Getting Started

To start using the BI-SNAP version of Core API, merchants will first need to do credentials exchange with Midtrans. To do this, merchants need to prepare and submit the following items as part of the onboarding process.

No.Items to prepareDefinition
1Merchant's public and private keyMerchant needs to create their public and private key (generated using PKCS8 standard) for signature generation that will be used when calling Access Token API.

1. Public key is merchant’s key that will be shared with Midtrans for signature decryption purpose
2. Private key is merchant’s confidential key that will be saved on merchant’s side
2Merchant's redirect URL

Required only for GoPay Tokenization flow
Merchant needs to share the redirection URL that will be used as redirection URL after user has authorized linking/payment on Gojek/GoPay app
3Merchant’s outgoing IPMerchant’s IP that will be whitelisted on Midtrans side. Only shared IP will be allowed to call Midtrans’ API
4Merchant's notification URL Required if merchant consumed notification from MidtransMidtrans will send payment notification to the merchant's notification URL shared by merchants
5Merchant ID (MID)Merchant needs to complete registration on to acquire Merchant ID. Merchant can use an existing MID if wishes to.

Midtrans will then share the following items for merchant to store and use when calling Midtrans' API.

No.Items provided by MidtransDefinition
1Midtrans’ public key

Required if merchant consumed notification from Midtrans
Midtrans will share its public key to merchant. By using Midtrans public key, merchant will be able to decrypt signature that is sent from Midtrans when calling merchant’s notification endpoint
2Client IDMerchant’s client ID that will be given by Midtrans, will be used as X-CLIENT-KEY on request’s header in B2B Access Token API
3Client SecretMerchant’s secret key that will be given by Midtrans, will be used for symmetric signature generation for Transactional API’s header
4Partner IDMerchant’s partner ID that will be given by Midtrans, will be used as X-PARTNER-ID on Transactional API’s header
5Midtrans outgoing IP

Required if merchant consumed notification from Midtrans
Midtrans’ IP that merchant needs to whitelist to receive notification from Midtrans