific Order ID.String
merchant_idYour merchant IDString
gross_amountThe total amount of transaction for the specific order.String
currencyThe unit of currency used for the transaction.String
payment_typeThe type of payment method used by the customer for the transaction.String
transaction_timeThe date and time at which the transaction occurred.StringIt is in the format, YYYY-MM-DD HH:MM:SS.
Time zone: Western Indonesian Time (GMT+7).
transaction_statusThe transaction status of the transaction.StringFor more details, refer to Transaction Status.
fraud_statusThe fraud status of the transaction.StringFor more details, refer to Fraud Status.
actionsActions which can be performed with this transaction. Merchant is required to choose at least one of the provided redirect actions, to redirect the customer to Bank web/app to complete the transaction: Use web-deeplink-redirect action for web-based payment flow; or Use mobile-deeplink-redirect action for mobile-app-based payment flow.Array(Object)Merchant is required to choose at least one of the provided redirect actions, to redirect the customer to Payment Provider side to complete the transaction.
    nameShort name of the Action object.String
    methodHTTP method used for the action.String
    urlHTTP URL target for the action.String

📘

Note

The main result of this step is redirect_url (or action object's url) retrieved from the API response.


Status Codes and Errors

CodeDescriptionNotes
201Successful transaction
400The transaction_details are missing.Make sure the order_id and gross_amount are included.
413There is syntax error.Check the syntax.
500Internal system error occurred.You can try again later.

2. Redirecting the customer to bank's web/app


The redirect_url (or action object's url) retrieved from the previous step is used to redirect the customer to the bank's web/app. Using methods such as:

  • Server-side redirect,
  • Using frontend JavaScript like window.location=[REDIRECT URL],
  • Using HTML link <a href="[REDIRECT URL]">Pay Here!</a>, or
  • App based redirect depending on your project's mobile platform.

The customer then can complete the actual payment on the Bank's web/app.

For more details, refer to Testing Payment on Sandbox.


3. Configuring landing page


After the customer completes the payment, the bank's website redirects the customer to Finish Redirect URL which can be configured on MAP (Merchant Administration Portal).

Configuring Finish Redirect URL

To configure the Finish Redirect URL, follow the steps given below.

  1. Login to your MAP account.
  2. On the Home page, go to SETTINGS > CONFIGURATION.
    Configuration page is displayed.
  3. Enter Finish Redirect URL with your landing page endpoint.
  4. Click Update.
    A confirmation message is displayed.


The Finish Redirect URL is configured.

📘

Note

Please make sure the Finish Redirect URL endpoint can receive the POST request .


The sample code in PHP is given below as reference. Please make appropriate changes according to your environment & language.

<?php
    $response = $_POST['response']; // retrieve response JSON from HTTP request body
    $decoded_response = json_decode($response)
    // sample of accessing the attributes;
    $order_id = $decoded_response->order_id; 
    $transaction_status = $decoded_response->transaction_status;
?>
{
    "status_code" : "200",
    "status_message" : "Success, transaction is found",
    "transaction_id" : "58b48d1c-3e51-46f8-a2fb-ad5fa668f534",
    "order_id" : "34",
    "gross_amount" : "19999998.00",
    "payment_type" : "cimb_clicks",
    "transaction_time" : "2018-01-26 08:57:45",
    "transaction_status" : "settlement",
    "approval_code" : "1516957074590",
    "signature_key" : "30b048ffff95e08c34cf265268224f0b6460d7716b3d70424a7203609a78b335280fe6137a9938cd3af24533fdafcfe8771203f6f30f21fd141a378bba1685fb"
}

BCA KlikPay Specific

Specific to BCA KlikPay you will need to implement a bit differently :


4. Handling post-transaction

When the transaction status changes, you are directly notified about the changes in the transaction through redirect URL and also on merchant backend. Midtrans sends HTTP notification to merchant backend. This ensures that you are updated of the transaction status securely.

HTTP POST request with JSON body is sent to your Payment Notification URL configured on Dashboard.


Configuring Payment Notification URL

To configure the Payment Notification URL, follow the steps given below.

  1. Login to your MAP account.
  2. On the Home page, go to SETTINGS > CONFIGURATION.
    Configuration page is displayed.
  3. Enter Payment Notification URL.
  4. Click Update.
    A confirmation message is displayed.


The Payment Notification URL is configured.

The sample HTTP notification request received at merchant backend for Direct Debit payment method is given below.

{
  "transaction_time": "2019-12-11 16:20:48",
  "transaction_status": "settlement",
  "transaction_id": "34be81bd-1e4f-46b6-80f0-3e0f29776c63",
  "status_message": "midtrans payment notification",
  "status_code": "200",
  "signature_key": "f75192079b47bb2a55d8307d443388f418d139bd13b447b2521fd9fe7b33ffddf9435afaa212f4ef67452fb2f2f109c1852ddd7567bb2d74cefeb2f5aa995de6",
  "settlement_time": "2019-12-11 16:21:38",
  "payment_type": "bca_klikpay",
  "order_id": "order-101",
  "merchant_id": "G812785002",
  "gross_amount": "44000.00",
  "fraud_status": "accept",
  "currency": "IDR",
  "approval_code": "112233"
}
{
  "transaction_time": "2019-12-11 16:23:18",
  "transaction_status": "settlement",
  "transaction_id": "89cb0bfd-675b-4d4a-942c-7e19ba66d442",
  "status_message": "midtrans payment notification",
  "status_code": "200",
  "signature_key": "65e02e423cca2618a8d9ec201768438684bbf7218b27ab6f05a2197ce5b3c44fc9f4a157dce5a42d49f3ed6b88ac7a163f7e6b532d876d57a4a9297c5802639c",
  "settlement_time": "2019-12-11 16:24:00",
  "payment_type": "cimb_clicks",
  "order_id": "order-101",
  "merchant_id": "G812785002",
  "gross_amount": "44000.00",
  "currency": "IDR",
  "approval_code": "1576142640542"
}
{
   "transaction_time": "2019-12-11 16:25:34",
   "transaction_status": "settlement",
   "transaction_id": "e7eb187b-c54c-4960-8558-a995253d61ca",
   "status_message": "midtrans payment notification",
   "status_code": "200",
   "signature_key": "928775783adf67b0578340dc616a30d2c2b307350475fbfbcc5bc1a5ac94892bb6bb972b7fe2394509c32fd431fd3494a358f25e24456f7414b473989ab1e66f",
   "settlement_time": "2019-12-11 16:25:49",
   "payment_type": "danamon_online",
   "order_id": "order-101p-1576142735",
   "merchant_id": "G812785002",
   "gross_amount": "44000.00",
   "fraud_status": "accept",
   "currency": "IDR",
   "approval_code": "uRaSu1XAnIm56i"
 }
{
  "transaction_time": "2019-11-11 15:09:35",
  "transaction_status": "settlement",
  "transaction_id": "01c03b08-5e77-40d3-b1df-972f20a92e09",
  "status_message": "midtrans payment notification",
  "status_code": "200",
  "signature_key": "f0abe6507f42019839e028f9c5da723ff7c220c962af1f1f8fc25ac5a773c1123fd680602443e7cece83d059b9f9c13078d74cc4a79948214059394ec5d18c4b",
  "settlement_time": "2019-11-11 15:13:51",
  "payment_type": "bri_epay",
  "order_id": "order-101h-1576483775",
  "merchant_id": "G812785002",
  "gross_amount": "44000.00",
  "fraud_status": "accept",
  "currency": "IDR",
  "approval_code": "1576483775235"
}
{
	"transaction_time": "2023-02-14 16:27:01",
	"transaction_status": "settlement",
	"transaction_id": "8f8d3b27-9811-49e5-bb90-f00717adce37",
	"status_message": "midtrans payment notification",
	"status_code": "200",
	"signature_key": "22e8943bb36ac70846d6cd8bcd74392576a09573f8ca21f1a12bc24d7779f0e5ab4b7f38755bbf195a252c40bfb2eb6d3b7ee6e039155d6ce27b52643984e94a",
	"settlement_time": "2023-02-14 16:27:31",
	"payment_type": "uob_ezpay",
	"order_id": "order-101",
	"merchant_id": "G812785002",
	"gross_amount": "44000.00",
	"fraud_status": "accept",
	"expiry_time": "2023-02-14 16:41:01",
	"currency": "IDR",
	"approval_code": "2302140783059014"
}

See also : HTTP(S) Notification/Webhooks.



Switching to Production Environment


Follow the steps given below to switch to Midtrans Production environment and to accept real payments from real customers.

  1. Change API domain URL from api.sandbox.midtrans.com to api.midtrans.com.
  2. Use Client Key and Server Key for Production environment. For more details, refer to Retrieving API Access Keys.


Note & Limitation


BRImo Rebranding

Since November 2021 E-Pay BRI has been rebranded as BRImo. If you have it integrated on your side, please adjust your frontend/UI accordingly. For example by changing the text & logo displayed to customer side. As for the backend side, you are not required to change.