Cancel API

Initiating cancel for GoPay and GoPay Tokenization (non Pre-Auth) transaction

This section will describe how a merchant can initiate cancel for GoPay and GoPay Tokenization (non-Pre Auth) transactions.

Path	/{version}/debit/cancel
HTTP Method	POST
Version	v1.0
SNAP Service Code	57

Request Header

Field Name	Field Type	Mandatory	Field Description
Content-type	String	M	Media type of the resource, i.e. application/json
X-TIMESTAMP	String	M	Client’s current local time in ISO-8601 format
X-SIGNATURE	String	M	Created using symmetric signature HMAC_SHA512 algorithm
Authorization	String	M	Represents access_token of a request; string starts with keyword “Bearer ” followed by access_token. Can get this token from Access Token B2B API response.
X-PARTNER-ID	String	M	Unique identifier for caller
X-EXTERNAL-ID	String	M	Alphanumeric string. We suggest merchant to use UUID format. The value should be unique. In case of timeout, merchant can do: Use this value in get status API to get status transaction or Retry this request with the same X-EXTERNAL-ID and request body to avoid creating duplicate transaction
CHANNEL-ID	String	M	Mandatory field from Bank Indonesia that can take any value with correct format 5 digits numeric string

Content-type:application/json
X-TIMESTAMP:2024-03-19T14:30:00+07:00
X-SIGNATURE: da1fa417c72d6b91c257e01e54fac824
Authorization: Bearer gp9HjjEj813Y9JGoqwOeOPWbnt4CupvIJbU1Mmu4a11MNDZ7Sg5u9a
X-PARTNER-ID: BMRI
X-EXTERNAL-ID:12345678901234567890
CHANNEL-ID:12345

Request Body

Field Name	Field Type	Mandatory	Field Description
originalReferenceNo	String(64)	C	Transaction identifier on service provider system. For e.g: GopayOrderId Note: either originalExternalId or OriginalReferenceNo need to be passed. If both fields have value, we will use originalReferenceNo as the main identifier.
originalExternalId	String (36)	C	If merchant got a timeout when calling charge API (POST /v1.0/debit/payment-host-to-host), merchant can pass the value of X-EXTERNAL-ID in the charge API request header as originalExternalId. Note: Either originalExternalId or OriginalReferenceNo need to be passed in cancel request.
originalPartnerReferenceNo	String (64)	M	Transaction identifier on service consumer system. For e.g: MerchantOrderId

{
   "originalReferenceNo" : "gopay-order-id",
   "originalExternalId" : "some-external-id",
   "originalPartnerReferenceNo":"merchant-order-id"
}

Response Header

Field Name	Field Type	Mandatory	Field Description
Content-type	String	M	Media type of the resource, i.e. application/json
X-TIMESTAMP	String	M	Client’s current local time in ISO-8601 format

Content-type: application/json
X-TIMESTAMP: 2024-03-19T14:30:00+07:00

Response Body

Field Name	Field Type	Mandatory	Field Description
responseCode	String (7)	M	Response code
responseMessage	String (150)	M	Response description
originalReferenceNo	String (256)	M	Transaction identifier on service provider system. For e.g: GopayOrderId
cancelTime	String (25)	C	Cancel time. ISO-8601. Will be sent only if transaction cancellation is successful

{
   "responseCode":"20057000",
   "responseMessage":"Request has been processed successfully",
   "originalReferenceNo": "2020102977770000000009",
   "cancelTime":"2024-09-03T03:52:14Z"
}

List of Response code

Response Code	HTTP Status Code	Response Message
2005700	200	Success
4005702	400	Invalid Mandatory Field
4015700	401	Unauthorized.
4015701	401	Invalid Token (B2B)
4035715	403	Transaction Not Permitted.[reason].
5005701	500	Internal Server Error
5045700	504	Timeout

Initiating cancel for GoPay QRIS transaction

This section will describe how a merchant can initiate cancel for GoPay QRIS transactions.

Path	/{version}/qr/qr-mpm-cancel
HTTP Method	POST
Version	v1.0
SNAP Service Code	77

Request Header

Field Name	Field Type	Mandatory	Field Description
Content-type	String	M	Media type of the resource, i.e. application/json
X-TIMESTAMP	String	M	Client’s current local time in ISO-8601 format
X-SIGNATURE	String	M	Created using symmetric signature HMAC_SHA512 algorithm
Authorization	String	M	Represents access_token of a request; string starts with keyword “Bearer ” followed by access_token. Can get this token from b2b response.
X-PARTNER-ID	String	M	Unique identifier for caller
X-EXTERNAL-ID	String	M	Alphanumeric string. We suggest merchant to use UUID format. The value should be unique. In case of timeout, merchant can do: Use this value in get status API to get status transaction or Retry this request with the same X-EXTERNAL-ID and request body to avoid creating duplicate transaction
CHANNEL-ID	String	M	Mandatory field from Bank Indonesia that can take any value with correct format 5 digits numeric string

Content-type:application/json
X-TIMESTAMP:2024-03-19T14:30:00+07:00
X-SIGNATURE:da1fa417c72d6b91c257e01e54fac824
Authorization:Bearer gp9HjjEj813Y9JGoqwOeOPWbnt4CupvIJbU1Mmu4a11MNDZ7Sg5u9a
X-PARTNER-ID:BMRI
X-EXTERNAL-ID:12345678901234567890
CHANNEL-ID:12345

Request Body

Field Name	Field Type	Mandatory	Field Description
originalPartnerReferenceNo	String(64)	O	Transaction identifier on service consumer system. For e.g: MerchantOrderId
originalReferenceNo	String(64)	O	Transaction identifier on service provider system. For e.g: GopayOrderId Note: either originalExternalId or OriginalReferenceNo need to be filled If both fields have value, will use originalReferenceNo as the main identifier.
originalExternalId	String(36)	O	Original External-ID on header message
merchantId	String(64)	M	Merchant identifier that is unique per each merchant
subMerchantId	String(32)	O	Sub merchant ID
externalStoreId	String(64)	O	Externals store ID
reason	String(256)	M	Reason for cancellation
amount	Object	O	Amount object
amount.value	String (ISO 4217) (16,2)	O	Net amount of the cancel. If it's IDR then the value includes 2 decimal digits. e.g. IDR 10.000,- will be placed with 10000.00
amount.currency	String (2)	O	Currency.
additionalInfo	Object	O	Additional information if merchant’s need to pass.

{
   "originalPartnerReferenceNo":"2020102900000000000001",
   "originalReferenceNo":"2020102977770000000009",
   "originalExternalId":"30443786930722726463280097920912",
   "merchantId":"00007100010926",
   "subMerchantId":"310928924949487",
   "externalStoreId":"124928924949487",
   "reason":"cancel reason",
   "amount":{
      "value":"10000.00",
      "currency":"IDR"
   },
   "additionalInfo":{
      "deviceId":"12345679237",
      "channel":"mobilephone"
   }
}

Response Header

Field Name	Field Type	Mandatory	Field Description
Content-type	String	M	Media type of the resource, i.e. application/json
X-TIMESTAMP	String	M	Client’s current local time in ISO-8601 format

Content-type:application/json
X-TIMESTAMP:2024-03-19T14:30:00+07:00

Response Body

Field Name	Field Type	Mandatory	Field Description
responseCode	String (7)	M	Response code
responseMessage	String(150)	M	Response description
originalPartnerReferenceNo	String(64)	O	Original transaction identifier on merchant
originalReferenceNo	String(64)	C	Original transaction identifier on GoPay
originalExternalId	String(32)	O	Original customer reference number
cancelTime	String(25)	C	Cancel time. ISO 8601
transactionDate	yyyyMMddHHmmss	O	Transaction Date
additionalInfo	Object	O	Additional information if merchant’s need to pass.

{
   "responseCode":"2007700",
   "responseMessage":"Request has been processed successfully",
   "originalPartnerReferenceNo":"2020102900000000000001",
   "originalReferenceNo":"2020102977770000000009",
   "originalExternalId":"30443786930722726463280097920912",
   "cancelTime":"2020-10-20T17:56:57",
   "transactionDate":"2020-10-20 17:56:57",
   "additionalInfo":{
      "deviceId":"12345679237",
      "channel":"mobilephone"
   }

Initiating cancel for GoPay Tokenization (Pre Auth) transaction

This section will describe how a merchant can release/cancel authorized transactions for GoPay Tokenization (Pre-Auth) transactions.

Path	/v1.0/auth/void
HTTP Method	POST
Version	v1.0
SNAP Service Code	67

Request Header

Field Name	Field Type	Mandatory	Field Description
Content-type	String	M	Media type of the resource, i.e. application/json
X-TIMESTAMP	String	M	Client’s current local time in ISO-8601 format
X-SIGNATURE	String	M	Created using symmetric signature HMAC_SHA512 algorithm
Authorization	String	M	Represents access_token of a request; string starts with keyword “Bearer ” followed by access_token. Can get this token from Access Token B2B API response.
X-PARTNER-ID	String	M	Unique identifier for caller (client_id)
X-EXTERNAL-ID	String	M	Alphanumeric string. We suggest merchant to use UUID format. The value should be unique. In case of timeout, merchant can do: Use this value in get status API to get status transaction or Retry this request with the same X-EXTERNAL-ID and request body to avoid creating duplicate transaction
CHANNEL-ID	String	M	Mandatory field from Bank Indonesia that can take any value with correct format 5 digits numeric string

Content-type:application/json
X-TIMESTAMP:2024-03-19T14:30:00+07:00
X-SIGNATURE: da1fa417c72d6b91c257e01e54fac824
Authorization: Bearer gp9HjjEj813Y9JGoqwOeOPWbnt4CupvIJbU1Mmu4a11MNDZ7Sg5u9a
X-PARTNER-ID: BMRI
X-EXTERNAL-ID:12345678901234567890
CHANNEL-ID:12345

Request Body

Field Name	Field Type	Mandatory	Field Description
originalReferenceNo	String(64)	C	Transaction identifier on service provider system. For e.g: GopayOrderId Note: either originalExternalId or OriginalReferenceNo need to be filled If both fields have value, will use originalReferenceNo as the main identifier.
originalPartnerReferenceNo	String (64)	M	Merchant order-id
merchantId	String(64)	M	Merchant ID
partnerVoidNo	String (64)	M	Void identifier generated by the partner
reason	String (256)	O	Void reason
additionalInfo
additionalInfo.originalExternalId	String (36)	C	If merchant got a timeout from the auth endpoint, merchant can use this field using the X-EXTERNAL-ID value in the direct debit request header. Note: either originalExternalId or OriginalReferenceNo need to be filled

{
   "originalReferenceNo":"2020102900000000000001",
   "originalPartnerReferenceNo":"123123123123",
   "partnerVoidNo":"asdv-asdasdv-addasd-1231ewqqw-aaaa",
   "merchantId":"merch00001"
   "title":"aTitle",
   "additionalData":{
          "originalExternalId":"aId",
}
}

Response Header

Field Name	Field Type	Mandatory	Field Description
Content-type	String	M	Media type of the resource, i.e. application/json
X-TIMESTAMP	String	M	Client’s current local time in ISO-8601 format

Content-type: application/json
X-TIMESTAMP: 2024-03-19T14:30:00+07:00

Response Body

Field Name	Field Type	Mandatory	Field Description
responseCode	String (7)	M	Error code to specify the error returned.
responseMessage	String (150)	M	Debug message to provide more information.
originalReferenceNo	String (256)	O	Transaction identifier on service provider system. For e.g: GopayOrderId
originalPartnerReferenceNo	String (32)	O	Transaction identifier on service consumer system
voidNo	String (64)	C	PJSP's void identifier. Used to trace the capture when there's any issue occurred.
partnerVoidNo	String (64)	M	Void identifier generated by the partner
voidAmount	Object	O
voidAmount.value	String (16,2)	O	Transaction amount that will be paid using this payment method If it's IDR then value includes 2 decimal digits. e.g. IDR 10.000,- will be placed with 10000.00
voidAmount.currency	String	O	Currency. For e.g: IDR
voidTime	String	C	Void time. Must be filled upon successful transaction. Format void time: (ISO 8601) YYYY-MM-DDThh:mm:ss

{
   "responseCode":"20054000",
   "responseMessage":"Request has been processed successfully",
    "originalReferenceNo":"2020102900000000000001",
   "originalPartnerReferenceNo":"123123123123",
   "voidNo":"asdv-asdasdv-addasd-1231ewqqw-aaaa",
    "partnerVoidNo":"asdv-asdasdv-addasd-1231ewqqw-aaaa",
   "voidAmount":{
  	"value":"12345678.00",
  	"currency":"IDR"
   },
   "voidTime": "2009-07-03T12:08:56+07:00"
}

{
   "responseCode":"4006701",
   "responseMessage":"There is some issue with the transaction request"
}

List of Response code

Response Code	HTTP Status Code	Response Message
2006700	200	Success
4006702	400	Invalid Mandatory Field {Field Name}
4016700	401	Unauthorized. Auth token required
4016701	401	Invalid Token (B2B)
4036515	403	Transaction Not Permitted.[reason].
5006701	500	Internal Server Error
5046700	504	Timeout

Initiating cancel for bank transfer (virtual account) transaction

This section will describe how a merchant can cancel bank transfer (virtual account) transactions.

Path	/{version}/transfer-va/delete-va
HTTP Method	POST
Version	v1.0
SNAP service code	31

Request Header

Field Name	Field Type	Mandatory	Field Description
Content-Type	String	M	Represent media type of request e.g “application/json”
X-TIMESTAMP	String(25)	M	Client's current local time in “yyyy-MM-ddTHH:mm:ssZ” format
Authorization	String	M	Bearer token obtained from Access Token API in the format Bearer AccessToken
X-SIGNATURE	String	M	Created using symmetric signature HMAC_SHA512 algorithm
X-PARTNER-ID	String	M	Unique identifier for partner
CHANNEL-ID	String	M	Mandatory field from Bank Indonesia that can take any value with correct format 5 digits numeric string
X-EXTERNAL-ID	String	M	Alphanumeric string. We suggest merchant to use UUID format. The value should be unique. In case of timeout, merchant can do: Use this value in get status API to get status transaction or Retry this request with the same X-EXTERNAL-ID and request body to avoid creating duplicate transaction

X-TIMESTAMP 2022-03-04T08:02:09+07:00
X-SIGNATURE yqmBXZ3yV6NPG1LtwXMm3quXzJMRX5Ms+r9ebc5xWIZGSKbZL3Oy871GHb7WQUucLa5nxN/HcnZYoNHc+KkWTQ==
X-PARTNER-ID 668052e34f194aa8be79e15a21e4fc2f
X-EXTERNAL-ID 91919644194391346361915387229113
CHANNEL-ID 95221
Authorization Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIxMmUzODE4Mi00YjIxLTQ0YWMtOTVkNi1mMjFhMjEwZmIxZTAiLCJjbGllbnRJZCI6IjY2ODA1MmUzNGYxOTRhYThiZTc5ZTE1YTIxZTRmYzJmIiwibmJmIjoxNjYzODQwNTU5LCJleHAiOjE2NjM4NDE0NTksImlhdCI6MTY2Mzg0MDU1OX0.fEr0vIbB2kY8alZ-SROl3ftAFbfRd0uU-lGq9XuFi8M
Content-Type application/json

Request Body

Field Name	Field Type	Mandatory	Field Description
partnerServiceId	M	String(8)	Derivative of X- PARTNER- ID, similar to company code, 8 digit left padding space.
customerNo	M	String(20)	Unique number (up to 20 digits).
virtualAccountNo	M	String(28)	partnerServiceId + customerNo (up to 20 digits).
trxId	M	String(64)	Transaction ID in Partner system
additionalInfo	O	Object
additionalInfo.merchantId	M	String	Merchant ID

{
  "partnerServiceId":"  088899",
  "customerNo":"12345678901234567890",
  "virtualAccountNo":"  08889912345678901234567890",
  "trxId":"91919644194391346361915387229113",
  "additionalInfo": {
    "merchant_id": "G12345463"
  }
}

Response Header

Field Name	Field Type	Mandatory	Field Description
Content-Type	String	M	Media type of the resource, i.e application/json
X-TIMESTAMP	String	M	Client's current local time in ISO-8601

Content-type:application/json
X-TIMESTAMP:2024-03-19T14:30:00+07:00

Response Body

Field Name	Field Type	Mandatory	Field Description
responseCode	String	M	Response code
responseMessage	String	M	Response description
virtualAccountData.partnerServiceId	String	M	Derivative of X- PARTNER- ID, similar to company code, 8 digit left padding space.
virtualAccountData.customerNo	String	M	Unique number (up to 20 digits).
virtualAccountData.virtualAccountNo	String	M	partnerServiceId (8 digit left padding 0) + customerNo (up to 20 digits).
virtualAccountData.trxId	String	M	Transaction ID in Partner system
additionalInfo	Object	O

{
   "responseCode": "2003100",
   "responseMessage": "Success",
   "virtualAccountData":{
     "partnerServiceId":"  088899",
     "customerNo":"12345678901234567890",
     "virtualAccountNo":"  08889912345678901234567890",
     "trxId":"91919644194391346361915387229113",
     "additionalInfo":{} 
    }
}