API References
Create AccountSubmit FeedbackAI Assist (BETA)

Cancel API

Initiating cancel for GoPay and GoPay Tokenization (non Pre-Auth) transaction

This section will describe how a merchant can initiate cancel for GoPay and GoPay Tokenization (non-Pre Auth) transactions.

Path/{version}/debit/cancel
HTTP MethodPOST
Versionv1.0
SNAP Service Code57

Request Header

Field Name Field Type Mandatory Field Description
Content-type String M Media type of the resource, i.e. application/json
X-TIMESTAMP String M Client’s current local time in ISO-8601 format
X-SIGNATURE String M Created using symmetric signature HMAC_SHA512 algorithm
Authorization String M Represents access_token of a request; string starts with keyword “Bearer ” followed by access_token. Can get this token from Access Token B2B API response.
X-PARTNER-ID String M Unique identifier for caller
X-EXTERNAL-ID String M

Alphanumeric string. We suggest merchant to use UUID format. The value should be unique.
In case of timeout, merchant can do:

  1. Use this value in get status API to get status transaction or

  2. Retry this request with the same X-EXTERNAL-ID and request body to avoid creating duplicate transaction
CHANNEL-ID String M Mandatory field from Bank Indonesia that can take any value with correct format 5 digits numeric string 
Content-type:application/json
X-TIMESTAMP:2024-03-19T14:30:00+07:00
X-SIGNATURE: da1fa417c72d6b91c257e01e54fac824
Authorization: Bearer gp9HjjEj813Y9JGoqwOeOPWbnt4CupvIJbU1Mmu4a11MNDZ7Sg5u9a
X-PARTNER-ID: BMRI
X-EXTERNAL-ID:12345678901234567890
CHANNEL-ID:12345

Request Body

Field Name Field Type Mandatory Field Description
originalReferenceNo String(64) C Transaction identifier on service provider system. For e.g: GopayOrderId

Note: either originalExternalId or OriginalReferenceNo need to be passed. If both fields have value, we will use originalReferenceNo as the main identifier.

originalExternalId String (36) C If merchant got a timeout when calling charge API (POST /v1.0/debit/payment-host-to-host), merchant can pass the value of X-EXTERNAL-ID in the charge API request header as originalExternalId.

Note: Either originalExternalId or OriginalReferenceNo need to be passed in cancel request.

originalPartnerReferenceNo String (64) M Transaction identifier on service consumer system. For e.g: MerchantOrderId 

{
   "originalReferenceNo" : "gopay-order-id",
   "originalExternalId" : "some-external-id",
   "originalPartnerReferenceNo":"merchant-order-id"
}

Response Header

Field Name Field Type Mandatory Field Description
Content-type String M Media type of the resource, i.e. application/json
X-TIMESTAMP String M Client’s current local time in ISO-8601 format 
Content-type: application/json
X-TIMESTAMP: 2024-03-19T14:30:00+07:00

Response Body

Field Name Field Type Mandatory Field Description
responseCode String (7) M Response code
responseMessage String (150) M Response description
originalReferenceNo String (256) M Transaction identifier on service provider system. For e.g: GopayOrderId
cancelTime String (25) C Cancel time. ISO-8601. Will be sent only if transaction cancellation is successful 
{
   "responseCode":"20057000",
   "responseMessage":"Request has been processed successfully",
   "originalReferenceNo": "2020102977770000000009",
   "cancelTime":"2024-09-03T03:52:14Z"
}

List of Response code

Response Code HTTP Status Code Response Message
2005700 200 Success
4005702 400 Invalid Mandatory Field
4015700 401 Unauthorized.
4015701 401 Invalid Token (B2B)
4035715 403 Transaction Not Permitted.[reason].
5005701 500 Internal Server Error
5045700 504 Timeout

Initiating cancel for GoPay QRIS transaction

This section will describe how a merchant can initiate cancel for GoPay QRIS transactions.

Path/{version}/qr/qr-mpm-cancel
HTTP MethodPOST
Versionv1.0
SNAP Service Code77

Request Header

Field Name Field Type Mandatory Field Description
Content-type String M Media type of the resource, i.e. application/json
X-TIMESTAMP String M Client’s current local time in ISO-8601 format
X-SIGNATURE String M Created using symmetric signature HMAC_SHA512 algorithm
Authorization String M Represents access_token of a request; string starts with keyword “Bearer ” followed by access_token. Can get this token from b2b response.
X-PARTNER-ID String M Unique identifier for caller
X-EXTERNAL-ID String M

Alphanumeric string. We suggest merchant to use UUID format. The value should be unique.
In case of timeout, merchant can do:

  1. Use this value in get status API to get status transaction or

  2. Retry this request with the same X-EXTERNAL-ID and request body to avoid creating duplicate transaction
CHANNEL-ID String M Mandatory field from Bank Indonesia that can take any value with correct format 5 digits numeric string 
Content-type:application/json
X-TIMESTAMP:2024-03-19T14:30:00+07:00
X-SIGNATURE:da1fa417c72d6b91c257e01e54fac824
Authorization:Bearer gp9HjjEj813Y9JGoqwOeOPWbnt4CupvIJbU1Mmu4a11MNDZ7Sg5u9a
X-PARTNER-ID:BMRI
X-EXTERNAL-ID:12345678901234567890
CHANNEL-ID:12345

Request Body

Field Name Field Type Mandatory Field Description
originalPartnerReferenceNo String(64) O Transaction identifier on service consumer system. For e.g: MerchantOrderId
originalReferenceNo String(64) O Transaction identifier on service provider system. For e.g: GopayOrderId

Note: either originalExternalId or OriginalReferenceNo need to be filled

If both fields have value, will use originalReferenceNo as the main identifier.

originalExternalId String(32) O Original External-ID on header message
merchantId String(64) M Merchant identifier that is unique per each merchant
subMerchantId String(32) O Sub merchant ID
externalStoreId String(64) O Externals store ID
reason String(256) M Reason for cancellation
amount Object O Amount object
amount.value String (ISO 4217) (16,2) O Net amount of the cancel. If it's IDR then the value includes 2 decimal digits.

e.g. IDR 10.000,- will be placed with 10000.00

amount.currency String (2) O Currency.
additionalInfo Object O Additional information if merchant’s need to pass. 
{
   "originalPartnerReferenceNo":"2020102900000000000001",
   "originalReferenceNo":"2020102977770000000009",
   "originalExternalId":"30443786930722726463280097920912",
   "merchantId":"00007100010926",
   "subMerchantId":"310928924949487",
   "externalStoreId":"124928924949487",
   "reason":"cancel reason",
   "amount":{
      "value":"10000.00",
      "currency":"IDR"
   },
   "additionalInfo":{
      "deviceId":"12345679237",
      "channel":"mobilephone"
   }
}

Response Header

Field Name Field Type Mandatory Field Description
Content-type String M Media type of the resource, i.e. application/json
X-TIMESTAMP String M Client’s current local time in ISO-8601 format 
Content-type:application/json
X-TIMESTAMP:2024-03-19T14:30:00+07:00

Response Body

Field Name Field Type Mandatory Field Description
responseCode String (7) M Response code
responseMessage String(150) M Response description
originalPartnerReferenceNo String(64) O Original transaction identifier on merchant
originalReferenceNo String(64) C Original transaction identifier on GoPay
originalExternalId String(32) O Original customer reference number
cancelTime String(25) C Cancel time. ISO 8601
transactionDate yyyyMMddHHmmss O Transaction Date
additionalInfo Object O Additional information if merchant’s need to pass. 
{
   "responseCode":"2007700",
   "responseMessage":"Request has been processed successfully",
   "originalPartnerReferenceNo":"2020102900000000000001",
   "originalReferenceNo":"2020102977770000000009",
   "originalExternalId":"30443786930722726463280097920912",
   "cancelTime":"2020-10-20T17:56:57",
   "transactionDate":"2020-10-20 17:56:57",
   "additionalInfo":{
      "deviceId":"12345679237",
      "channel":"mobilephone"
   }

Initiating cancel for GoPay Tokenization (Pre Auth) transaction

This section will describe how a merchant can release/cancel authorized transactions for GoPay Tokenization (Pre-Auth) transactions.

Path/v1.0/auth/void
HTTP MethodPOST
Versionv1.0
SNAP Service Code67

Request Header

Field Name Field Type Mandatory Field Description
Content-type String M Media type of the resource, i.e. application/json
X-TIMESTAMP String M Client’s current local time in ISO-8601 format
X-SIGNATURE String M Created using symmetric signature HMAC_SHA512 algorithm
Authorization String M Represents access_token of a request; string starts with keyword “Bearer ” followed by access_token. Can get this token from Access Token B2B API response.
X-PARTNER-ID String M Unique identifier for caller (client_id)
X-EXTERNAL-ID String M

Alphanumeric string. We suggest merchant to use UUID format. The value should be unique.
In case of timeout, merchant can do:

  1. Use this value in get status API to get status transaction or

  2. Retry this request with the same X-EXTERNAL-ID and request body to avoid creating duplicate transaction
CHANNEL-ID String M Mandatory field from Bank Indonesia that can take any value with correct format 5 digits numeric string 
Content-type:application/json
X-TIMESTAMP:2024-03-19T14:30:00+07:00
X-SIGNATURE: da1fa417c72d6b91c257e01e54fac824
Authorization: Bearer gp9HjjEj813Y9JGoqwOeOPWbnt4CupvIJbU1Mmu4a11MNDZ7Sg5u9a
X-PARTNER-ID: BMRI
X-EXTERNAL-ID:12345678901234567890
CHANNEL-ID:12345

Request Body

Field Name Field Type Mandatory Field Description
originalReferenceNo String(64) C Transaction identifier on service provider system. For e.g: GopayOrderId

Note: either originalExternalId or OriginalReferenceNo need to be filled

If both fields have value, will use originalReferenceNo as the main identifier.

originalPartnerReferenceNo String (64) M Merchant order-id
merchantId String(64) M Merchant ID
partnerVoidNo String (64) M Void identifier generated by the partner
reason String (256) O Void reason
additionalInfo
additionalInfo.originalExternalId String (36) C If merchant got a timeout from the auth endpoint, merchant can use this field using the X-EXTERNAL-ID value in the direct debit request header.

Note: either originalExternalId or OriginalReferenceNo need to be filled 

{
   "originalReferenceNo":"2020102900000000000001",
   "originalPartnerReferenceNo":"123123123123",
   "partnerVoidNo":"asdv-asdasdv-addasd-1231ewqqw-aaaa",
   "merchantId":"merch00001"
   "title":"aTitle",
   "additionalData":{
          "originalExternalId":"aId",
}
}

Response Header

Field Name Field Type Mandatory Field Description
Content-type String M Media type of the resource, i.e. application/json
X-TIMESTAMP String M Client’s current local time in ISO-8601 format 
Content-type: application/json
X-TIMESTAMP: 2024-03-19T14:30:00+07:00

Response Body

Field Name Field Type Mandatory Field Description
responseCode String (7) M Error code to specify the error returned.
responseMessage String (150) M Debug message to provide more information.
originalReferenceNo String (256) O Transaction identifier on service provider system. For e.g: GopayOrderId
originalPartnerReferenceNo String (32) O Transaction identifier on service consumer system
voidNo String (64) C PJSP's void identifier. Used to trace the capture when there's any issue occurred.
partnerVoidNo String (64) M Void identifier generated by the partner
voidAmount Object O
voidAmount.value String (16,2) O Transaction amount that will be paid using this payment method If it's IDR then value includes 2 decimal digits.

e.g. IDR 10.000,- will be placed with 10000.00

voidAmount.currency String O Currency. For e.g: IDR 
{
   "responseCode":"20054000",
   "responseMessage":"Request has been processed successfully",
    "originalReferenceNo":"2020102900000000000001",
   "originalPartnerReferenceNo":"123123123123",
   "voidNo":"asdv-asdasdv-addasd-1231ewqqw-aaaa",
    "partnerVoidNo":"asdv-asdasdv-addasd-1231ewqqw-aaaa",
   "voidAmount":{
  	"value":"12345678.00",
  	"currency":"IDR"
   }
}

{
   "responseCode":"4006701",
   "responseMessage":"There is some issue with the transaction request"
}

List of Response code

Response Code HTTP Status Code Response Message
2006700 200 Success
4006702 400 Invalid Mandatory Field {Field Name}
4016700 401 Unauthorized. Auth token required
4016701 401 Invalid Token (B2B)
4036515 403 Transaction Not Permitted.[reason].
5006701 500 Internal Server Error
5046700 504 Timeout

Initiating cancel for bank transfer (virtual account) transaction

This section will describe how a merchant can cancel bank transfer (virtual account) transactions.

Path/{version}/transfer-va/delete-va
HTTP MethodPOST
Versionv1.0
SNAP service code31

Request Header

Field Name Field Type Mandatory Field Description
Content-Type String M Represent media type of request e.g “application/json”
X-TIMESTAMP String(25) M Client's current local time in “yyyy-MM-ddTHH:mm:ssZ” format
Authorization String M Bearer token obtained from Access Token API in the format Bearer AccessToken
X-SIGNATURE String M Created using symmetric signature HMAC_SHA512 algorithm
X-PARTNER-ID String M Unique identifier for partner
CHANNEL-ID String M Mandatory field from Bank Indonesia that can take any value with correct format 5 digits numeric string
X-EXTERNAL-ID String M

Alphanumeric string. We suggest merchant to use UUID format. The value should be unique.
In case of timeout, merchant can do:

  1. Use this value in get status API to get status transaction or

  2. Retry this request with the same X-EXTERNAL-ID and request body to avoid creating duplicate transaction

 
X-TIMESTAMP 2022-03-04T08:02:09+07:00
X-SIGNATURE yqmBXZ3yV6NPG1LtwXMm3quXzJMRX5Ms+r9ebc5xWIZGSKbZL3Oy871GHb7WQUucLa5nxN/HcnZYoNHc+KkWTQ==
X-PARTNER-ID 668052e34f194aa8be79e15a21e4fc2f
X-EXTERNAL-ID 91919644194391346361915387229113
CHANNEL-ID 95221
Authorization Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIxMmUzODE4Mi00YjIxLTQ0YWMtOTVkNi1mMjFhMjEwZmIxZTAiLCJjbGllbnRJZCI6IjY2ODA1MmUzNGYxOTRhYThiZTc5ZTE1YTIxZTRmYzJmIiwibmJmIjoxNjYzODQwNTU5LCJleHAiOjE2NjM4NDE0NTksImlhdCI6MTY2Mzg0MDU1OX0.fEr0vIbB2kY8alZ-SROl3ftAFbfRd0uU-lGq9XuFi8M
Content-Type application/json

Request Body

Field Name Field Type Mandatory Field Description
partnerServiceId M String(8) Derivative of X- PARTNER- ID, similar to company code, 8 digit left padding space.
customerNo M String(20) Unique number (up to 20 digits).
virtualAccountNo M String(28) partnerServiceId + customerNo (up to 20 digits).
trxId M String(64) Transaction ID in Partner system
additionalInfo O Object
additionalInfo.merchantId M String Merchant ID 
{
  "partnerServiceId":"  088899",
  "customerNo":"12345678901234567890",
  "virtualAccountNo":"  08889912345678901234567890",
  "trxId":"91919644194391346361915387229113",
  "additionalInfo": {
    "merchant_id": "G12345463"
  }
}

Response Header

Field NameField TypeMandatoryField Description
Content-TypeStringMMedia type of the resource, i.e application/json
X-TIMESTAMPStringMClient's current local time in ISO-8601
Content-type:application/json
X-TIMESTAMP:2024-03-19T14:30:00+07:00

Response Body

Field Name Field Type Mandatory Field Description
responseCode String M Response code
responseMessage String M Response description
virtualAccountData.partnerServiceId String M Derivative of X- PARTNER- ID, similar to company code, 8 digit left padding space.
virtualAccountData.customerNo String M Unique number (up to 20 digits).
virtualAccountData.virtualAccountNo String M partnerServiceId (8 digit left padding 0) + customerNo (up to 20 digits).
virtualAccountData.trxId String M Transaction ID in Partner system
additionalInfo Object O 
{
   "responseCode": "2003100",
   "responseMessage": "Success",
   "virtualAccountData":{
     "partnerServiceId":"  088899",
     "customerNo":"12345678901234567890",
     "virtualAccountNo":"  08889912345678901234567890",
     "trxId":"91919644194391346361915387229113",
     "additionalInfo":{} 
    }
}