NAV

shell php

  is now known as .   All API endpoints using the TLD Betterpay.me or qnp.com is valid ×

Introduction

Welcome to the QlicknPay API! You can use our API to access QlicknPay API endpoints for bill presentation and payment collection. Our gateway supports multiple payment options (FPX/Credit Card/E-Wallet) and many e-commerce platforms as well as marketplaces such as Lazada & Shopee.

In order to use the API, you will need your Merchant ID and API Key. These credentials can be retrieved in QlicknPay Payment Gateway portal, under Manage API Tab. Please keep this credentials secure. Do not disclose to anyone.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. All request must be hashed for authentication.

Standard Payment Gateway

This feature will redirect your payer to QlicknPay checkout page. You payer can then select the different payment options provided.

API Endpoint URLs

Requirement to Use the API

Kindly get the following credentials ready in order to start using this API.

You can retrieve this information at API Management page.

How to send a Payment Request?

Kindly ensure the payment request you send to either of the above mentioned endpoints comply to the following format using POST method. You can set fields with OPTIONAL tag to NULL or exclude it entirely if it is not required.

Required Arguments

Example request:

      

Please select PHP to view the sample code


<?php
/**
 * This is a sample code for manual integration with QlicknPay
 * It is so simple that you can do it in a single file
 * Make sure that in QlicknPay Dashboard you have key in the return URL referring to this file
 */

# please fill in the required info as below
$merchant_id '10001'// this refers to your Merchant ID that can be obtain from QlicknPay
$api 'APIKEY100001'// API key


# this part is to process data from the form that user key in, make sure that all of the info is passed so that we can process the payment
if(isset($_POST['amount']) && isset($_POST['invoice']) && isset($_POST['payment_desc']))
{

# assuming all of the data passed is correct and no validation required. Preferably you will need to validate the data passed
$hashed_string md5($api."|".urldecode($merchant_id)."|".urldecode($_POST['invoice'])."|".urldecode($_POST['amount'])."|".urldecode($_POST['payment_desc']));

# now we send the data to QlicknPay by using post method

$QlicknPay_link_sandbox '{Sandbox URL}';
$QlicknPay_link_live '{Live Production URL}';

    
?>
<html>
<head>
<title>QlicknPay Payment Gateway API Sample Code</title>
</head>
<body onload="document.order.submit()">
#Specified the link below either for sandbox or live production
    <form name="order" method="post" action="<?= $QlicknPay_link_sandbox ?>">
        <?=#  REQUIRED FORM START HERE ?>
          <input type="hidden" name="merchant_id" value="<?= $merchant_id?>">
          <input type="hidden" name="invoice" value="<?= $_POST['invoice']?>">
          <input type="hidden" name="amount" value="<?= $_POST['amount']; ?>">
          <input type="hidden" name="payment_desc" value="<?= $_POST['payment_desc']; ?>">
          <input type="hidden" name="hash" value="<?= $hashed_string?>">
        <?=#  REQUIRED FORM END HERE ?>

        <?=#   OPTIONAL FORM START HERE ?>
          <?=#  Set this as null or remove it if you're not required this form. This form will display on payment gateway and save the value in dashboard  ?>
          <?=#  Buyer Name ?>
          <input type="hidden" name="buyer_name" value="John">
          <?=#  Buyer Email. Must be valid email address. Buyer will get transaction status through this email ?>
          <input type="hidden" name="buyer_email" value="John@gmail.com">
          <?=#  Buyer Phone number with country code ?>
          <input type="hidden" name="phone" value="+0123456789">
          <?=#  Buyer Address form line 1?>
          <input type="hidden" name="add_line_1" value="10-3, 3rd Floor Jln PJU 5/9">
          <?=#  Buyer Address form line 2?>
          <input type="hidden" name="add_line_2" value="Dataran Sunway Kota Damansara">
          <?=#  Buyer Postcode ?>
          <input type="hidden" name="postcode" value="47810">
          <?=#  Buyer City ?>
          <input type="hidden" name="city" value="Petaling Jaya">
          <?=#  Buyer State ?>
          <input type="hidden" name="state" value="Selangor">
          <?=#  Buyer Comment ?>
          <input type="hidden" name="comment" value="">

          <?=#  Your callback url for backend process. If you already have specified it on your dashboard but want a different url for different process, please include this form. ?>
          <?=#  Your Back-end Process ?>
          <input type="hidden" name="callback_url_be" value="https://www.example.com/callback_url_be.php">
          <?=#  Your Front-end Process Success interface ?>
          <input type="hidden" name="callback_url_fe_succ" value="https://www.example.com/callback_fe_succ.php">
          <?=#  Your Front-end Process Fail interface ?>
          <input type="hidden" name="callback_url_fe_fail" value="https://www.example.com/callback_url_fe_fail.php">

          <?=#  If you required a variable that provide the same value when you return it after transaction, use this baggage form. You can have more than one variable.?>
          <?=# Please seperate each variable and value by using '|'. Please make sure that every form's value below not more than 5000 characters ?>
          <?=#   Your vaiable(s)?>
          <input type="hidden" name="baggage_variable" value="variable1|variable2|variable3|variable4">
          <?=#   Your value(s) of each variable(s). Must be synchonize with the total variable above ?>
          <input type="hidden" name="variable1" value="value1">
          <input type="hidden" name="variable2" value="value2">
          <input type="hidden" name="variable3" value="value3">
          <input type="hidden" name="variable4" value="value4">

          <?=#   Custom your payment title and contact. ?>
          <input type="hidden" name="header_title" value="Payment Title">
          <input type="hidden" name="header_email" value="contact@gmail.com">
          <input type="hidden" name="header_phone" value="0123456789">
          <?=#   OPTIONAL FORM END HERE ?>

    </form>
</body>
</html>

<?php
}
else
{
?>

<html>
<head>
  <title>QlicknPay Payment Gateway API Sample Code</title>
</head>
<body>
  <form method="post" action="<?= htmlentities($_SERVER['PHP_SELF']); ?>">
    <table>
      <tr>
          <td colspan="2">Please fill up the detail below in order to test the payment.</td>
      </tr>
      <tr>
        <?=#  AMOUNT VALUE  MUST MORE THAN RM1.50 AND WITH 2 DECIMAL POINTS ?>
          <td>Amount</td>
          <td>: <input type="text" name="amount" value="" placeholder="Amount to pay, for example 12.20" size="30"></td>
      </tr>
      <tr>
        <?=#   DESCRIPTION MUST BE LESS THAN 1,000 CHARACTERS ?>
          <td>Payment Description (Not more than 1,000 character)</td>
          <td>: <input type="text" name="payment_desc" value="" placeholder="Description of the transaction" size="30"></td>
      </tr>
      <tr>
         <?=#  MUST BE UNIQUE  ?>
          <td>Invoice (Not more than 17 char without '-')</td>
          <td>: <input type="text" name="invoice" value="" placeholder="Unique id to reference the transaction or order" size="30"></td>
      </tr>

      <tr>
          <td><input type="submit" value="Submit"></td>
      </tr>
    </table>
  </form>
</body>
</html>
<?php
}
?>

Response (200):

      

# Directly to Payment Gateway.

      

# Directly to Payment Gateway.

Response (400):

      

# Invalid format data entered

      

# Invalid format data entered

Response (401):

      

# Invalid Merchant ID or API Key

      

# Invalid Merchant ID or API Key

Parameter Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error.
TYPE: INTEGER
EXAMPLE: 10001
invoice Unique invoice number
  • Accept alphabets, numbers and some special characters.
  • Length: Max 14 characters.
  • Ampersand (&), apostrophe (') and dash (-) is not accepted
TYPE: STRING
EXAMPLE:INV0001
amount Final amount to be paid by buyer
  • Accept ONLY numbers
  • Must be in 2 decimal places (d.p) format, eg: 192.00
TYPE: FLOAT
EXAMPLE:250
payment_desc Purpose of payment
  • Accept ONLY alphabets and numbers
  • Exclamation mark (!) is not accepted
  • Length: Max 1000 characters.
TYPE: STRING
EXAMPLE:PARKING FEE
hash The secure hash string to validate the payment request sent to our Payment Gateway.
  • Accept only alphabets
TYPE: STRING

Optional Arguments

Parameter Description
buyer_name Buyer's name
  • Accept only alphabets
TYPE: STRING
EXAMPLE:JOHN
buyer_email Buyer's email. Buyer will receive payment notification at this address if specified
  • Accept only valid email address
TYPE: STRING
EXAMPLE:JOHN@DOMAIN.COM
phone Buyer's phone number
  • Accept only digits and (+) symbol
TYPE: STRING
EXAMPLE:+60171234567
add_line_1 Buyer's address line 1
  • Accept only alphanumerics characters
TYPE: STRING
EXAMPLE:10-3, 3RD FLOOR JLN PJU 5/9
add_line_2 Buyer's address line 2
  • Accept only alphanumerics characters
TYPE: STRING
EXAMPLE:DATARAN SUNWAY KOTA DAMANSARA
postcode Buyer's postcode
  • Accept only digits
TYPE: INTEGER
EXAMPLE:47810
city Buyer's city location
  • Accept only alphanumerics characters
TYPE: STRING
EXAMPLE:PETALING JAYA
comment Buyer's additional comments / notes on the purchase
  • Accept only alphanumerics characters
TYPE: STRING
EXAMPLE:COMMENT HERE FOR MERCHANT REFERENCE
callback_url_be Callback URL for your back-end process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • Host name must be the same as the URL or Whitelist Domain specified in API Management page
  • Default value of this field is the URL specified API Management page
  • The default value will be ignored if this field is specified
  • Send through HTTPS header. For port customization endpoint, please contact our support.
TYPE: STRING
EXAMPLE:HTTPS://WWW.EXAMPLE.COM/CALLBACK
callback_url_fe_succ Callback URL for your front-end successful transaction process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • Default value of this field is the URL specified API Management page
  • The default value will be ignored if this field is specified
TYPE: STRING
EXAMPLE:HTTPS://WWW.EXAMPLE.COM/CALLBACK_SUCCESS
callback_url_fe_fail Callback URL for your front-end failed transaction process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • Default value of this field is the URL specified API Management page
  • The default value will be ignored if this field is specified
TYPE: STRING
EXAMPLE:HTTPS://WWW.EXAMPLE.COM/CALLBACK_FAILURE
baggage_variable If you required a variable that provide the same value after transaction has been made, use this baggage form. You can have more than one variable.
  • Accepts only alphanumeric characters
  • Length: Not more than 5000 characters
  • Must be separated with a pipe character (|) without spaces in between.
TYPE: STRING
EXAMPLE:VARIABLE1|VARIABLE2
*Each of your bagages variable name* Your value(s) of each variable(s). Must be synchonize with the total number of variable above
  • Accepts only alphanumeric characters
  • Length: Not more than 5000 characters
  • Must be separated with a pipe character (|) without spaces in between.
TYPE: STRING
EXAMPLE:VALUE1
header_title Modify your company name at payment gateway checkout page
  • Accepts only alphanumeric characters
  • Length: Not more than 80 characters
TYPE: STRING
EXAMPLE:PAYMENT HEADER TITLE
header_email Modify your company email address at payment gateway checkout page
  • Accepts only alphanumeric characters
  • Length: Not more than 50 characters
TYPE: STRING
EXAMPLE:SUPPORT@MERCHANT.COM
header_phone Modify your company phone number at payment gateway checkout page
  • Accepts only alphanumeric characters
  • Length: Not more than 50 characters
TYPE: STRING
EXAMPLE:+603283928242

How to receive the Payment Request response (via callback)?

The response to your payment request will be sent back to your specified back-end URL in the following format using POST method. You will receive this response after your payer complete or cancel a transaction.

Sample response:

      

{ "fpx_fpxTxnId": "1808241535340347", "fpx_sellerId": "SE000008567", "invoice_no": "INV10154632", "txn_status": "00", "msg": "Transaction Approved", "txn_amount": "192.00", "pay_method": "fpx", "hash": "fc85b97551f5a2b8bf28d916f2f8055d" }

      

{ "fpx_fpxTxnId": "1808241535340347", "fpx_sellerId": "SE000008567", "invoice_no": "INV10154632", "txn_status": "00", "msg": "Transaction Approved", "txn_amount": "192.00", "pay_method": "fpx", "hash": "fc85b97551f5a2b8bf28d916f2f8055d" }

Parameter Description
fpx_fpxTxnId
OR
paypal_trx_id
OR
mastercard_trx_id
Unique transaction ID. You can use this Transaction ID to track the transaction in QlicknPay's portal.
TYPE: STRING
fpx_sellerId Your FPX seller ID.
TYPE: STRING
invoice_no Unique invoice number.
TYPE: STRING
txn_status Response code of the status of payment.* Refer table below for description of the response code.
TYPE: STRING
msg Status message of the payment depend on the response code from txn_status.
TYPE: STRING
txn_amount Final amount paid by buyer.
TYPE: STRING
pay_method Payment method chosen by buyer. Eg: fpx/paypal/mastercard
TYPE: STRING
hash Secure hash string to validate the response sent to your side by our Payment Gateway.
TYPE: STRING

API Errors Guide

The API will return error messages if any of the variables sent is invalid.

Error Messages Issue
Unable to process payment due to invalid API or invalid merchant ID or no data entered. Please inform the merchant about this error. Invalid API or Merchant ID.
Maximum total of amount exceeded or invalid data entered. Please assume that every transaction must be less than RM30,000 (B2C) and more than RM1.50. Amount must be more than or equal to RM 1.50 and less than RM 30,000 (B2C).
Unable to process payment due to invalid Product ID entered. Product description must be more than 0 and less than 1,000 characters.
Unable to process payment due to invalid API entered. Please inform the merchant about this error. Invalid API. Your API key must be less than 14 characters.
Invalid data entered. Validation errors / Hashing variables do not match the data entered.
Invalid URL variable specified. Please inform the merchant about this error. Your callback_url_be host name is not the same host name as Callback URL specified in your API Management setting. To solve this problem, do these steps:
    1. Set to null the value of callback_url_be variable OR
    2. Specify the same host name for both callback_url_be and in your API Management setting.
    Example: callback_url_be:
    www.hostname.com/callbackv1
    API Management setting:
    www.hostname.com/sub/sub2/callbackv2
Invalid name of baggages. Please inform to the merchant about this error. Invalid baggages name. Baggages name cannot same as other variables(required/optional fields) name.
Example: 'merchant_id'
Your Invoice number is too long. Invoice number must be less than or equal to 14 characters. Please inform to the merchant about this error. Your invoice length must more than 0 and less than 14 characters.
Invalid email address. Please enter a valid email address. Invalid buyer email address specified.
Invalid invoices. Please inform to the merchant to check their invoice validation. The invoices content forbidden characters.
Example: '-'
Invalid invoice or duplicated invoice entered. Please inform to the merchant about this error. Invoice number must be unique for each transaction initiated.
Indirect error. Please inform to the merchant to specified their URL in their dasboard. API URL, Opencart URL, Prestashop URL, Drupal URL, Ecwid URL or Woocommerce URL is not specified in the API Management setting.

Response Code and Description

Refer to this table for the description of the returned response code.

Example response:

      

Please select PHP to view the sample code

  
<?php

#Tracing the transaction which payment method is used by your customer
if($_REQUEST['pay_method'] == 'fpx'#Using FPX
{
  
$trx_id $_REQUEST['fpx_fpxTxnId']; #EX: 1808241535340347
}
else if(
$_REQUEST['pay_method'] == 'paypal'#Using PayPal
{
  
$trx_id $_REQUEST['paypal_trx_id']; #EX: 1808241535340347
}
else if(
$_REQUEST['pay_method'] == 'mastercard'#Using Mastercard
{
  
$trx_id $_REQUEST['mastercard_trx_id']; #EX: 1808241535340347
}
else if(
$_REQUEST['pay_method'] == 'others')
{
  
$trx_id $_REQUEST['others_trx_id']; #EX: 1808241535340347
  
$_REQUEST['pay_method'] = $_REQUEST['trx_txt']; #EX: Boost eWallet and etc
}

#These are the data that posible to get from the callback URL
$fpx_sellerId   $_REQUEST['fpx_sellerId']; #EX: SE10000001
$invoice_no $_REQUEST['invoice_no']; #EX: INV012345
$txn_status $_REQUEST['txn_status']; #EX: 00 *You can view more txn_status value from the documentation*
$msg $_REQUEST['msg']; #EX: Transaction Approved
$txn_amount $_REQUEST['txn_amount']; #EX: 1289.00
$pay_method $_REQUEST['pay_method']; #EX: fpx *Can be either fpx or PayPal
$hash $_REQUEST['hash']; #EX: dc8e364d222d6025cbc505674b7ASDDS
$sample_bagages_variables $_REQUEST['sample_bagages_variables']; # *The variable name is depend on what you have set when calling an API to the payment gateway. This is optional variables.

# assuming all of the data passed is correct and no validation required. Preferably you will need to validate the data passed
# This is important to prevent any attack from hackers
$hash =  md5($api.$trx_id.$invoice_no.$txn_status.$msg);

if(
$hash == $_REQUEST['hash'])
{
    echo 
'OK'# An 'OK' msg need to send to the QlicknPay as a valid respond received from the merchant.
    # QlicknPay will send the callback data at most 3 times every 10 minutes if QlicknPay doesn't received an 'OK' message

    #Do stuff
    #You can manage your callback data here
}

else
{
    echo 
'Invalid Data';
    
#Invalid Data entered or hashing error
}

 
?>
Response Code Description
*Others* Unable To Trace An Error
B0 Order list format error
B1 Invalid seller ID
B2 Seller is not allow to refund
B3 Seller is not allow to do multiple refund
B4 Requested refund amount exceed maximum allowable
B5 Original transcation ID is not found
B6 Original transcation ID status is still pending debit/credit
B7 Original transcation ID status was not successful
B8 Previous refund request still pending debit/credit
B9 Requested refund amount below minimun allowable
C1 Invalid refund transcation model
C2 Invalid refund buyer bank
C3 Invalid refund seller bank
C4 Refund request fail due to no valid order list
C5 Order list contain duplicate seller order number
1S Refund Successful Submited
03 Invalid Merchant
05 Invalid Seller or Acquiring Bank Code
13 Invalid Amount
00 Transaction Approved
00 Transaction Approved
03 Invalid Merchant
05 Invalid Seller or Acquiring Bank Code
13 Invalid Amount
00 Transaction Approved
09 Transaction Pending
12 Invalid Transaction
14 Invalid Buyer Account
20 Invalid Response
31 Invalid Bank
39 No Credit Account
45 Duplicate Seller Order Number
46 Invalid Seller Exhchange or Seller
47 Invalid Currency
48 Maximum Transaction Limit Exceeded RM30,000.00 for B2C
49 Merchant Specific Limit Exceeded
50 Invalid Seller for Merchant Specific Limit
51 Insufficient Funds
53 No Buyer Account Number
57 Transaction Not Premitted
58 Transaction To Merchant Not Premitted
70 Invalid Serial Number
76 Transaction Not Found
77 Invalid Buyer Name or Buyer ID
78 Decryption Failed
79 Host Decline When Down
80 Buyer Cancel Transaction
83 Invalid Transaction Model
84 Invalid Transaction Type
85 Internel Error At Bank System
87 Debit Failed Exception Handling
88 Credit Failed Exception Handling
89 Transaction Not Received Exception Handling
90 Bank Internet Banking Unavailable
92 Invalid Buyer Bank
96 System Manulfaction
97 Transaction Pending
98 MAC Error
99 Pending Authorization (Applicable for B2B model)
BC Transaction Cancelled By Customer
DA Invalid Applcaition Type
DB Invalid Email Format
DC Invalid Maximum Frequency
DD Invalid Frequency Mode
DE Invalid Expiry Date
DF Invalid e-Mandate
FE Internal Error
OE Transaction Rejected As Not In FPX Operating Hours
OF Transaction Timeout
SB Invalid Acquiring Bank Code
XA Invalid Source IP Address (Applicable for B2B2 model)
XB Invalid Seller Exchange IP
XC Seller Exchange Encryption Error
XE Invalid Message
XF Invalid Number of Orders
XI Invalid Seller Exchange
XM Invalid FPX Transaction Model
XN Transaction Rejected Due To Duplicate Seller Exchange Order Number
XO Duplicate Exchange Order Number
XS Seller Does Not Belong To Exchange
XT Invalid Transaction Type
XW Seller Exchange Date Difference Exceeded
1A Seller Buyer Session Timeout At Internet Banking Login Page
1B Buyer Failed To Provide The Necessary Info To Login To Internet Banking Login Page
1C Buyer Choose Cancel At Login Page
1D Buyer Session Timeout At Account Selection Page
1E Buyer Failed To Provide The Necessary Info To Login To Internet Banking Login Page
1F Buyer Choose Cancel At Account Selection Page
1G Buyer Session Timeout At TAC Request Page
1H Buyer Failed To Provide Necessary Info At TAC Request Page
1I Buyer Choose Cancel At TAC Request Page
1J Buyer Session Timeout At Confirmation Page
1K Buyer Failed To Provide Necessary Info At Confirmation Page
1L Buyer Choose Cancel At Confirmation Page
1M Internet Banking Session Timeout
2A Transaction Amount Is Lower Than Minimum Limit RM1.00 for B2C

Hashing Guide

This section will explain how to secure your payment request & response using hashing method. This will be used to generate the hash field in your payment request as well as to validate the return hash from QlicknPay.

When Sending Payment Request

Field Name Example Value
api APIKEY123456
merchant_id 1000034
invoice INV10154632
amount 1289.00
payment_desc Parking Fee

Sample code to hash above values:
md5($api."|".urldecode($merchant_id)."|".urldecode($invoice)."|".urldecode($amount)."|".urldecode($payment_desc));

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
APIKEY123456|100055|INV10154632|1289.00|Parking Fee will generate something like e8f3ac1c718fa7e620b133d601fb4f73

When Receiving Payment Response

Field Name Example Value
fpx_fpxTxnId
OR
paypal_trx_id
OR
mastercard_trx_id
1808241535340347
fpx_sellerId SE000008567
invoice_no INV10154632
msg Transaction Approved
txn_status 00
txn_amount 1289.00
hash dc8e364d222d6025cbc505674b701asdw
pay_method fpx OR paypal OR mastercard
*Your baggage variable* *Your baggage value*

Sample code to hash above values:
md5($api.$fpx_fpxTxnId.$invoice_no.$txn_status.$msg);

For example, if the details received are as above, the hash string to be generated is constructed as follows:
APIKEY1234561808241535340347INV01234500Transaction Approved will generate something like dc8e364d222d6025cbc505674b7012df

If the generated hash string is the same with the hash sent in the response message, the data is safe from tampering.

Create Bill

You can use this API to retrieve a payment URL. This is useful if you want to contruct all the parameters of the bill from your own system, and send a final url for your payer to complete the transaction.

API Endpoint URLs

Requirement to use the API

Kindly get the following credentials ready in order to start using this feature.

You can retrieve these information at the API Management page.

Required Arguments

Example request:

    

curl POST {Endpoint URL}\ -d merchant_id: 10010\ -d invoice: FS789\ -d amount: 150\ -d payment_desc: Parking Fee\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\ -d buyer_name: John\ -d buyer_email: John@domain.com\ -d phone: +6017123123\ -d add_line_1: 10-3, 3rd Floor Jln PJU 5/9\ -d add_line_2: Dataran Sunway Kota Damansara\ -d postcode: 47810\ -d city: Petaling Jaya\ -d state: Selangor\ -d comment: Comment Here For Merchant Reference\ -d callback_url_be: https://www.example.com/callback_url_be\ -d callback_url_fe_succ: https://www.example.com/callback_fe_succ\ -d callback_url_fe_fail: https://www.example.com/callback_url_fe_fail\ -d baggage_variable: variable1|variable2\ -d variable1: value1\ -d variable2: value2\ -d header_title: Payment Title\ -d header_email: contact@gmail.com\ -d header_phone: 0123456789\

    

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10001&invoice=INV0001&amount=250&payment_desc=Parking Fee&hash=dc8e364d222d6025cbc505674b7012df&buyer_name=John&buyer_email=john@domain.com&phone=+60171234567&add_line_1=10-3, 3rd Floor Jln PJU 5/9&add_line_2=Dataran Sunway Kota Damansara&postcode=47810&city=Petaling Jaya&comment=Comment Here For Merchant Reference&callback_url_be=https://www.example.com/callback&callback_url_fe_succ=https://www.example.com/callback_success&callback_url_fe_fail=https://www.example.com/callback_success&baggage_variable=variable1|variable2&variable1=value1&variable2=value2&header_title=Payment Header Title&header_email=support@merchant.com&header_phone=+603283928242"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

    

{ "response": "00", "merchant_id": "10010", "invoice": "FS789", "amount": "150", "payment_desc": "Parking Fee", "hash": "fc85b97551f5a2b8bf28d916f2f8055d", "buyer_name": "John", "buyer_email": "John@domain.com", "phone": "+6017123123", "add_line_1": "10-3, 3rd Floor Jln PJU 5/9", "add_line_2": "Dataran Sunway Kota Damansara", "postcode": "47810", "city": "Petaling Jaya", "state": "Selangor", "comment": "Comment Here For Merchant Reference", "callback_url_be": "https://www.example.com/callback_url_be", "callback_url_fe_succ": "https://www.example.com/callback_fe_succ", "callback_url_fe_fail": "https://www.example.com/callback_url_fe_fail", "baggage_variable": "variable1|variable2", "variable1": "value1", "variable2": "value2", "header_title": "Payment Title", "header_email": "contact@gmail.com", "header_phone": "0123456789", "url": "https://www.qlicknpay.com/receiver-disp?34-INV0001-024939-iXO" }

    

{ "response": "00", "merchant_id": "10010", "invoice": "FS789", "amount": "150", "payment_desc": "Parking Fee", "hash": "fc85b97551f5a2b8bf28d916f2f8055d", "buyer_name": "John", "buyer_email": "John@domain.com", "phone": "+6017123123", "add_line_1": "10-3, 3rd Floor Jln PJU 5/9", "add_line_2": "Dataran Sunway Kota Damansara", "postcode": "47810", "city": "Petaling Jaya", "state": "Selangor", "comment": "Comment Here For Merchant Reference", "callback_url_be": "https://www.example.com/callback_url_be", "callback_url_fe_succ": "https://www.example.com/callback_fe_succ", "callback_url_fe_fail": "https://www.example.com/callback_url_fe_fail", "baggage_variable": "variable1|variable2", "variable1": "value1", "variable2": "value2", "header_title": "Payment Title", "header_email": "contact@gmail.com", "header_phone": "0123456789", "url": "https://www.qlicknpay.com/receiver-disp?34-INV0001-024939-iXO" }

Response (400):

    

{ "response": "98", "merchant_id": "Fail to created bill." }

    

{ "response": "98", "merchant_id": "Fail to created bill." }

Response (401):

    

{ "response": "99", "merchant_id": "Invalid data entered. Please inform the merchant about this error." }

    

{ "response": "99", "merchant_id": "Invalid data entered. Please inform the merchant about this error." }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10001
invoice Unique invoice number
  • Accept alphabets, numbers and some special characters.
  • Length: Max 14 characters.
  • Ampersand (&), apostrophe (') and dash (-) is not accepted
TYPE: STRING
EXAMPLE:INV0001
payment_desc Purpose of payment
  • Accept ONLY alphabets and numbers
  • Exclamation mark (!) is not accepted
  • Length: Max 1000 characters
TYPE: STRING
EXAMPLE: PARKING FEE
hash The secure hash string to validate the request. Refer our Hashing Guide Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Optional Arguments

Parameter Description
buyer_name Buyer's name
  • Accept only alphabets
TYPE: STRING
EXAMPLE:JOHN
buyer_email Buyer's email. Buyer will receive payment notification at this address if specified
  • Accept only valid email address
TYPE: STRING
EXAMPLE:JOHN@DOMAIN.COM
phone Buyer's phone number
  • Accept only digits and (+) symbol
TYPE: STRING
EXAMPLE:+60171234567
add_line_1 Buyer's address line 1
  • Accept only alphanumerics characters
TYPE: STRING
EXAMPLE:10-3, 3RD FLOOR JLN PJU 5/9
add_line_2 Buyer's address line 2
  • Accept only alphanumerics characters
TYPE: STRING
EXAMPLE:DATARAN SUNWAY KOTA DAMANSARA
postcode Buyer's postcode
  • Accept only digits
TYPE: INTEGER
EXAMPLE:47810
city Buyer's city location
  • Accept only alphanumerics characters
TYPE: STRING
EXAMPLE:PETALING JAYA
comment Buyer's additional comments / notes on the purchase
  • Accept only alphanumerics characters
TYPE: STRING
EXAMPLE:COMMENT HERE FOR MERCHANT REFERENCE
callback_url_be Callback URL for your back-end process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • Host name must be the same as the URL or Whitelist Domain specified in API Management page
  • Default value of this field is the URL specified API Management page
  • The default value will be ignored if this field is specified
  • Send through HTTPS header. For port customization endpoint, please contact our support.
TYPE: STRING
EXAMPLE:HTTPS://WWW.EXAMPLE.COM/CALLBACK
callback_url_fe_succ Callback URL for your front-end successful transaction process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • Default value of this field is the URL specified API Management page
  • The default value will be ignored if this field is specified
TYPE: STRING
EXAMPLE:HTTPS://WWW.EXAMPLE.COM/CALLBACK_SUCCESS
callback_url_fe_fail Callback URL for your front-end failed transaction process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • Default value of this field is the URL specified API Management page
  • The default value will be ignored if this field is specified
TYPE: STRING
EXAMPLE:HTTPS://WWW.EXAMPLE.COM/CALLBACK_FAILURE
baggage_variable If you required a variable that provide the same value after transaction has been made, use this baggage form. You can have more than one variable.
  • Accepts only alphanumeric characters
  • Length: Not more than 5000 characters
  • Must be separated with a pipe character (|) without spaces in between.
TYPE: STRING
EXAMPLE:VARIABLE1|VARIABLE2
*Each of your bagages variable name* Your value(s) of each variable(s). Must be synchonize with the total number of variable above
  • Accepts only alphanumeric characters
  • Length: Not more than 5000 characters
  • Must be separated with a pipe character (|) without spaces in between.
TYPE: STRING
EXAMPLE:VALUE1
header_title Modify your company name at payment gateway pages
  • Accepts only alphanumeric characters
  • Length: Not more than 80 characters
TYPE: STRING
EXAMPLE:PAYMENT HEADER TITLE
header_email Modify your company email address at payment gateway pages
  • Accepts only alphanumeric characters
  • Length: Not more than 50 characters
TYPE: STRING
EXAMPLE:SUPPORT@MERCHANT.COM
header_phone Modify your company phone number at payment gateway pages
  • Accepts only alphanumeric characters
  • Length: Not more than 50 characters
TYPE: STRING
EXAMPLE:+603283928242

Hashing Guide

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
merchant id 1000034
API YOURAPIKEY00192
Invoice No FS789
Amount 150.00
Payment Description Description

Sample code to hash above values:
md5($API."|".urldecode($merchant_id)."|".urldecode($invoice)."|".urldecode($amount)."|".urldecode($payment_desc));

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|1000034|FS789|19.90|Description will generate something like fc85b97551f5a2b8bf28d916f2f8055d

Error Guide

The API will return error messages if any of the variables sent is invalid

Error Code Description
00 Success / No error
99 Fail to created a bill

Direct Payment

Use this feature if you would like to bypass QlicknPay checkout page, and direct payers straight from your system to the selected payment gateway (FPX) seamlessly. This is useful for developers who want to customize the full payment experience on their own website or mobile app and direct the payers to their Internet Banking login page.

Direct Payment Flow

  1. Request an API called ‘Get Bank List’ to get list of banks available for the payer.
  2. Merchant send a payment request to an API called ‘Direct Payment’.
  3. Payer directly to selected bank portal
  4. After payment is done, payer will directly to QlicknPay receipt page with a transaction status. Receipt page provide a button for them to return to merchant site (optional). Merchant can disable this receipt page and let the payer to skip and directly to selected pages by specify the variable called ‘skip_receipt’ and send it to Direct Payment API during request a payment.
  5. In a meantime, callback data will send to the merchant site. Please specify Callback Endpoint at your API request or you can specify it at your QlicknPay Dashboard

API Endpoint URLs

Requirement to use the API

Kindly get the following credentials ready in order to start using this feature.

You can retrieve these information from the API Management page.

Kindly ensure the payment request you send to either of the mentioned endpoints comply to the following format using POST method. You can set fields with OPTIONAL tag to NULL or exclude it entirely if it is not required.

Required Arguments

Example request:

    

Please select PHP to view the sample code

  
<?php
/**
* This is a sample code for manual integration with QlicknPay
* It is so simple that you can do it in a single file
* Make sure that in QlicnPay Dashboard you have key in the return URL referring to this file
*/

# please fill in the required info as below
$merchant_id 'YOURMERCHANTID'// this refers to your Merchant ID that can be obtain from PayDirect
$api 'YOURAPIKEY'// API key


# this part is to process data from the form that user key in, make sure that all of the info is passed so that we can process the payment
if(isset($_POST['amount']) && isset($_POST['invoice']) && isset($_POST['payment_desc']))
{
  
# assuming all of the data passed is correct and no validation required. Preferably you will need to validate the data passed
  
$hashed_string md5($api."|".urldecode($merchant_id)."|".urldecode($_POST['invoice'])."|".urldecode($_POST['amount'])."|".urldecode($_POST['payment_desc'])."|".urldecode($_POST['bank_code'])."|".urldecode($_POST['payment_method']));
  
# now we send the data to PayDirect by using post method

  
$payment_url '{Endpoint URL}';

  
?>
  <html>
  <head>
  <title>Pay Direct Payment Gateway API Sample Code</title>
  </head>
  <body onload="document.order.submit()">
    <!-- Specified the link below either for sandbox or live production -->
      <form name="order" method="post" action="<?= $payment_url ?>">

          <!-- REQUIRED FORM START HERE -->
            <input type="hidden" name="merchant_id" value="<?php echo $merchant_id?>">
            <input type="hidden" name="invoice" value="<?php echo $_POST['invoice']?>">
            <input type="hidden" name="amount" value="<?php echo $_POST['amount']; ?>">
            <input type="hidden" name="payment_desc" value="<?php echo $_POST['payment_desc']; ?>">
            <input type="hidden" name="hash" value="<?php echo $hashed_string?>">

            <input type="hidden" name="bank_code" value="<?php echo $_POST['bank_code']; ?>">
            <input type="hidden" name="payment_method" value="<?php echo $_POST['payment_method']; ?>">


          <!-- REQUIRED FORM END HERE -->

          <!--  OPTIONAL FORM START HERE -->
            <!-- Set this as null or remove it if you're not required this form. This form will display on payment gateway and save the value in dashboard  -->
            <!-- Buyer Name -->
            <input type="hidden" name="buyer_name" value="John">
            <!-- Buyer Email. Must be valid email address. Buyer will get transaction status through this email -->
            <input type="hidden" name="buyer_email" value="John@domain.com">
            <!-- Buyer Phone number with country code -->
            <input type="hidden" name="phone" value="+0123456789">
            <!-- Buyer Address form line 1-->
            <input type="hidden" name="add_line_1" value="10-3, 3rd Floor Jln PJU 5/9">
            <!-- Buyer Address form line 2-->
            <input type="hidden" name="add_line_2" value="Dataran Sunway Kota Damansara">
            <!-- Buyer Postcode -->
            <input type="hidden" name="postcode" value="47810">
            <!-- Buyer City -->
            <input type="hidden" name="city" value="Petaling Jaya">
            <!-- Buyer State -->
            <input type="hidden" name="state" value="Selangor">
            <!-- Buyer Comment -->
            <input type="hidden" name="comment" value="Comment">

            <!-- Your callback url for backend process. If you already have specified it on your dashboard but want a different url for different process, please include this form. -->
            <!-- Your Back-end Process -->

            <input type="hidden" name="callback_url_be" value="https://www.sample.com/callback_url_be.php">
            <!-- Your Front-end Process Success interface -->
            <input type="hidden" name="callback_url_fe_succ" value="https://www.sample.com/callback_fe_succ.php">
            <!-- Your Front-end Process Fail interface -->
            <input type="hidden" name="callback_url_fe_fail" value="https://www.sample.com/callback_url_fe.php">

            <!-- If you required a variable that provide the same value when you return it after transaction, use this baggage form. You can have more than one variable.
            Please seperate each variable and value by using '|'. Please make sure that every form's value below not more than 5000 characters -->
            <!--  Your variable(s)-->
            <input type="hidden" name="baggage_variable" value="variable2|variable3|variable4">
            <!--  Your value(s) of each variable(s). Must be synchonize with the total variable above -->
            <input type="hidden" name="variable2" value="value2">
            <input type="hidden" name="variable3" value="value3">
            <input type="hidden" name="variable4" value="value4">

            <!-- Skip QlicknPay receipt page and directly to merchant page. Set '0' as false and '1' as true -->
            <input type="hidden" name="skip_receipt" value="1">

          <!--  OPTIONAL FORM END HERE -->

      </form>
  </body>
  </html>
  <?php
}

else
{
?>

  <html>
  <head>
    <title>Pay Direct Payment Gateway API Sample Code</title>
  </head>
  <body>
      <form method="post" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>">
          <table>
              <tr>
                  <td colspan="2">Please fill up the detail below in order to test the payment.</td>
              </tr>
              <tr>
                  <td>Amount</td>
                  <td>: <input type="text" name="amount" value="" placeholder="Amount to pay, for example 12.20" size="30"></td>
              </tr>
              <tr>
                  <td>Payment Description (Not more than 1,000 character)</td>
                  <td>: <input type="text" name="payment_desc" value="" placeholder="Description of the transaction" size="30"></td>
              </tr>
              <tr>
                 <!-- MUST BE UNIQUE  -->
                  <td>Invoice (Not more than 17 char without '-')</td>
                  <td>: <input type="text" name="invoice" value="<?= date('His'?>" placeholder="Unique id to reference the transaction or order" size="30"></td>
              </tr>

              <tr>
                  <td>Bank</td>
                  <td>:
                    <select name='bank_code'>
                      <option value='ABB0233'>Affin Bank</option>
                      <option value='ABMB0212'>Alliance Bank (Personal)</option>
                      <option value='AMBB0209'>AmBank</option>
                      <option value='BIMB0340'>Bank Islam</option>
                      <option value='BKRM0602'>Bank Rakyat</option>
                      <option value='BMMB0341'>Bank Muamalat</option>
                      <option value='BSN0601'>BSN</option>
                      <option value='BCBB0235'>CIMB Clicks</option>
                      <option value='CIT0219'>Citibank</option>
                      <option value='HLB0224'>Hong Leong Bank</option>
                      <option value='HSBC0223'>HSBC Bank</option>
                      <option value='KFH0346'>KFH</option>
                      <option value='MB2U0227'>Maybank2U</option>
                      <option value='MBB0228'>Maybank2E</option>
                      <option value='OCBC0229'>OCBC Bank</option>
                      <option value='PBB0233'>Public Bank</option>
                      <option value='RHB0218'>RHB Bank</option>
                      <option value='SCB0216'>Standard Chartered</option>
                      <option value='UOB0226'>UOB Bank</option>
                      <option disabled>-------------------</option>
                      <option value='CC00001'>Credit Card</option>
                      <option disabled>-------------------</option>
                      <option value='BOOST'>Boost eWallet</option>
                      <option value='TNG'>TouchNGo eWallet</option>
                      <option value='GRAB'>Grab eWallet</option>

                    </select>
                  </td>
              </tr>

              <tr>
                  <td>Payment Method</td>
                  <td>:
                    <select name='payment_method'>
                      <option value='b2c'>FPX B2C</option>
                      <option value='b2b'>FPX B2B</option>
                      <option value='cc'>Credit Card</option>
                      <option value='ewallet'>eWallet</option>
                    </select>
                  </td>
              </tr>

              <tr>
                  <td><input type="submit" value="Submit"></td>
              </tr>
          </table>
      </form>
  </body>
  </html>
<?php
}
?>

Response (200):

    

# Directly to Payment Gateway.

    

# Directly to Payment Gateway.

Response (400):

    

# Invalid format data entered

    

# Invalid format data entered

Response (401):

    

# Invalid Merchant ID or API Key

    

# Invalid Merchant ID or API Key

Parameter Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error.
TYPE: INTEGER
EXAMPLE: 10001
invoice Unique invoice number
  • Accept alphabets, numbers and some special characters.
  • Length: Max 14 characters.
  • Ampersand (&), apostrophe (') and dash (-) is not accepted
TYPE: STRING
EXAMPLE:INV0001
amount Final amount to be paid by buyer
  • Accept ONLY numbers
  • Must be in 2 decimal places (d.p) format, eg: 192.00
TYPE: FLOAT
EXAMPLE:250
payment_desc Purpose of payment
  • Accept ONLY alphabets and numbers
  • Exclamation mark (!) is not accepted
  • Length: Max 1000 characters.
TYPE: STRING
EXAMPLE:PARKING FEE
payment_method Payment Method of the payment.
  • 'b2b' or 'b2c' for FPX Online Payment
  • 'cc' for Credit Card Payment
  • 'ewallet' for eWallet Payment
TYPE: STRING
EXAMPLE:b2c
bank_code For FPX Online Payment (B2B or B2C):
For Credt Card Payment:
  • please set your 'bank_code' as 'CC00001'

For eWallet Payment, please choose either one and set your 'bank_code' as per shown below:
  • BOOST
  • GRAB
  • TNG

TYPE: STRING
EXAMPLE:MB2U0227
hash The secure hash string to validate the payment request sent through our Payment Gateway.
  • Accept only alphabets
TYPE: STRING
EXAMPLE:PARKING FEE

Optional Arguments

Parameter Description
buyer_name Buyer's name
  • Accept only alphabets
TYPE: STRING
EXAMPLE:JOHN
buyer_email Buyer's email. Buyer will receive payment notification at this address if specified
  • Accept only valid email address
TYPE: STRING
EXAMPLE:JOHN@DOMAIN.COM
phone Buyer's phone number
  • Accept only digits and (+) symbol
TYPE: STRING
EXAMPLE:+60171234567
add_line_1 Buyer's address line 1
  • Accept only alphanumerics characters
TYPE: STRING
EXAMPLE:10-3, 3RD FLOOR JLN PJU 5/9
add_line_2 Buyer's address line 2
  • Accept only alphanumerics characters
TYPE: STRING
EXAMPLE:DATARAN SUNWAY KOTA DAMANSARA
postcode Buyer's postcode
  • Accept only digits
TYPE: INTEGER
EXAMPLE:47810
city Buyer's city location
  • Accept only alphanumerics characters
TYPE: STRING
EXAMPLE:PETALING JAYA
comment Buyer's additional comments / notes on the purchase
  • Accept only alphanumerics characters
TYPE: STRING
EXAMPLE:COMMENT HERE FOR MERCHANT REFERENCE
callback_url_be Callback URL for your back-end process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • Host name must be the same as the URL or Whitelist Domain specified in API Management page
  • Default value of this field is the URL specified API Management page
  • The default value will be ignored if this field is specified
  • Send through HTTPS header. For port customization endpoint, please contact our support.
TYPE: STRING
EXAMPLE:HTTPS://WWW.EXAMPLE.COM/CALLBACK
callback_url_fe_succ Callback URL for your front-end successful transaction process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • Default value of this field is the URL specified API Management page
  • The default value will be ignored if this field is specified
TYPE: STRING
EXAMPLE:HTTPS://WWW.EXAMPLE.COM/CALLBACK_SUCCESS
callback_url_fe_fail Callback URL for your front-end failed transaction process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • Default value of this field is the URL specified API Management page
  • The default value will be ignored if this field is specified
TYPE: STRING
EXAMPLE:HTTPS://WWW.EXAMPLE.COM/CALLBACK_FAILURE
baggage_variable If you required a variable that provide the same value after transaction has been made, use this baggage form. You can have more than one variable.
  • Accepts only alphanumeric characters
  • Length: Not more than 5000 characters
  • Must be separated with a pipe character (|) without spaces in between.
TYPE: STRING
EXAMPLE:VARIABLE1|VARIABLE2
*Each of your bagages variable name* Your value(s) of each variable(s). Must be synchonize with the total number of variable above
  • Accepts only alphanumeric characters
  • Length: Not more than 5000 characters
  • Must be separated with a pipe character (|) without spaces in between.
TYPE: STRING
EXAMPLE:VALUE1
skip_receipt Skip QlicknPay receipt page and directly to merchant page. Set '0' as false and '1' as true
  • Accepts only integer
TYPE: INTEGER
EXAMPLE:1

Hashing Guides

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
merchant id 1000034
API YOURAPIKEY00192
Invoice No FS789
Payment Description Parking
Bank code MB2U0227
Payment Method b2c

Sample code to hash above values:
md5($API."|".urldecode($merchant_id)."|".urldecode($invoice)."|".urldecode($amount)."|".urldecode($payment_desc)."|".urldecode(bank_code)."|".urldecode(payment_method));

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|1000034|FS789|19.90|Parking|MB2U0227|b2c will generate something like 576c13781e8807c7d689dd1473da9f1d

Recurring Payment - Direct Debit

Direct Debit Recurring payments are automated payments that are carried out periodically (daily*, monthly, weekly, annually), of those consumption charges of goods or services such as memberships, subscriptions, policies or receipts with fixed value; that were previously authorized by the customer.

Direct Debit Recurring payments happen in the background. Authorization or Enrollment is done one via E-Mandate . The customer goes through the payment steps only once, for the first payment that will be charged RM1.00.

In the following sections we explain the following APIs.

You must create/add subscription package before you can add subscribers

Add subscriptions

QlicknPay allows flexibility for merchants to create subscription models for their business. We provide 3 different subscription types:

Fixed : Merchants that charges the same amount every billing period - e.g Gym Membership
Flexi : Allow subscribers to determine bill amount - e.g. Donation
Calculated : Merchants that offer Tiering amount according to expiry date - e.g. Hire Purchase

API Endpoint URLs

Required Arguments (Add Subscriptions)

Example request (Add New Fixed Package):

      

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d '{"merchant_id":"10010","subscription_type":"fixed","terms":"Monthly","subscription_id":"FIXED001","name":"Monthly Subs","price":"105.00","purpose":"Music Subscription","hash":"fc85b97551f5a2b8bf28d916f2f8055d"}'\

      

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10010&subscription_type=fixed&terms=Monthly&subscription_id=FIXED001&name=Monthly Subs&price=105.00&purpose=Music Subscription&hash=fc85b97551f5a2b8bf28d916f2f8055d"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Example request (Add New Flexi Package):

      

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d '{"merchant_id":"10010","subscription_type":"flexi","terms":"Monthly","subscription_id":"FLEX001","name":"Monthly Subs","purpose":"Music Subscription","hash":"fc85b97551f5a2b8bf28d916f2f8055d"}'\

      

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10010&subscription_type=flexi&terms=Monthly&subscription_id=FLEX001&name=Monthly Subs&purpose=Music Subscription&hash=fc85b97551f5a2b8bf28d916f2f8055d"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Example request (Add New Calculated Subscription Package):

      

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d '{"merchant_id":"10010","subscription_type":"calculated","terms":"Monthly","subscription_id":"CALC001","name":"Monthly Subs","purpose":"Music Subscription","hash":"fc85b97551f5a2b8bf28d916f2f8055d","repayment_periods":{{"total":"2","terms":"Month","amount":"105.00"},{"total":"4","terms":"Month","amount":"195.00"}}'\

      

$data_request = array( 'merchant_id' => '10010', 'subscription_type' => 'calculated', 'terms' => 'Monthly', 'subscription_id' => 'CALC001', 'name' => 'Monthly Subs', 'purpose' => 'Music Subscription', 'repayment_periods' => array( 1 => array( 'total' => '2', 'terms' => 'Month', 'amount' => '105.00', ), 2 => array( 'total' => '2', 'terms' => 'Month', 'amount' => '', ), ), 'hash' => 'fc85b97551f5a2b8bf28d916f2f8055d', ); $fields_string = json_encode($data_request); $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-type: multipart/form-data')); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

      

{ "response": "00", "system_subscription_id": "80", "subscription_id": "CALC001", "subscription_type": "calculated", "name": "Monthly Subs", "terms": "Monthly", "purpose": "Music Subscription", "repayment_periods": { "1": { "total": "2", "terms": "Month", "amount": "105.00" }, "2": { "total": "4", "terms": "Month", "amount": "195.00" } }, "created": "2021-03-26 12:40:34", "modified": "2021-03-26 12:40:34" }

      

{ "response": "00", "system_subscription_id": "80", "subscription_id": "CALC001", "subscription_type": "calculated", "name": "Monthly Subs", "terms": "Monthly", "purpose": "Music Subscription", "repayment_periods": { "1": { "total": "2", "terms": "Month", "amount": "105.00" }, "2": { "total": "4", "terms": "Month", "amount": "195.00" } }, "created": "2021-03-26 12:40:34", "modified": "2021-03-26 12:40:34" }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10001
subscription_type Your type of subscription package. Use 'fixed' if your need a fixed amount for subscription (No expiry date) OR choose 'flexi' if you need your payer specify their own amount (No expiry date) OR choose 'calculated' if the subscription have multiple option of fixed amount (Have expiry date)

*Expiry date is the last date of the payment. Otherwise, the subscription is keep going until subscribers decide to terminated the subscription.
  • Only 'fixed', 'flexi' OR 'calculated' are accepted
TYPE: STRING
EXAMPLE: fixed
terms Terms or payment frequency of the subscription. For 'Flexi' subscription package, you can set it as empty value if you want your payer decide the payment frequency.
  • Only 'Daily', 'Weekly', 'Monthly' OR 'Yearly' are accepted
TYPE: STRING
EXAMPLE: Monthly
subscription_id Unique ID for your subscription package
  • Accept alphabets and numbers only.
  • Length: Max 18 characters.
  • No empty spaces
TYPE: STRING
EXAMPLE: Monthly
name Name of your subscription
  • Accept alphanumeric.
  • Length: Max 50 characters.
TYPE: STRING
EXAMPLE: Monthly Subscription
price Price of the subscription. This variable is only available for 'fixed' subscription package. Otherwise, please ignore this variable.
  • Accept ONLY numbers
  • Must be in 2 decimal places (d.p) format, eg: 192.00
TYPE: FLOAT
EXAMPLE: 105.00
purpose Short description of the subscription
  • Accept alphanumeric.
  • Length: Max 27 characters.
TYPE: STRING
EXAMPLE: Music Subscription 1
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Required Arguments for 'Calculated' Subscription Package (Add Subscriptions)

This is the variables that store in an array called 'repayment_periods' and encode into JSON format.

Field Name Description
repayment_periods: {
  total : 'value'
}
Repayment period total. (Example: If the value is '2' then the subscription is only for 2 weeks/months/years)
  • Accept only numbers
TYPE: INTEGER
EXAMPLE: 5
{
  terms : 'value'
}
Repayment period terms. (Example: If the value is 'Month' then the subscription is only for < repayment period total > x Months)
  • Only 'Week', 'Month' OR 'Year' are accepted
TYPE: STRING
EXAMPLE: Month
{
  amount : 'value'
}
Repayment period amount. This is not a total amount but an amount for each terms that has specified. (Example: If the value is '20.00' then the subscription is RN20.00 for each < repayment period total >)
  • Accept ONLY numbers
  • Must be in 2 decimal places (d.p) format, eg: 20.00
TYPE: FLOAT
EXAMPLE: 20.00

Hashing Guide (Add Subscription)

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
merchant id 1000034
Subscription ID CALC001
Subscription Type calculated
Subscription Name Monthly Subs
Price
*You can set this as empty value
if the subscription type is not a
'fixed' type subscription
10.00
Terms Monthly
Purpose Music Subscription

Sample code to hash above values:
md5("$api|$merchant_id|$subscription_id|$subscription_type|$name|$price|$terms|$purpose");

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:

For 'calculated' subcription package "YOURAPIKEY00192|1000034|CALC001|calculated|Monthly Subs||Monthly|Music Subscription" will generate something like a03086c86be8a3ed4097925f06ba43b8
For 'fixed' subcription package "YOURAPIKEY00192|1000034|CALC001|fixed|Monthly Subs|10.00|Monthly|Music Subscription" will generate something like df36fd7bde1461b93d15639c3ecdd9f9

Add subscribers

API Endpoint URLs

URL Parameters (Add Subscribers)

Field Name Description
{Subscription ID} Your Unique Subscription ID
  • Accept alphabets and numbers only
  • Length: Max 18 characters
  • No empty spaces
TYPE: STRING
EXAMPLE: FIXED01

Required Arguments (Add Subscribers)

Example request (Add New Subscribers for Fixed Package):

      

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d '{"merchant_id":"10010","bank_id":"MB2U0227","hash":"fc85b97551f5a2b8bf28d916f2f8055d","subscriber_details":{{"id_number":"960547015374"},{"id_type":"1"},{"reference_no":"101"},{"email":"john@domain.com"},{"name":"Shahrul Izwan"},{"phone":"0173649558"}},"callbacks":{{"back_end":"https://webina.me/callback"},{"fe_success":"https://webina.me/success"},{"fe_fail":"https://webina.me/fail"}}'\

      

$data_request = array( 'merchant_id' => '10010', 'subscriber_details' => array( 'id_number' => '960547015374', 'id_type' => '1', 'reference_no' => '101', 'email' => 'john@domain.com', 'name' => 'Shahrul Izwan', 'phone' => '0173649558', ), 'callbacks' => array( 'back_end' => 'https://webina.me/callback', 'fe_success' => 'https://webina.me/success', 'fe_fail' => 'https://webina.me/fail', ), 'bank_id' => 'MB2U0227', 'hash' => 'fc85b97551f5a2b8bf28d916f2f8055d', ); $fields_string = json_encode($data_request); $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-type: multipart/form-data')); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Example request (Add New Subscribers for Flexi Package):

      

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d '{"merchant_id":"10010","mandate_frequency":"Yearly","bank_id":"MB2U0227","amount":"10.00","hash":"fc85b97551f5a2b8bf28d916f2f8055d","subscriber_details":{{"id_number":"960547015374"},{"id_type":"1"},{"reference_no":"101"},{"email":"john@domain.com"},{"name":"Shahrul Izwan"},{"phone":"0173649558"}},"callbacks":{{"back_end":"https://webina.me/callback"},{"fe_success":"https://webina.me/success"},{"fe_fail":"https://webina.me/fail"}}'\

      

$data_request = array( 'merchant_id' => '10010', 'subscriber_details' => array( 'id_number' => '960547015374', 'id_type' => '1', 'reference_no' => '101', 'email' => 'john@domain.com', 'name' => 'Shahrul Izwan', 'phone' => '0173649558', ), 'callbacks' => array( 'back_end' => 'https://webina.me/callback', 'fe_success' => 'https://webina.me/success', 'fe_fail' => 'https://webina.me/fail', ), 'mandate_frequency' => 'Yearly', 'amount' => '10.00', 'bank_id' => 'MB2U0227', 'hash' => 'fc85b97551f5a2b8bf28d916f2f8055d', ); $fields_string = json_encode($data_request); $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-type: multipart/form-data')); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Example request (Add New Subscribers for Calculated Package):

      

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d '{"merchant_id":"10010","mandate_frequency":"Yearly","bank_id":"MB2U0227","hash":"fc85b97551f5a2b8bf28d916f2f8055d","subscriber_details":{{"id_number":"960547015374"},{"id_type":"1"},{"reference_no":"101"},{"email":"john@domain.com"},{"name":"Shahrul Izwan"},{"phone":"0173649558"}},"callbacks":{{"back_end":"https://webina.me/callback"},{"fe_success":"https://webina.me/success"},{"fe_fail":"https://webina.me/fail"}},"repayment_periods":{{"total":"2"},{"terms":"Year"},{"amount":"10.00"}}'\

      

$data_request = array( 'merchant_id' => '10010', 'subscriber_details' => array( 'id_number' => '960547015374', 'id_type' => '1', 'reference_no' => '101', 'email' => 'john@domain.com', 'name' => 'Shahrul Izwan', 'phone' => '0173649558', ), 'callbacks' => array( 'back_end' => 'https://webina.me/callback', 'fe_success' => 'https://webina.me/success', 'fe_fail' => 'https://webina.me/fail', ), 'mandate_frequency' => 'Yearly', 'bank_id' => 'MB2U0227', 'hash' => 'fc85b97551f5a2b8bf28d916f2f8055d', 'repayment_periods' => array( 'total' => '2', 'terms' => 'Year', 'amount' => '10.00', ), ); $fields_string = json_encode($data_request); $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-type: multipart/form-data')); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

      

{ "response": "00", "system_subscriber_id": "80", "amount": "10.00", "frequency": "Yearly", "subscriber_details": { "name": "Shahrul Izwan", "id_type": "1", "id_number": "960547015374", "phone": "0173649558", "email": "john@domain.com", "reference_no": "101" }, "callbacks": { "back_end": "https:\/\/webina.me\/callback", "fe_success": "https:\/\/webina.me\/success", "fe_fail": "https:\/\/webina.me\/fail" }, "bank_id": "MB2U0227", "hash": "fc85b97551f5a2b8bf28d916f2f8055d", "paymentURL": "https:\/\/bit.ly\/SAMPLE01", "created": "2021-03-26 12:40:34", "modified": "2021-03-26 12:40:34" }

      

{ "response": "00", "system_subscriber_id": "80", "amount": "10.00", "frequency": "Yearly", "subscriber_details": { "name": "Shahrul Izwan", "id_type": "1", "id_number": "960547015374", "phone": "0173649558", "email": "john@domain.com", "reference_no": "101" }, "callbacks": { "back_end": "https:\/\/webina.me\/callback", "fe_success": "https:\/\/webina.me\/success", "fe_fail": "https:\/\/webina.me\/fail" }, "bank_id": "MB2U0227", "hash": "fc85b97551f5a2b8bf28d916f2f8055d", "paymentURL": "https:\/\/bit.ly\/SAMPLE01", "created": "2021-03-26 12:40:34", "modified": "2021-03-26 12:40:34" }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10001
subscriber_details: {id_number:value} Payer ID Number (Ex: IC Number)
  • Accept only numbers
TYPE: INTEGER
EXAMPLE: 950711251499
subscriber_details: {id_type:value} ID Number Type
  • Accept only either '1', '2', '3' or '4'
  • 1 - New IC Number
  • 2 - Old IC Number
  • 3 - Passport Number
  • 4 - Business Registration
  • 5 - Others
TYPE: INTEGER
EXAMPLE: 1
subscriber_details: {reference_no:value} Your reference no
  • Accept only number with no empty spaces. Maximum 12 characters
TYPE: INTEGER
EXAMPLE: 101
mandate_frequency If the subscription package is flexi, this variable is mandatory
  • Only 'Daily', 'Weekly', 'Monthly' OR 'Yearly' are accepted
TYPE: STRING
EXAMPLE: Monthly
bank_id Subscriber selected bank
  • Please proceed with Get Bank List API to retrieve your bank code
TYPE: STRING
EXAMPLE: MB2U0227
amount This variable is mandatory for Flexi Subscription
  • Accept ONLY numbers
  • Must be in 2 decimal places (d.p) format, eg: 192.00
TYPE: STRING
EXAMPLE: MB2U0227
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Required Arguments for 'Calculated' Subscription Package (Add Subscribers)

Field Name Description
repayment_periods: {total:value} Repayment period total. (Example: If the value is '2' then the subscription is only for 2 weeks/months/years)
  • Accept only numbers
TYPE: INTEGER
EXAMPLE: 5
repayment_periods: {terms:value} Repayment period terms. (Example: If the value is 'Month' then the subscription is only for < repayment period total > x Months)
  • Only 'Week', 'Month' OR 'Year' are accepted
TYPE: STRING
EXAMPLE: Month
repayment_periods: {amount:value} Repayment period amount. This is not a total amount but an amount for each terms that has specified. (Example: If the value is '20.00' then the subscription is RN20.00 for each < repayment period total >)
  • Accept ONLY numbers
  • Must be in 2 decimal places (d.p) format, eg: 20.00
TYPE: FLOAT
EXAMPLE: 20.00

Optional Arguments (Add Subscribers)

Field Name Description
subscriber_details: {name:value} Subscribers full name
  • Accept alphabets and empty space only
TYPE: STRING
EXAMPLE: SHAHRUL IZWAN
subscriber_details: {email:value} Subscriber email address
  • Accept only valid email address
TYPE: STRING
EXAMPLE: JOHN@DOMAIN.COM
subscriber_details: {phone:value} Subscriber phone number
  • Accept only numbers
TYPE: STRING
EXAMPLE: 0173649226
callbacks: {back_end:value} Callback URL for your back-end process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • The default callback URL value set during Add Subscription API will be ignored if this field is specified
TYPE: STRING
EXAMPLE: https://www.webina.me/callback
callbacks: {fe_success:value} Return URL for your front-end successful transaction process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • The default callback URL value set during Add Subscription API will be ignored if this field is specified
TYPE: STRING
EXAMPLE: https://www.webina.me/success
callbacks: {fe_fail:value} Return URL for your front-end failed transaction process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • The default callback URL value set during Add Subscription API will be ignored if this field is specified
TYPE: STRING
EXAMPLE: https://www.webina.me/failed

Hashing Guide (Add Subscription)

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
merchant id 1000034
Amount 10.00
Subscriber ID Number 960547015374
Subscriber Email john@domain.com
Subscriber Reference Number 101
Callback URL https://www.webina.me/callback
Bank ID MB2U0227

Sample code to hash above values:
md5("$api|$merchant_id|$amount|$subscriber_id_no|$subscriber_email|$subscriber_ref_no|$callback_be|$bank_id");

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:

YOURAPIKEY00192|1000034|10.00|960547015374|john@domain.com|101|https://www.webina.me/callback|MB2U0227" will generate something like 6df2c4af1400bb8a0fc81e1ad00d3c0c

Get subscribers

View all available subscribers from the specific subscription package

API Endpoint URLs

URL Parameters (Add Subscribers)

Field Name Description
{Subscription ID} Your Unique Subscription ID
  • Accept alphabets and numbers only
  • Length: Max 18 characters
  • No empty spaces
TYPE: STRING
EXAMPLE: FIXED01

Required Arguments (Get Subscribers)

Example request (Get Subscribers):

        

curl POST {Endpoint URL}\ -d merchant_id: 10010\ -d page: 1\ -d no_of_record_per_page: 100\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

        

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10010&page=1&no_of_record_per_page=100&hash=fc85b97551f5a2b8bf28d916f2f8055d"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

          

{ "response": "00", "total_page_available": "1", "0": { "subscriber_ref_no": "101", "subscription_id": "FIXED001", "active_date": "2021-03-16", "amount": "101.00", "fpx_reference_no": "C10010R101A5", "subscription_status": "active", "created": "2021-03-16 12:22:45", "modified": "2021-03-16 12:23:09" } }

          

{ "response": "00", "total_page_available": "1", "0": { "subscriber_ref_no": "101", "subscription_id": "FIXED001", "active_date": "2021-03-16", "amount": "101.00", "fpx_reference_no": "C10010R101A5", "subscription_status": "active", "created": "2021-03-16 12:22:45", "modified": "2021-03-16 12:23:09" } }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10001
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Optional Arguments (Get Subscribers)

Field Name Description
page By default the page is set to number 1.
  • Accept only numbers
  • Must be more than or equal to 1
TYPE: INTEGER
EXAMPLE: 2
no_of_record_per_page No of record per pages. By default it will display 100 records per pages.
  • Accept only numbers
TYPE: INTEGER
EXAMPLE: 50

Hashing Guide (Get Subscribers)

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
merchant id 10010
Subscription ID FIXED01

Sample code to hash above values:
md5("$api|$merchant_id|$id");

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:

YOURAPIKEY00192|10010|FIXED01" will generate something like 354615fe013e6d5a2393270fe24546db

Get Subscriber Details

Get subscribers details by referring to your Subscriber Reference Number

API Endpoint URLs

URL Parameters (Get Subscriber Details)

Field Name Description
{Subscriber Reference No} Your Unique Subscriber Reference No
  • Accept only number
  • Length: Max 12 characters
  • No empty spaces
TYPE: INTEGER
EXAMPLE: 101

Required Arguments (Get Subscribers Details)

Example request (Get Subscriber Details):

            

curl POST {Endpoint URL}\ -d merchant_id: 10010\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

            

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10010&hash=fc85b97551f5a2b8bf28d916f2f8055d"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

              

{ "response": "00", "subscriber_ref_no": "101", "name": "Shahrul Izwan", "id_number": "950711251499", "phone": "0173649558", "email": "john@domain.com", "subscription_id": "FIXED01", "active_date": "2021-03-16", "subscription_name": "Monthly Subscription", "amount": "101.00", "subscription_purpose": "Music Subscription", "fpx_reference_no": "C10010R101A5", "subscription_status": "active", "created": "2021-03-16 12:22:45", "modified": "2021-03-16 12:23:09" }

              

{ "response": "00", "subscriber_ref_no": "101", "name": "Shahrul Izwan", "id_number": "950711251499", "phone": "0173649558", "email": "john@domain.com", "subscription_id": "FIXED01", "active_date": "2021-03-16", "subscription_name": "Monthly Subscription", "amount": "101.00", "subscription_purpose": "Music Subscription", "fpx_reference_no": "C10010R101A5", "subscription_status": "active", "created": "2021-03-16 12:22:45", "modified": "2021-03-16 12:23:09" }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10001
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Hashing Guide (Get Subscriber Details)

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
merchant id 10010
Subscribers Reference No 101

Sample code to hash above values:
md5("$api|$merchant_id|$id");

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:

YOURAPIKEY00192|10010|101" will generate something like 9fdf8fa3241f509f05250dc3a9879a92

Get Subscription Details

Get subscription package details by referring to your Subscription ID

API Endpoint URLs

URL Parameters (Get Subscription Details)

Field Name Description
{Subscription ID} Your Unique Subscription ID
  • Accept alphabets and numbers only
  • Length: Max 18 characters
  • No empty spaces
TYPE: STRING
EXAMPLE: FIXED01

Required Arguments (Get Subscription Details)

Example request (Get Subscription Details):

                

curl POST {Endpoint URL}\ -d merchant_id: 10010\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

                

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10010&hash=fc85b97551f5a2b8bf28d916f2f8055d"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

                

{ "response": "00", "subscription_id": "CALCULATED01", "subscription_type": "Calculated", "name": "Monthly Subscription", "price": "Calculated", "terms": "Monthly", "purpose": "Music Subscription", "created": "2021-03-15 11:34:45", "repayment_periods": { "0": { "total": "2", "terms": "Month", "amount": "10.00" }, "1": { "total": "4", "terms": "Month", "amount": "25.00" } } }

                

{ "response": "00", "subscription_id": "CALCULATED01", "subscription_type": "Calculated", "name": "Monthly Subscription", "price": "Calculated", "terms": "Monthly", "purpose": "Music Subscription", "created": "2021-03-15 11:34:45", "repayment_periods": { "0": { "total": "2", "terms": "Month", "amount": "10.00" }, "1": { "total": "4", "terms": "Month", "amount": "25.00" } } }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10001
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Hashing Guide (Get Subscription Details)

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
merchant id 10010
Subscription ID CALCULATED01

Sample code to hash above values:
md5("$api|$merchant_id|$id");

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:

YOURAPIKEY00192|10010|CALCULATED01" will generate something like 2f7822692f2163fd641c390167966cee

Modify Active Subscriber

Modify details of the existing and active subscriber. This API will return URL for subscriber to proceed to the bank portal for verification.

API Endpoint URLs

URL Parameters (Modify Subscriber)

Field Name Description
{Subscriber Reference No} Your Unique Subscriber Reference No
  • Accept only number
  • Length: Max 12 characters
  • No empty spaces
TYPE: INTEGER
EXAMPLE: 101

Required Arguments (Modify Active Subscriber)

Example request (Modify Active Subscriber):

                

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d '{"merchant_id":"10010","terms":"Yearly","price":"10.20","last_date_payment":"16-10-2021","hash":"fc85b97551f5a2b8bf28d916f2f8055d","subscriber_details":{{"phone":"0173649226"},{"email":"johnv2@domain.com"}}'\

                

$data_request = array( 'merchant_id' => '10010', 'terms' => 'Yearly', 'price' => '10.20', 'subscriber_details' => array( 'email' => 'johnv2@domain.com', 'phone' => '0173649226', ), 'last_date_payment' => '16-10-2021', 'hash' => 'fc85b97551f5a2b8bf28d916f2f8055d', ); $fields_string = json_encode($data_request); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

                

"https://www.qlicknpay.com/merchant/mandate/update?U0FNUExFMTIzNDU="

                

"https://www.qlicknpay.com/merchant/mandate/update?U0FNUExFMTIzNDU="

Field Name Description
merchant_id Your merchant ID
  • Accept only number
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10001
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Optional Arguments (Modify Active Subscriber)

Field Name Description
terms Terms or payment frequency of the subscription
  • Only 'Daily', 'Weekly', 'Monthly' OR 'Yearly' are accepted
TYPE: STRING
EXAMPLE: Monthly
price Price of the subscription
  • Accept ONLY numbers
  • Must be in 2 decimal places (d.p) format, eg: 192.00
TYPE: FLOAT
EXAMPLE: 105.00
last_date_payment Date of the last day of the subscription
  • Date format d-m-Y
TYPE: STRING
EXAMPLE: 16-10-2021
subscriber_details: {phone:value} Subscriber phone number
  • Accept only numbers
TYPE: STRING
EXAMPLE: 0173649226
subscriber_details: {email:value} Subscriber email address
  • Accept only valid email address
TYPE: STRING
EXAMPLE: JOHN@DOMAIN.COM

Hashing Guide (Modify Active Subscriber)

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
merchant id 10010
Subscriber Reference No 101

Sample code to hash above values:
md5("$api|$merchant_id|$id");

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:

YOURAPIKEY00192|10010|101" will generate something like 9fdf8fa3241f509f05250dc3a9879a92

Terminate Active Subscriber

Terminate active subcriber. This API will return URL for subscriber to proceed to the bank portal for verification.

API Endpoint URLs

URL Parameters (Terminate Subscribers)

Field Name Description
{Subscriber Reference No} Your Unique Subscriber Reference No
  • Accept only number
  • Length: Max 12 characters
  • No empty spaces
TYPE: INTEGER
EXAMPLE: 101

Required Arguments (Modify Active Subscriber)

Example request (Modify Active Subscriber):

                    

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d '{"merchant_id":"10010","hash":"fc85b97551f5a2b8bf28d916f2f8055d"}'\

                    

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10010&hash=fc85b97551f5a2b8bf28d916f2f8055d"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

                    

"https://www.qlicknpay.com/merchant/mandate/terminate?U0FNUExFMTIzNDU="

                    

"https://www.qlicknpay.com/merchant/mandate/terminate?U0FNUExFMTIzNDU="

Field Name Description
merchant_id Your merchant ID
  • Accept only number
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10001
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Hashing Guide (Modify Active Subscriber)

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
merchant id 10010
Subscriber Reference No 101

Sample code to hash above values:
md5("$api|$merchant_id|$id");

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:

YOURAPIKEY00192|10010|101" will generate something like 9fdf8fa3241f509f05250dc3a9879a92

Refund API

This API is available for merchants using their OWN FPX SELLER ID.
This feature allow you to refund a payment made by your buyer. Funds will be refunded to the original payer's bank account. You do not need to know the buyer's bank account number to make the refund.

  1. Follow the instruction for requirement on Refund API request.
  2. Make sure you have a valid QlicknPay Reference No or your Invoice No from the transaction that has been made by payer.
  3. You can make a bulk refund in one API request (max 10 transactions per request). All success transaction is only valid for refund as long the transaction not more than 5 days after the transaction is made
  4. After the request, you will receive indirect message data including the status for the request. Successful request will return 1S as a status. Please refer here for description of the status code.
  5. After the request has been submmited, it will take a few minutes for your bank to verify the request. You will receive an email (optional) after the verification is successful and a callback data with 1S as a status of the request
  6. For Production: Please proceed to your bank portal to approve or decline the refund request.
  7. For Sandbox: Please proceed to your QlicknPay Sandbox Merchant Portal and proceed to Refund List (Bank Simulation) page under the Transaction Report section to approve or decline the request.
  8. Once the request has been approved or declined, an email will be sent to the merchant (optional) including the callback data.

Below is a transaction flow for API Refund Request.

API Endpoint URLs

Requirement to use the API

Kindly get the following credentials ready in order to start using this feature.

You can retrieve these information from the API Management page.

Kindly ensure the payment request you send to either of the mentioned endpoints comply to the following format using POST method. You can set fields with OPTIONAL tag to NULL or exclude it entirely if it is not required.

Required Arguments

Example request:

    

curl POST {Endpoint URL}\ -d merchant_id: 10115\ -d merchant_bank_id: BIMB0340\ -d merchant_acc_number: 123330010011999\ -d merchant_maker_name: SHAHRUL\ -d organization_id: 950517109988\ -d refund_list: 10115-064714-201920-AVs,101.50;10115-05164-201921-AKk,15.50;\ -d hash: f67c2bcbfcfa30fccb36f72dca22a817\

    
                          

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10115&merchant_bank_id=BIMB0340&merchant_acc_number=123330010011999& merchant_maker_name=SHAHRUL&organization_id=950517109988&refund_list=10115-064714-201920-AVs,101.50;10115-05164-201921-AKk,15.50&hash=f67c2bcbfcfa30fccb36f72dca22a817"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Example response (FPX):

    

{ "response": "00", "msg": "Request is successful submitted. We will inform you once the refund is ready", "ref_no": "10115-20201512-REFUND-AsQ", "merchant_id": "10115", "merchant_bank_id": "BIMB0340", "merchant_maker_name": "QlicknPay", "merchant_acc_number": "123330010011999", "refund_list": "10115-064714-201920-AVs,101.50;10115-05164-201921-AKk,15.50;", }

    

{ "response": "00", "msg": "Request is successful submitted. We will inform you once the refund is ready", "ref_no": "10115-20201512-REFUND-AsQ", "merchant_id": "10115", "merchant_bank_id": "BIMB0340", "merchant_maker_name": "QlicknPay", "merchant_acc_number": "123330010011999", "refund_list": "10115-064714-201920-AVs,101.50;10115-05164-201921-AKk,15.50;", }

Response (400):

    

{ "response":"99", "msg":"This account is not valid to proceed with refund API", }

    

{ "response":"99", "msg":"This account is not valid to proceed with refund API", }

Response (401):

  

{ "response":"99", "msg":"Invalid data", }

  

{ "response":"99", "msg":"Invalid data", }

Sample Callback Data:

  

{ "type":"refund_api", "ref_no":"10115-20201512-REFUND-AsQ", "refund_list":"10115-064714-201920-AVs,101.50,00;10115-05164-201921-AKk,15.50,00;", "hash":"576c13781e8807c7d689dd1473da9f1d", }

    

{ "type":"refund_api", "ref_no":"10115-20201512-REFUND-AsQ", "refund_list":"10115-064714-201920-AVs,101.50,00;10115-05164-201921-AKk,15.50,00;", "hash":"576c13781e8807c7d689dd1473da9f1d", }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error.
TYPE: INTEGER
EXAMPLE: 10001
merchant_bank_id Your bank ID. Ex: Your registered bank is Bank Islam, the value should be BIMB0340. TYPE: STRING
EXAMPLE:BIMB0340
merchant_acc_number Your bank account number.
  • Accept alphabets and numbers.
TYPE: STRING
EXAMPLE:1213330100119988
merchant_maker_name Your Maker account name. If you doesn't have any maker account, please create a new maker account by login to your bank portal.
  • Accept alphabets and numbers.
TYPE: STRING
EXAMPLE:SHAHRUL
organization_id Your Organization ID. You can retrieve your Organization ID by login to your bank portal.
  • Accept numbers. No (-) characters
TYPE: STRING
EXAMPLE:BVCOMPANY123
refund_list List of transactions that need to be refunded. Must be in a correct format.
  • Format: 'Your QlicknPay Reference No / Seller Order Number / Transaction Invoice No', 'Total Amount need to refund';
  • You can do bulk refund in one request. Please refer example.
  • Maximum 10 refunds in one request.
  • Dont forget to add semicolon (;) for seperation between your refund data.
TYPE: STRING
EXAMPLE:10115-064714-201920-AVs,101.50;10115-05164-201921-AKk,15.50;
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Optional Arguments

Parameter Description
enable_callback Callback requirement
  • Set the value to '1' if you require a callback data or set it to '0' to disabled it
TYPE: INTEGER
EXAMPLE:1
enable_email Email requirement
  • Set the value to '1' if you require an email everytime the status of refund is updated or set it to '0' to disable it
TYPE: INTEGER
EXAMPLE:1
refund_callback_url Callback URL for the refund API. If this value is NULL, system will refer your Callback URL from the dashboard.
  • To use this variable, please enable your callback by set variable 'enable_callback' into '1'
  • Send through HTTPS header. For port customization endpoint, please contact our support.
TYPE: STRING
EXAMPLE:https://webina.me/callback-refund

Refund List Format (Request)

Request: Your Invoice No or QlicknPay Reference No or Seller Order No + comma + total amount to refund + semicolon

Example: INV002810,10.00;

Refund List Format (Callback)

Request: QlicknPay Reference No + comma + total amount to refund + comma + refund status + semicolon

Example: 10115-064714-201920-AVs,101.50,1S;

Hashing Guides (Request)

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Please use MD5 message-digest algorithm to hash the data

Field Name Example Value
merchant id 10034
API YOURAPIKEY00192
Merchant Bank ID BIMB0340
Merchant Bank Account Number 121122310011999
Merchant Maker Name SHAHRUL
Organization ID BVCOMPANY123
Refund List 064714,1.50;
Callback Status 1
Email Status 1
Refund Callback URL https://www.webina.me/callback-refund

Sample code to hash above values:
md5($merchant_id."|".$api."|".$merchant_bank_id."|".$merchant_acc_number."|".$merchant_maker_name."|".$organization_id."|".$refund_list."|".$enable_callback."|".$enable_email."|".$refund_callback_url);

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
10034|YOURAPIKEY00192|BIMB0340|121122310011999|SHAHRUL|BVCOMPANY123|064714,1.50;|1|1|https://www.webina.me/callback-refund will generate something like e75eb4c46839156d7824539b548039b8

Hashing Guides (Callback)

This section will explain how to secure received your callback data. This will be used to generate the hash field.

Please use MD5 message-digest algorithm to hash the data

Field Name Variable Name Example Value
API - YOURAPIKEY00192
Type type refund_api
Reference No ref_no 10034-121SDC-REFUND-Axa
Refund List refund_list 10034-064714-201920-AVs,12.00,1S;10115-05164-201921-AKk,16.00,1S;

Sample code to hash above values:
md5($API.'refund_api'.$fpx_sellerOrderNo.$return_order_list

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|refund_api|10034-121SDC-REFUND-Axa|10034-064714-201920-AVs,12.00,1S;10115-05164-201921-AKk,16.00,1S; will generate something like 5772f93dad547629ebfad11df79b816c

Get Transactions

You can retrieve all transactions records by calling this API.

API Endpoint URLs

Requirement to use the API

Kindly get the following credentials ready in order to start using this feature.

You can retrieve these information at API Management page.

Required Arguments

Example request:

    
                         

curl POST {Endpoint URL}\ -d merchant_id: 10001\ -d date_from: 2020-01-02\ -d date_to: 2020-04-19\ -d status: 1\ -d page: 2\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

    
                      

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10001&date_from=2020-01-02&date_to=2020-04-19&status=1&page=2&hash=fc85b97551f5a2b8bf28d916f2f8055d"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Example response (200):

    

[ { "total_page_available": 12, }, { "invoice": "INV0001", "prod_id": "", "total_amount": "1023.20", "buyer_name": "John", "buyer_email": "john@email.com", "phone": "01712345678", "address": "Jlan PJU 6/19 Kota Damansara", "city": "Petaling Jaya", "state": "Selangor", "postcode": "47810", "comment": "Comment from customer", "status": "Success", "pay_method": "fpx", "qlicknpay_ref_no": "10001-INV0001-035336-K4b", "time": "2021-01-18 23:53:36", }, { "invoice": "INV0002", "prod_id": "", "total_amount": "980.10", "buyer_name": "Max", "buyer_email": "max@email.com", "phone": "01712345678", "address": "Jlan PJU 6/19 Kota Damansara", "city": "Petaling Jaya", "state": "Selangor", "postcode": "47810", "comment": "Comment from customer", "status": "Cancel Transaction", "pay_method": "Credit/Debit Card", "qlicknpay_ref_no": "10001-INV0002-073511-Aaw", "time": "2021-01-17 17:22:11", }, { "invoice": "INV0003", "prod_id": "", "total_amount": "1520.15", "buyer_name": "Mark", "buyer_email": "mark@email.com", "phone": "01712345678", "address": "Jlan PJU 6/19 Kota Damansara", "city": "Petaling Jaya", "state": "Selangor", "postcode": "47810", "comment": "Comment from customer", "status": "Buyer Session Timeout At Account Selection Page", "pay_method": "fpx", "qlicknpay_ref_no": "10001-INV0003-075678-dwk", "time": "2021-01-15 18:27:17", } ]

    

[ { "total_page_available": 12, }, { "invoice": "INV0001", "prod_id": "", "total_amount": "1023.20", "buyer_name": "John", "buyer_email": "john@email.com", "phone": "01712345678", "address": "Jlan PJU 6/19 Kota Damansara", "city": "Petaling Jaya", "state": "Selangor", "postcode": "47810", "comment": "Comment from customer", "status": "Success", "pay_method": "fpx", "qlicknpay_ref_no": "10001-INV0001-035336-K4b", "time": "2021-01-18 23:53:36", }, { "invoice": "INV0002", "prod_id": "", "total_amount": "980.10", "buyer_name": "Max", "buyer_email": "max@email.com", "phone": "01712345678", "address": "Jlan PJU 6/19 Kota Damansara", "city": "Petaling Jaya", "state": "Selangor", "postcode": "47810", "comment": "Comment from customer", "status": "Cancel Transaction", "pay_method": "Credit/Debit Card", "qlicknpay_ref_no": "10001-INV0002-073511-Aaw", "time": "2021-01-17 17:22:11", }, { "invoice": "INV0003", "prod_id": "", "total_amount": "1520.15", "buyer_name": "Mark", "buyer_email": "mark@email.com", "phone": "01712345678", "address": "Jlan PJU 6/19 Kota Damansara", "city": "Petaling Jaya", "state": "Selangor", "postcode": "47810", "comment": "Comment from customer", "status": "Buyer Session Timeout At Account Selection Page", "pay_method": "fpx", "qlicknpay_ref_no": "10001-INV0003-075678-dwk", "time": "2021-01-15 18:27:17", } ]

Example response (400):

    

{ "response": "97", "msg": "Invalid date_from format." }

    

{ "response": "97", "msg": "Invalid date_from format." }

Example response (401):

    

{ "response": "99", "msg": "Verification fail" }

    

{ "response": "99", "msg": "Verification fail" }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: NUMBER
EXAMPLE: 10001
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Optional Arguments

Field Name Description
date_from By default the date will be the date of first settlement data.
  • Accept only numbers and '-' sign
  • Date format must be yyyy-mm-dd
TYPE: STRING
EXAMPLE: 2020-07-17
date_to By default the date will be the date of last settlement data.
  • Accept only numbers and '-' sign
  • Date format must be yyyy-mm-dd
TYPE: STRING
EXAMPLE: 2020-07-17
status By default the status will display all the status of the transactions.
  • Accept only numbers
  • 0 - All failed transactions, 1 - All success transactions, 2 - Both failed and success transactions
TYPE: INTEGER
EXAMPLE: 1
page By default the page is set to number 1.
  • Accept only numbers
  • Must be more than or equal to 1
TYPE: INTEGER
EXAMPLE: 2

Hashing Guides

This section will explain how to secure request. This will be used to generate the hash field in your request.

Field Name Example Value
merchant id 1000034
API YOURAPIKEY00192

Sample code to hash above values:
md5($api."|".$merchant_id);

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|1000034 will generate something like 609d3d1b0c3b93c22a17ed74092a6c31

Get Refund Status

In the unlikely event that the payment network does not automatically notify the merchant regarding customer's payment status, use this API to manually query the refund requested. This feature enables the merchant to retrieve their refund status by sending a request direct to the bank or payment provider network.

API Endpoint URLs

Requirement to use the API

Kindly get the following credentials ready in order to start using this feature.

You can retrieve these information at API Management page and your invoice no at Transaction Reports

Required Arguments

Example request:

    
                         

curl POST {Endpoint URL}\ -d merchant_id: 10001\ -d ref_no: 10011-FS789-REFUND-Mt\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

    
                      

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10001&invoice=10011-FS789-REFUND-Mt&hash=fc85b97551f5a2b8bf28d916f2f8055d"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Example response (FPX):

    

{ "response": "00", "status": "00", "msg": "Transaction Approved", "ref_no": "10011-FS789S-REFUND-Mt", "refund_list": "INV064714,1.5,00", }

    

{ "response": "00", "status": "00", "msg": "Transaction Approved", "ref_no": "10011-FS789S-REFUND-Mt", "refund_list": "INV064714,1.5,00", }

Response (400):

    

{ "response":"99", "msg":"This account is not valid to proceed with refund API", }

    

{ "response":"99", "msg":"This account is not valid to proceed with refund API", }

Response (401):

    

{ "response":"99", "msg":"Invalid data", }

    

{ "response":"99", "msg":"Invalid data", }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: NUMBER
EXAMPLE: 10001
ref_no Your invoice number
  • Accept only numbers and alphabets
  • Value is pre-defined by system or merchant
  • Please use the system generated reference number retrievable during the Refund API is called
TYPE: STRING
EXAMPLE: 10011-FS789-20181009-Mt
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Hashing Guides

This section will explain how to secure request. This will be used to generate the hash field in your request.

Field Name Example Value
merchant id 10011
API YOURAPIKEY00192
Reference No 10011-FS789-20181009-Mt

Sample code to hash above values:
md5($merchant_id."|".$api."|".$ref_no);

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
10011|YOURAPIKEY00192|10011-FS789-20181009-Mt will generate something like 90ed0b91a5599fead9636c174c7b1081

Get Bank List

This API return list of bank codes for online banking. You must use the bank codes returned by this API in order to use the Direct Payment API.

API Endpoint URLs

Requirement to use the API

Kindly get the following credentials ready in order to start using this feature.

You can retrieve these information at API Management page.

Required Arguments

Example request:

    

curl POST {Endpoint URL}\ -d merchant_id: 10115\ -d type: b2c\ -d hash: f67c2bcbfcfa30fccb36f72dca22a817\

    
                          

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10115&type=b2c&hash=f67c2bcbfcfa30fccb36f72dca22a817"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Example response:

    

[ { "bank_id": "ABB0233", "bank_name": "Affin Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/affin.png", "status": "Online" }, { "bank_id": "ABMB0212", "bank_name": "Alliance Bank (Personal)", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/alliance.png", "status": "Online" }, { "bank_id": "AMBB0209", "bank_name": "AmBank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/ambank.png", "status": "Online" }, { "bank_id": "BIMB0340", "bank_name": "Bank Islam", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/bankislam.png", "status": "Online" }, { "bank_id": "BKRM0602", "bank_name": "Bank Rakyat", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/bankrakyat.png", "status": "Online" }, { "bank_id": "BMMB0341", "bank_name": "Bank Muamalat", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/bankmuamalat.png", "status": "Online" }, { "bank_id": "BSN0601", "bank_name": "BSN", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/bsn.png", "status": "Online" }, { "bank_id": "BCBB0235", "bank_name": "CIMB Clicks", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/cimb.png", "status": "Online" }, { "bank_id": "HLB0224", "bank_name": "Hong Leong Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/hongleong.png", "status": "Online" }, { "bank_id": "HSBC0223", "bank_name": "HSBC Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/hsbc.png", "status": "Online" }, { "bank_id": "KFH0346", "bank_name": "KFH", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/kfh.png", "status": "Online" }, { "bank_id": "MB2U0227", "bank_name": "Maybank2U", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/maybank.png", "status": "Online" }, { "bank_id": "MBB0228", "bank_name": "Maybank2E", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/maybank.png", "status": "Online" }, { "bank_id": "OCBC0229", "bank_name": "OCBC Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/ocbc.png", "status": "Online" }, { "bank_id": "PBB0233", "bank_name": "Public Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/public.png", "status": "Online" }, { "bank_id": "RHB0218", "bank_name": "RHB Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/rhb.png", "status": "Online" }, { "bank_id": "SCB0216", "bank_name": "Standard Chartered", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/standard.png", "status": "Online" }, { "bank_id": "UOB0226", "bank_name": "UOB Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/uob.png", "status": "Online" } ]

    

[ { "bank_id": "ABB0233", "bank_name": "Affin Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/affin.png", "status": "Online" }, { "bank_id": "ABMB0212", "bank_name": "Alliance Bank (Personal)", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/alliance.png", "status": "Online" }, { "bank_id": "AMBB0209", "bank_name": "AmBank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/ambank.png", "status": "Online" }, { "bank_id": "BIMB0340", "bank_name": "Bank Islam", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/bankislam.png", "status": "Online" }, { "bank_id": "BKRM0602", "bank_name": "Bank Rakyat", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/bankrakyat.png", "status": "Online" }, { "bank_id": "BMMB0341", "bank_name": "Bank Muamalat", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/bankmuamalat.png", "status": "Online" }, { "bank_id": "BSN0601", "bank_name": "BSN", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/bsn.png", "status": "Online" }, { "bank_id": "BCBB0235", "bank_name": "CIMB Clicks", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/cimb.png", "status": "Online" }, { "bank_id": "HLB0224", "bank_name": "Hong Leong Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/hongleong.png", "status": "Online" }, { "bank_id": "HSBC0223", "bank_name": "HSBC Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/hsbc.png", "status": "Online" }, { "bank_id": "KFH0346", "bank_name": "KFH", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/kfh.png", "status": "Online" }, { "bank_id": "MB2U0227", "bank_name": "Maybank2U", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/maybank.png", "status": "Online" }, { "bank_id": "MBB0228", "bank_name": "Maybank2E", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/maybank.png", "status": "Online" }, { "bank_id": "OCBC0229", "bank_name": "OCBC Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/ocbc.png", "status": "Online" }, { "bank_id": "PBB0233", "bank_name": "Public Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/public.png", "status": "Online" }, { "bank_id": "RHB0218", "bank_name": "RHB Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/rhb.png", "status": "Online" }, { "bank_id": "SCB0216", "bank_name": "Standard Chartered", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/standard.png", "status": "Online" }, { "bank_id": "UOB0226", "bank_name": "UOB Bank", "image": "https://www.qlicknpay.com/merchant/img/bank-logo/uob.png", "status": "Online" } ]

Response (400):

    

{ "response": "98", "merchant_id": "No Bank List Selected. Please specify either b2c or b2b." }

    

{ "response": "98", "merchant_id": "No Bank List Selected. Please specify either b2c or b2b." }

Response (401):

    

{ "response": "99", "merchant_id": "Verification fail" }

    

{ "response": "99", "merchant_id": "Invalid data entered. Please inform the merchant about this error." }

Field Name Description
merchant_id Your merchant ID
TYPE: NUMBER
EXAMPLE: 10001
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
type Bank List Type. 'b2b' or 'b2c'
  • Accept ONLY alphabets
TYPE: STRING
EXAMPLE: b2c
hash The secure hash string to validate the request.
  • Accept ONLY alphabets
TYPE: STRING
EXAMPLE: f67c2bcbfcfa30fccb36f72dca22a817

Hashing Guides

This section will explain how to secure request. This will be used to generate the hash field in your request.

Field Name Example Value
API YOURAPIKEY00192
merchant id 1000034
type b2c

Sample code to hash above values:
md5($API."|".urldecode($merchant_id)."|".urldecode(type));

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|1000034|b2c will generate something like c6e5b4278728becdcb75b2e2f1205a56

Get Payment Status

In the unlikely event that the payment network does not automatically notify the merchant regarding customer's payment status, use this API to manually query the transaction. This feature enables the merchant to retrieve their transaction status by sending a request direct to the bank or payment provider network. You may use this to send an enquiry request to FPX, Mastercard Payment Gateway, Boost E Wallet or PayPal.

API Endpoint URLs

Requirement to use the API

Kindly get the following credentials ready in order to start using this feature.

You can retrieve these information at API Management page and your invoice no at Transaction Reports

Required Arguments

Example request:

    
                         

curl POST {Endpoint URL}\ -d merchant_id: 10001\ -d invoice: 10011-FS789-20181009-Mt\ -d method: 1\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

    
                      

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10001&invoice=10011-FS789-20181009-Mt&method=1&hash=fc85b97551f5a2b8bf28d916f2f8055d"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Example response (FPX):

    

{ "response": "00", "invoice": "10020-256552-010742-mE", "fpx_fpxTxnTime": "13 February 2019 9:07PM", "fpx_fpxTxnId": "1902132108200234", "fpx_buyerName": "MOHD SHAHRUL IZWAN BIN PU", "fpx_txnCurrency": "MYR", "fpx_sellerOrderNo": "10020-256552-010742-mE", "invoice": "10020-256552-010742-mE", "fpx_txnAmount": "1.50", "amount": "1.50", "fpx_buyerBankBranch": "MAYBANK2U", "status_code": "00", "status": "Transaction Approved" }

    

{ "response": "00", "invoice": "10020-256552-010742-mE", "fpx_fpxTxnTime": "13 February 2019 9:07PM", "fpx_fpxTxnId": "1902132108200234", "fpx_buyerName": "MOHD SHAHRUL IZWAN BIN PU", "fpx_txnCurrency": "MYR", "fpx_sellerOrderNo": "10020-256552-010742-mE", "invoice": "10020-256552-010742-mE", "fpx_txnAmount": "1.50", "amount": "1.50", "fpx_buyerBankBranch": "MAYBANK2U", "status_code": "00", "status": "Transaction Approved" }

Example response (Credit Card):

    

{ "response": "00", "invoice": "10020-256552-010742-mE", "time": "2018-12-24T03:11:33Z", "payer_first_name": "Shahrul", "payer_last_name": "Izwan", "mastercardID": "7X3UT2", "category_code": "10000026505", "transaction_result": "SUCCESS", "status": "SUCCESS", "status_code": "00", "amount": "102.00", }

    

{ "response": "00", "invoice": "10020-256552-010742-mE", "time": "2018-12-24T03:11:33Z", "payer_first_name": "Shahrul", "payer_last_name": "Izwan", "mastercardID": "7X3UT2", "category_code": "10000026505", "transaction_result": "SUCCESS", "status": "SUCCESS", "status_code": "00", "amount": "102.00", }

Example response (PayPal):

    

{ "response":"00", "invoice": "10001-ABC291-030337-22", "time":"2018-12-24T03:11:33Z", "transactionID":"PAYID-LQQE4ZI5JP23373M1681232C", "state":"approved", "cartID":"6D8321255A183234", "status":"VERIFIED", "status_code":"00", "payer_email":"shah1234@gmail.com", "payer_first_name":"John", "payer_last_name":"Cena", "payer_id":"6DWRXRGBRSHAS", "payer_phone":"173649337", "amount":"102.00" }

    

{ "response":"00", "invoice": "10001-ABC291-030337-22", "time":"2018-12-24T03:11:33Z", "transactionID":"PAYID-LQQE4ZI5JP23373M1681232C", "state":"approved", "cartID":"6D8321255A183234", "status":"approved", "status_code":"00", "payer_email":"shah1234@gmail.com", "payer_first_name":"John", "payer_last_name":"Cena", "payer_id":"6DWRXRGBRSHAS", "payer_phone":"173649337", "amount":"102.00" }

Example response (Boost eWallet):

    

{ "response":"00", "invoice": "10001-ABC291-030337-22", "transactionType":"payment", "transactionTime":"2019-11-29T15:05:54", "boostRefNum":"191123343541211", "customerLast4DigitMSISDN":"9224", "status":"completed", "status_code":"00", "onlineRefNum":"10001-ABC291-030337-22", "amount":"30.50" }

    

{ "response":"00", "invoice": "10001-ABC291-030337-22", "transactionType":"payment", "transactionTime":"2019-11-29T15:05:54", "boostRefNum":"191123343541211", "customerLast4DigitMSISDN":"9224", "status":"completed", "status_code":"00", "onlineRefNum":"10001-ABC291-030337-22", "amount":"30.50" }

Example response (2C2P eWallet):

    

{ "response":"00", "invoice": "10001-ABC291-030337-22", "transactionType":"payment", "transactionTime":"2019-11-29T15:05:54", "providerRefNum":"191123343541211", "status_code":"00", "status":"Transaction Approved", "amount":"30.50" }

    

{ "response":"00", "invoice": "10001-ABC291-030337-22", "transactionType":"payment", "transactionTime":"2019-11-29T15:05:54", "providerRefNum":"191123343541211", "status_code":"00", "status":"Transaction Approved", "amount":"30.50" }

Response (400):

    

{ "response":"98", "msg":"Sorry, we can't requery a failed transaction", }

    

{ "response":"98", "msg":"Sorry, we can't requery a failed transaction", }

Response (401):

    

{ "response":"99", "msg":"Invalid data", }

    

{ "response":"99", "msg":"Invalid data", }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: NUMBER
EXAMPLE: 10001
invoice Your invoice number
  • Accept only numbers and alphabets
  • Value is pre-defined by system or merchant
  • To get an accurate result, please use the system generated invoice number retrievable at Transaction Reports page
TYPE: STRING
EXAMPLE: 10011-FS789-20181009-Mt
method Transaction method
  • 1 = Payment using QlicknPay Payment Gateway
  • 2 = Payment using QlicknPay SMS/Email Notification Invoices
TYPE: NUMBER
EXAMPLE: 1
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Hashing Guides

This section will explain how to secure request. This will be used to generate the hash field in your request.

Field Name Example Value
merchant id 1000034
API YOURAPIKEY00192
Invoice No FS789
Method 1

Sample code to hash above values:
md5($merchant_id."|".$api."|".$invoice. "|" .$method);

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
1000034|YOURAPIKEY00192|1000034-97062134-123619-PXP|1 will generate something like fc85b97551f5a2b8bf28d916f2f8055d

Common Response

The response variables for every payment type is slightly different from one another but some of it is a common variable that has the same variable name. You can refer these variable for your system to update the payment status.

Variable Name Description
invoice Your Invoice Number.
Example : INV00001
status_code Payment Status Code.
Example : 00
status Payment Status Message.
Example : Transaction Approved
amount 25.50

Errors Guides (Response Code)

The API will return error messages if any of the variables sent is invalid.

Error Code Description
00 Success / No error
97 Transaction Pending
99 Invalid invoice number
98 Transaction for the invoice failed
97 Invalid verification / Hashing

Get Settlement

You can retrieve all settlement records (successful transactions) for your account by calling this API.

API Endpoint URLs

Requirement to use the API

Kindly get the following credentials ready in order to start using this feature.

You can retrieve these information at API Management page.

Required Arguments

Example request:

    
                         

curl POST {Endpoint URL}\ -d merchant_id: 10001\ -d date_from: 2020-01-02\ -d date_to: 2020-04-19\ -d page: 2\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

    
                      

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10001&date_from=2020-01-02&date_to=2020-04-19&page=2&hash=fc85b97551f5a2b8bf28d916f2f8055d"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Example response (200):

    

[ { "method": "FPX", "date": "2020-04-13 20:10:39", "invoice_no": "122384001", "amount": "69.00", "fee": "1.50", "due": "67.50" }, { "method": "FPX", "date": "2020-04-13 20:35:16", "invoice_no": "122435184", "amount": "22.50", "fee": "1.50", "due": "21.00" }, { "method": "FPX", "date": "2020-04-14 11:09:20", "invoice_no": "122622048", "amount": "69.00", "fee": "1.50", "due": "67.50" } ]

    

[ { "method": "FPX", "date": "2020-04-13 20:10:39", "invoice_no": "122384001", "amount": "69.00", "fee": "1.50", "due": "67.50" }, { "method": "FPX", "date": "2020-04-13 20:35:16", "invoice_no": "122435184", "amount": "22.50", "fee": "1.50", "due": "21.00" }, { "method": "FPX", "date": "2020-04-14 11:09:20", "invoice_no": "122622048", "amount": "69.00", "fee": "1.50", "due": "67.50" } ]

Example response (400):

    

{ "response": "97", "msg": "Invalid date_from format." }

    

{ "response": "97", "msg": "Invalid date_from format." }

Example response (401):

    

{ "response": "99", "msg": "Verification fail" }

    

{ "response": "99", "msg": "Verification fail" }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: NUMBER
EXAMPLE: 10001
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Optional Arguments

Field Name Description
date_from By default the date will be the date of first settlement data.
  • Accept only numbers and '-' sign
  • Date format must be yyyy-mm-dd
TYPE: STRING
EXAMPLE: 2020-07-17
date_to By default the date will be the date of last settlement data.
  • Accept only numbers and '-' sign
  • Date format must be yyyy-mm-dd
TYPE: STRING
EXAMPLE: 2020-07-17
page By default the page is set to number 1.
  • Accept only numbers
  • Must be more than or equal to 1
TYPE: INTERGER
EXAMPLE: 2

Hashing Guides

This section will explain how to secure request. This will be used to generate the hash field in your request.

Field Name Example Value
merchant id 1000034
API YOURAPIKEY00192

Sample code to hash above values:
md5($api."|".$merchant_id);

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|1000034 will generate something like 609d3d1b0c3b93c22a17ed74092a6c31

Get Disburse Records

You can retrieve all disbursement records for your account by calling this API.

API Endpoint URLs

Requirement to use the API

Kindly get the following credentials ready in order to start using this feature.

You can retrieve these information at API Management page.

Required Arguments

Example request:

    
                         

curl POST {Endpoint URL}\ -d merchant_id: 10001\ -d date_from: 2020-01-02\ -d date_to: 2020-04-19\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

    
                      

$ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "merchant_id=10001&date_from=2020-01-02&date_to=2020-04-19&hash=fc85b97551f5a2b8bf28d916f2f8055d"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Example response (200):

    

[ { "date_paid": "2020-04-16 00:00:00", "reference_no": "1587042694971184", "amount_paid": "355.50", "payment_to": "12356789" }, { "date_paid": "2020-04-17 00:00:00", "reference_no": "1587122268975321", "amount_paid": "211.80", "payment_to": "12356789" } ]

    

[ { "date_paid": "2020-04-16 00:00:00", "reference_no": "1587042694971184", "amount_paid": "355.50", "payment_to": "562302619468" }, { "date_paid": "2020-04-17 00:00:00", "reference_no": "1587122268975321", "amount_paid": "211.80", "payment_to": "12356789" } ]

Example response (400):

    

{ "response": "97", "msg": "Invalid date_from format." }

    

{ "response": "97", "msg": "Invalid date_from format." }

Example response (401):

    

{ "response": "99", "msg": "Verification fail" }

    

{ "response": "99", "msg": "Verification fail" }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: NUMBER
EXAMPLE: 10001
hash The secure hash string to validate the request. Refer our Hashing Guides Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Optional Arguments

Field Name Description
date_from By default the date will be the date of first settlement data.
  • Accept only numbers and '-' sign
  • Date format must be yyyy-mm-dd
TYPE: STRING
EXAMPLE: 2020-07-17
date_to By default the date will be the date of last settlement data.
  • Accept only numbers and '-' sign
  • Date format must be yyyy-mm-dd
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Hashing Guides

This section will explain how to secure request. This will be used to generate the hash field in your request.

Field Name Example Value
merchant id 1000034
API YOURAPIKEY00192

Sample code to hash above values:
md5($api."|".$merchant_id);

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|1000034 will generate something like 609d3d1b0c3b93c22a17ed74092a6c31

Tokenization

This feature allows you to perform card tokenization from MasterCard Payment Gateway Service(MPGS), and use the token to charge your customer later. This is suitable for subscription or recurring billing use cases.

Tokenization Flow

  1. Create Verification URL for payer.
  2. Redirect payer to Verification URL, Payer performs verification at MPGS thus reducing your PCI Compliance as sensitive card data does not need to be captured at your system or ours
  3. Once verification is done, our system will send an email and callback data to your callback URL with the Token ID
  4. You may use the Token ID to initiate a payment by using the Charge Card API.
  5. For every successful payment (by token), please wait 5 minutes before making a new payment with the same token ID.
  6. Use Delete Card API to remove the available token and use the same Verification URL to change or update the card details.

Create Verification URL

Use this API to create Verification URL for your customer. The URL provided will allow your customer to enter their card details at MPGS for verification purpose. Remember to store the response, as no card details will be stored in QlicknPay's servers.

Below is a Tokenization flow diagram to retrieve the token ID

API Endpoint URLs

Required Arguments

Example request:

     

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d merchant_id: 10010\ -d reference_id: REFERENCEID01\ -d callback_url_be: http://www.webina.me/callback\ -d callback_url_fe_succ: https://webina.me/success\ -d callback_url_fe_fail: https://webina.me/fail\ -d skip_receipt: 0\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

     

$data_request = array( 'merchant_id' => '10010', 'reference_id' => 'REFERENCEID01', 'callback_url_be' => 'http://www.webina.me/callback', 'callback_url_fe_succ' => 'https://webina.me/success', 'callback_url_fe_fail' => 'https://webina.me/fail', 'skip_receipt' => '0', 'hash' => 'fc85b97551f5a2b8bf28d916f2f8055d', ); $fields_string = json_encode($data_request); $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-type: multipart/form-data')); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

     

{ "response": "00", "reference_id": "REFERENCEID01", "callback_url_be": "http://www.webina.me/callback", "success_url": "https://webina.me/success", "fail_url": "https://webina.me/fail", "skip_receipt": "0", "credit_card_verification_url": "https://www.qlicknpay.com/s?TM20306004565", "created": "2021-04-19 12:40:34", "modified": "2021-04-19 12:40:34" }

     

{ "response": "00", "reference_id": "REFERENCEID01", "callback_url_be": "http://www.webina.me/callback", "success_url": "https://webina.me/success", "fail_url": "https://webina.me/fail", "skip_receipt": "0", "credit_card_verification_url": "https://www.qlicknpay.com/s?TM20306004565", "created": "2021-04-19 12:40:34", "modified": "2021-04-19 12:40:34" }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10001
reference_id Your unique reference ID
  • Accept alphabets and numbers only.
  • Length: Max 20 characters.
  • Ampersand (&), apostrophe (') and dash (-) is not accepted
TYPE: STRING
EXAMPLE: REFERENCEID01
hash The secure hash string to validate the request. Refer our Hashing Guide Tab for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Optional Arguments

Field Name Description
callback_url_be Callback URL for your back-end process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • Host name must be the same as the URL or Whitelist Domain specified in API Management page
  • API Management page
  • The default value will be ignored if this field is specified
TYPE: STRING
EXAMPLE: http://www.webina.me/callback
callback_url_fe_succ Callback URL for your front-end successful transaction process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • API Management page
  • The default value will be ignored if this field is specified
TYPE: STRING
EXAMPLE: http://www.webina.me/success
callback_url_fe_fail Callback URL for your front-end failed transaction process
  • Accepts only valid URL (starts with HTTP / HTTPS)
  • API Management page
  • The default value will be ignored if this field is specified
TYPE: STRING
EXAMPLE: http://www.webina.me/fail
skip_receipt Skip QlicknPay receipt page and directly to merchant page. Set '0' as false and '1' as true
  • Accepts only integer
  • Default value is '0'
TYPE: INTEGER
EXAMPLE: 0

Hashing Guide

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
merchant id 10010
Reference ID REFERENCEID01

Format: API Key + | + Merchant ID + | + Reference ID

Sample code to hash above values:
md5($API."|".urldecode($merchant_id)."|".urldecode($reference_id));

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|10010|REFERENCEID01 will generate something like 8b125ceb7739fe8260697865e59f481c

How to receive the Credit Card Verification response (via callback)?

The response for Credit Card Verification will be sent back to your specified back-end URL in the following format using POST method. You will receive this response after your customer successfully completed the card verification.

Field Name Example Value
reference_id Your unique reference ID
  • Alphabets and numbers only.
  • Length: Max 20 characters.
  • Ampersand (&), apostrophe (') and dash (-) is not accepted
TYPE: STRING
EXAMPLE: REFERENCEID01
txn_status Response code of the status of verification.* Refer Response Code table for description.
  • Alphabets and numbers only.
  • Length: Max 2 characters.
TYPE: STRING
EXAMPLE: 00
msg Message status for verification
  • Alphabets and numbers only.
TYPE: STRING
EXAMPLE: Verification Approved
token Unique ID for Card's Token
  • Alphabets and numbers only.
TYPE: STRING
EXAMPLE: e3b0c44vcr2e1c1c149afbf4c8996fb92427ae41esq124334ca4111452b855ved
hash Secure hash string to validate the response sent to your callback endpoint. Refer below for more information on how to generate the secure hash string.
  • Alphabets and numbers only.
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw
nameOnCard Name on the card
  • Alphabets only.
TYPE: STRING
EXAMPLE: JOHN SMITH
numberCard Card number
  • Alphabets and numbers only.
TYPE: STRING
EXAMPLE: 512345xxxxxx0008
schemeCard Card scheme
  • Alphabets only.
TYPE: STRING
EXAMPLE: MASTERCARD
issuerCard Card issuer
  • Alphabets and numbers only.
TYPE: STRING
EXAMPLE: MAYBANK BERHAD
expiryMonthCard Card expiry (Month)
  • Numbers only.
TYPE: INTEGER
EXAMPLE: 5
expiryYearCard Card expiry (Year)
  • Numbers only.
TYPE: INTEGER
EXAMPLE: 21
fundingMethodCard Card funding method
  • Alphabets and numbers only.
TYPE: STRING
EXAMPLE: CREDIT

Hashing Guide

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
Reference ID REFERENCEID01
Transaction Status Code 00
Transaction Status Message Verification Approved
Token e3b0c44vcr2e1c1c149afbf4c8996fb92427ae41esq124334ca4111452b855ved

Format: API Key + Reference ID + Transaction Status Code + Transaction Status Message + Token

Sample code to hash above values: md5($api.$reference_id.$status_code.$status_msg.$token);

For example, if the details received are as above, the hash string to be generated is constructed as follows: YOURAPIKEY00192REFERENCEID0100Verification Approvede3b0c44vcr2e1c1c149afbf4c8996fb92427ae41esq124334ca4111452b855ved will generate something like d1be855ccbb2aaf054e2a818c5ee7b94

If the generated hash string is the same with the hash sent in the response message, the data is safe from tampering.

Charge Card by Using Token

Use this API to charge VISA / MasterCard card with token generated.

Below is a Tokenization flow diagram on how to charge the card by using the token ID provided

API Endpoint URLs

URL Parameters

Field Name Example Value
{Token ID} Token ID that you received from your callback endpoint
  • Alphabets and numbers only.
TYPE: STRING
EXAMPLE: e3b0c44vcr2e1c1c149afbf4c8996fb92427ae41esq124334ca4111452b855ved

Required Arguments

Example request (Charge Card):

         

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d merchant_id: 10010\ -d invoice: INV01\ -d amount: 10.50\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

         

$data_request = array( 'merchant_id' => '10010', 'invoice' => 'INV01', 'amount' => '10.50', 'hash' => 'fc85b97551f5a2b8bf28d916f2f8055d', ); $fields_string = json_encode($data_request); $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-type: multipart/form-data')); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

         

{ "response": "00", "txn_status": "00", "msg": "Payment Successful", "reason": "", "invoice": "INV01", "amount": "10.50", "token": "e3b0c44vcr2e1c1c149afbf4c8996fb92427ae41esq124334ca4111452b855ved" }

         

{ "response": "00", "txn_status": "00", "msg": "Payment Successful", "reason": "", "invoice": "INV01", "amount": "10.50", "token": "e3b0c44vcr2e1c1c149afbf4c8996fb92427ae41esq124334ca4111452b855ved" }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10001
invoice Your unique invoice number
  • Accept alphabets, numbers and some special characters.
  • Length: Max 20 characters.
  • Ampersand (&), apostrophe (') and dash (-) is not accepted
TYPE: INTEGER
EXAMPLE: INV01
amount Final amount to be paid by payer
  • Accept ONLY numbers
  • Must be in 2 decimal places (d.p) format.
  • Must be more than or equal 1.50.
TYPE: STRING
EXAMPLE: 10.50

Optional Argument

This optinal variable is only available in sandbox enviroment.

sandbox_charge_status Charge simulation status. Set '0' for a sample successful charge card. Otherwise, the charge is return as unsuccessful payment.
  • Accept ONLY numbers
  • Default value is '0'
TYPE: INT
EXAMPLE: 0

Hashing Guide

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
merchant id 10010
Token ID e3b0c44vcr2e1c1c149afbf4c8996fb92427ae41esq124334ca4111452b855ved
Invoice INV01
Amount 10.50

Format:
API Key + | + Merchant ID + | + Token ID + | + Invoice + | + Amount

Sample code to hash above values:
md5($api."|".urldecode($merchant_id)."|".urldecode($token)."|".urldecode($invoice)."|".urldecode($amount));

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|10010|e3b0c44vcr2e1c1c149afbf4c8996fb92427ae41esq124334ca4111452b855ved|INV01|10.50 will generate something like ec9f056a575b44ed441a10f977a00257

Delete Card

Use this API to delete the card Token. Once the card token is successfully deleted, you can initiate another verification with the same reference number or same URL provided.

API Endpoint URLs

URL Parameters

Field Name Example Value
{Reference ID / Token ID} Your unique reference ID or Token ID
  • Accept alphabets and numbers only.
  • Length: Max 20 characters for Reference ID and 64 characters for Token ID.
  • Ampersand (&), apostrophe (') and dash (-) is not accepted
TYPE: STRING
EXAMPLE: REFERENCEID01

Required Arguments

Example request:

            

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d merchant_id: 10010\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

            

$data_request = array( 'merchant_id' => '10010', 'hash' => 'fc85b97551f5a2b8bf28d916f2f8055d', ); $fields_string = json_encode($data_request); $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-type: multipart/form-data')); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

            

{ "response": "00", "msg": "Successfully delete the Token", "reference_id": "REFERENCEID01" }

            

{ "response": "00", "msg": "Successfully delete the Token", "reference_id": "REFERENCEID01" }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10001
hash The secure hash string to validate the request. Refer our Hashing Guide below for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Hashing Guide

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
merchant id 10010
Reference ID / Token ID REFERENCEID01

Format: API Key + | + Merchant ID + | + Reference ID

Sample code to hash above values:
md5($API."|".urldecode($merchant_id)."|".urldecode($reference_id));

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|10010|REFERENCEID01 will generate something like 8b125ceb7739fe8260697865e59f481c

Get Available Token

Use this API to get all available Token that you have created. Max display per page is 100 rows.

API Endpoint URLs

Required Arguments

Example request:

             

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d merchant_id: 10010\ -d date_from: 2021-04-14\ -d date_to: 2021-04-19\ -d status: 3\ -d page: 1\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

             

$data_request = array( 'merchant_id' => '10010', 'date_from' => '2021-04-14', 'date_to' => '2021-04-19', 'status' => '3', 'page' => '1', 'hash' => 'fc85b97551f5a2b8bf28d916f2f8055d', ); $fields_string = json_encode($data_request); $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-type: multipart/form-data')); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

             

[ { "total_page_available": 1, }, { "reference_id": "REFID01", "verification_status": "Success", "token": "547b946bda42d20a35b6bas19231d3n13ud16f3b2fa04ee73e6c6470b779ec314", "credit_card_verification_url": "https://www.qlicknpay.com/s?TMzRUT0tFKiUY", "created": "2021-04-19 10:06:50", "modified": "2021-04-19 11:10:25", }, { "reference_id": "REFID02", "verification_status": "Failed", "token": "e3b0c44298fc1c149afbfs12301iw9jfb92427ae41e4649b934ca495991b7852b855", "credit_card_verification_url": "https://www.qlicknpay.com/s?TMzRUT0tAuI7", "created": "2021-04-19 13:15:40", "modified": "2021-04-19 14:44:10", }, { "reference_id": "REFID03", "verification_status": "Delay", "token": '', "credit_card_verification_url": "https://www.qlicknpay.com/s?TMzRUT0tkKSH", "created": "2021-04-19 13:15:40", "modified": "2021-04-19 14:44:10", } ]

             

[ { "total_page_available": 1, }, { "reference_id": "REFID01", "verification_status": "Success", "token": "547b946bda42d20a35b6bas19231d3n13ud16f3b2fa04ee73e6c6470b779ec314", "credit_card_verification_url": "https://www.qlicknpay.com/s?TMzRUT0tFKiUY", "created": "2021-04-19 10:06:50", "modified": "2021-04-19 11:10:25", }, { "reference_id": "REFID02", "verification_status": "Failed", "token": "e3b0c44298fc1c149afbfs12301iw9jfb92427ae41e4649b934ca495991b7852b855", "credit_card_verification_url": "https://www.qlicknpay.com/s?TMzRUT0tAuI7", "created": "2021-04-19 13:15:40", "modified": "2021-04-19 14:44:10", }, { "reference_id": "REFID03", "verification_status": "Delay", "token": '', "credit_card_verification_url": "https://www.qlicknpay.com/s?TMzRUT0tkKSH", "created": "2021-04-19 13:15:40", "modified": "2021-04-19 14:44:10", } ]

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: NUMBER
EXAMPLE: 10001
hash The secure hash string to validate the request. Refer our Hashing Guides below for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Optional Arguments

Field Name Description
date_from By default the date will be the date of first data.
  • Accept only numbers and '-' sign
  • Date format must be yyyy-mm-dd
TYPE: STRING
EXAMPLE: 2020-07-17
date_to By default the date will be the date of last data.
  • Accept only numbers and '-' sign
  • Date format must be yyyy-mm-dd
TYPE: STRING
EXAMPLE: 2020-07-17
status By default the status will display all the status of the data.
  • Accept only numbers
  • 0 - All failed verification, 1 - All success verification, 2 - Both failed and success verification, 3 - Failed, success and delay verification
TYPE: INTEGER
EXAMPLE: 3
page By default the page is set to number 1.
  • Accept only numbers
  • Must be more than or equal to 1
TYPE: INTEGER
EXAMPLE: 2

Hashing Guides

This section will explain how to secure request. This will be used to generate the hash field in your request.

Field Name Example Value
merchant id 10010
API YOURAPIKEY00192

Format: API Key + | + Merchant ID

Sample code to hash above values:
md5($api."|".$merchant_id);

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|10010 will generate something like 2647dbdcd89734fe9e95f2d6f68bd826

Get Token Details

Use this API to retrieve specific token in more details.

API Endpoint URLs

URL Parameters

Field Name Example Value
{Reference ID} Your unique reference ID
  • Accept alphabets and numbers only.
  • Length: Max 20 characters.
  • Ampersand (&), apostrophe (') and dash (-) is not accepted
TYPE: STRING
EXAMPLE: REFERENCEID01

Required Arguments

Example request (Get Token Details):

              

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d merchant_id: 10010\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

              

$data_request = array( 'merchant_id' => '10010', 'hash' => 'fc85b97551f5a2b8bf28d916f2f8055d', ); $fields_string = json_encode($data_request); $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-type: multipart/form-data')); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

              

{ "response": "00", "reference_id": "REFERENCEID01", "verification_status": "Success", "token": "e3b0c44vcr2e1c1c149afbf4c8996fb92427ae41esq124334ca4111452b855ved", "callback_url_be": "https:\/\/www.webina.me\/callback", "callback_url_fe_succ": "https:\/\/www.webina.me\/success", "callback_url_fe_fail": "https:\/\/www.webina.me\/failed", "skip_receipt": false, "credit_card_verification_url": "https:\/\/www.qlicknpay.com\/s?TMzRUT0tAuI7", "created": "2021-04-19 13:15:40", "modified": "2021-04-19 14:44:10" }

              

{ "response": "00", "reference_id": "REFERENCEID01", "verification_status": "Success", "token": "e3b0c44vcr2e1c1c149afbf4c8996fb92427ae41esq124334ca4111452b855ved", "callback_url_be": "https:\/\/www.webina.me\/callback", "callback_url_fe_succ": "https:\/\/www.webina.me\/success", "callback_url_fe_fail": "https:\/\/www.webina.me\/failed", "skip_receipt": false, "credit_card_verification_url": "https:\/\/www.qlicknpay.com\/s?TMzRUT0tAuI7", "created": "2021-04-19 13:15:40", "modified": "2021-04-19 14:44:10" }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10010
hash The secure hash string to validate the request. Refer our Hashing Guide below for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Hashing Guide

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
merchant id 10010
Reference ID REFERENCEID01

Format: API Key + | + Merchant ID + | + Reference ID

Sample code to hash above values:
md5($API."|".urldecode($merchant_id)."|".urldecode($reference_id));

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|10010|REFERENCEID01 will generate something like 8b125ceb7739fe8260697865e59f481c

Get Transactions

Use this API to get all available transaction that was charged using tokens. Max display per page is 100 rows.

API Endpoint URLs

Required Arguments

Example request:

               

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d merchant_id: 10010\ -d date_from: 2021-04-14\ -d date_to: 2021-04-19\ -d status: 3\ -d page: 1\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

               

$data_request = array( 'merchant_id' => '10010', 'date_from' => '2021-04-14', 'date_to' => '2021-04-19', 'status' => '3', 'page' => '1', 'hash' => 'fc85b97551f5a2b8bf28d916f2f8055d', ); $fields_string = json_encode($data_request); $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-type: multipart/form-data')); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

               

[ { "total_page_available": 1, }, { "reference_id": "REFID01", "invoice": "INV01", "amount": "12.50", "status": "Payment Successful", "time": "2021-04-19 10:06:50", } ]

               

[ { "total_page_available": 1, }, { "reference_id": "REFID01", "invoice": "INV01", "amount": "12.50", "status": "Payment Successful", "time": "2021-04-19 10:06:50", } ]

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: NUMBER
EXAMPLE: 10001
hash The secure hash string to validate the request. Refer our Hashing Guides below for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Optional Arguments

Field Name Description
date_from By default the date will be the date of first data.
  • Accept only numbers and '-' sign
  • Date format must be yyyy-mm-dd
TYPE: STRING
EXAMPLE: 2020-07-17
date_to By default the date will be the date of last data.
  • Accept only numbers and '-' sign
  • Date format must be yyyy-mm-dd
TYPE: STRING
EXAMPLE: 2020-07-17
status By default the status will display all the status of the data.
  • Accept only numbers
  • 0 - All failed verification, 1 - All success verification, 2 - Both failed and success verification, 3 - Failed, success and delay verification
TYPE: INTEGER
EXAMPLE: 3
page By default the page is set to number 1.
  • Accept only numbers
  • Must be more than or equal to 1
TYPE: INTEGER
EXAMPLE: 2

Hashing Guides

This section will explain how to secure request. This will be used to generate the hash field in your request.

Field Name Example Value
merchant id 10010
API YOURAPIKEY00192

Format: API Key + | + Merchant ID

Sample code to hash above values:
md5($api."|".$merchant_id);

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|10010 will generate something like 2647dbdcd89734fe9e95f2d6f68bd826

Get Transaction Details

Use this API to retrieve specific transactions in more details.

API Endpoint URLs

URL Parameters

Field Name Example Value
{Invoice} Your unique Invoice ID
  • Accept alphabets and numbers only.
  • Length: Max 20 characters.
  • Ampersand (&), apostrophe (') and dash (-) is not accepted
TYPE: STRING
EXAMPLE: INV01

Required Arguments

Example request (Get Transaction Details):

                

curl POST {Endpoint URL}\ -H 'Content-Type: application/json'\ -d merchant_id: 10010\ -d hash: fc85b97551f5a2b8bf28d916f2f8055d\

                

$data_request = array( 'merchant_id' => '10010', 'hash' => 'fc85b97551f5a2b8bf28d916f2f8055d', ); $fields_string = json_encode($data_request); $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-Type:application/json')); curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-type: multipart/form-data')); curl_setopt($ch, CURLOPT_URL,"POST {Endpoint URL}"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close ($ch)

Response (200):

                

{ "response": "00", "reference_id": "REFERENCEID01", "invoice": "INV01", "amount": "12.50", "status": "Payment Successful", "time": "2021-04-19 13:15:40" }

                

{ "response": "00", "reference_id": "REFERENCEID01", "invoice": "INV01", "amount": "12.50", "status": "Payment Successful", "time": "2021-04-19 13:15:40" }

Field Name Description
merchant_id Your merchant ID
  • Accept only numbers
  • Value is pre-defined by system
  • Do not modify this value to avoid error
TYPE: INTEGER
EXAMPLE: 10010
hash The secure hash string to validate the request. Refer our Hashing Guide below for more information on how to generate the secure hash string.
  • Generated value must contain only alphabets and numbers
TYPE: STRING
EXAMPLE: dc8e364d222d6025cbc505674b701asdw

Hashing Guide

This section will explain how to secure request. This will be used to generate the hash field in your request from merchant's site.

Field Name Example Value
API YOURAPIKEY00192
merchant id 10010
Invoice ID INV01

Format: API Key + | + Merchant ID + | + Invoice ID

Sample code to hash above values:
md5($API."|".urldecode($merchant_id)."|".urldecode($invoice));

For example, if the details to be sent are as above, the hash string to be generated is constructed as follows:
YOURAPIKEY00192|10010|INV01 will generate something like c42f4a37aa482c5f2f736a9e864470d7

OpenCart

Kindly ensure your OpenCart version is compatible before proceeding to download and install QlicknPay's plugin.

 
Click the URL below to view supported version of OpenCart before using our QlicknPay's plugin.
https://www.opencart.com/?QlicknPay

Download OpenCart Plugins

Once you have ensure your OpenCart version is compatible with QlicknPay, click here and click on the "Download" button to download the plugin.

Begin Installation

  1. Login into your OpenCart Admin Panel using your OpenCart login credentials.
  2. Proceed to "Extension Installer" setting.
  3. Click on the upload button and choose the .zip folder from the downloaded file.
  4. Wait until the installation process finishes before clicking on the "Continue" button to proceed.

Configuring Your QlicknPay Plugin

NOTE: You will need your QlicknPay's Merchant ID and API Key in this step. Click here to retrieve your Merchant ID and API Key.

  1. In the OpenCart Admin Panel, go to the Extension List page and choose "Payment" as the extension type selection option.
  2. Search for QlicknPay extension and click on the "Edit" button.
  3. Fill in all the required fields accordingly and save the changes.

Start Selling

Once you have configured your QlicknPay Plugin, kindly perform at least one test transaction before you start selling.

Prestashop

Kindly ensure your PrestaShop version is compatible before proceeding to download and install QlicknPay's plugin. Below are the supported version of PrestaShop to use QlicknPay's plugin.

 
  • 1.4
  • 1.6
  • 1.7
  • Any version after the listed versions

Download Prestashop Plugins

  1. Version 1.4
  2. Version 1.6
  3. Version 1.7 and above

Begin Installation

After your download has finished, follow these steps to start installing the plugin.

Configuring Your QlicknPay Plugin

Once the installation process has finished, follow these steps to begin configuring your QlicknPay Plugin.
NOTE: You will need your QlicknPay's Merchant ID and API Key in this step. Click here to retrieve your Merchant ID and API Key.

  1. In the PrestaShop Admin Panel, go to the Module and click on the "Configure" button next to the QlicknPay Module List.
  2. Fill in all the required fields accordingly and save the changes.

Start Selling

Once you have configured your QlicknPay Plugin, kindly perform at least one test transaction before you start selling.

WooCommerce

QlicknPay's Plugin for WooCommerce is supported by both older and newer versions of WooCommerce.

Download WooCommerce Plugin

Download the QlicknPay's Plugin for WooCommerce by clicking here.

Begin Installation

  1. Login into your WooCommerce Admin Panel using your WooCommerce login credentials.
  2. Go to the "Add Plugin" page by clicking on Plugins > Add New on the left side menu.
  3. Click on the "Upload Plugin" button and choose the downloaded .zip file.
  4. Click on "Install Now" then activate the plugin by clicking on "Activate Plugin" once the installation process finishes.

Configuring Your QlicknPay Plugin

NOTE: You will need your QlicknPay's Merchant ID and API Key in this step. Click here to retrieve your Merchant ID and API Key.

  1. In the WooCommerce Admin Panel, click on "Settings".
  2. Fill in all the required fields accordingly, enable the plugin by clicking on the "Enable/Disable" checkbox and save the changes.

Start Selling

Once you have configured your QlicknPay Plugin, kindly perform at least one test transaction before you start selling.

Ecwid

Follow these steps to start installing the plugin.

  1. Login into your ECWID Admin Panel using your ECWID login credentials.
  2. Go to "Payment" page by clicking on Payment menu.
  3. Go to "Add New Payment Method" section, click on the "Choose Payment Processor" button and choose QlicknPay (displayed as PayDirect FPX in the dropdown list).
  4. Once you have chosen QlicknPay (PayDirect FPX) in the list, ECWID will automatically redirect you to QlicknPay (PayDirect FPX) Control Panel page.

Configuring Your QlicknPay Plugin

NOTE: You will need your QlicknPay's Merchant ID and API Key in this step. Click here to retrieve your Merchant ID and API Key.

  1. Fill in all the required fields accordingly.
  2. Choose your account type (Production) in the "Advanced Settings" section.
  3. Once you have filled in all fields and choose your account type, refresh the page for the changes to take place.

Start Selling

Once you have configured your QlicknPay Plugin, kindly perform at least one test transaction before you start selling.

Drupal

QlicknPay's Plugin for Drupal is only compatible for Drupal 8 provided that Drupal Commerce is also installed in your server.

Download Drupal Plugin

Download the QlicknPay's Plugin for Drupal by clicking here.

Begin Installation

After your download has finished, install the plugin into your system and proceed to configure the plugin.

Configuring Your QlicknPay Plugin

NOTE: You will need your QlicknPay's Merchant ID and API Key in this step. Click here to retrieve your Merchant ID and API Key.

  1. Login into your Drupal Admin Panel using your Drupal login credentials.
  2. Click on "Commerce" tab to proceed with configuring the plugin.
  3. Next, click on the "Configuration" tab.
  4. Click on "Payment Gateways" configuration.
  5. Click on "Add payment gateway" button to add and enable QlicknPay as your payment gateway.
  6. Fill in all the required fields accordingly, enable the plugin by clicking on the "Enable" checkbox in the Status Option and save the changes.

Easystore

Follow these steps to start installing the payment gateway.

NOTE: You will need your Betterpay's Merchant ID and API Key in this step. Click here to retrieve your Merchant ID and API Key.

  1. Login into your Easystore Admin Panel.
  2. Go to "Settings" page by clicking on Settings on the left side menu.
  3. Go to "Payments" section.
  4. Click on "Add payment method" button and choose "Betterpay".
  5. Fill all requirement information and click save.
  6. Your payment gateway is now available in your checkout pages.

Start Selling

Once you have configured your Betterpay Plugin, kindly perform at least one test transaction before you start selling.

For sandbox account, please follow these instructions

  1. At checkout pages, you need to manually enter parameters ?testing=true at the end of Storefront checkout url.
  2. Example:
    https://yourstore.easy.co/sf/checkout/9b6a59bf-f971-4b4b-b3c4-f0b485db89a7?testing=true
  3. Proceed to the URL.
  4. Fill all payment details and proceed to the payment as usual.

PayPal

How to get your PayPal Client ID and PayPal Secret Key.

Login into your Developer PayPal Account. Go to https://developer.paypal.com/ and log into main page.

Go to your Dashboard Page

After successfully login into your account, find the drop down menu at your top right corner. Click on Dashboard.

Create a REST API apps

On REST API apps section, click on Create App button.

Create your App. You can choose your own App Name and SandBox developer account.

Get your Client ID and Secret Key

PayPal system will give you an ID for API integration. Use those Client ID and Secret ID to enable PayPal payment

Use your 'Sandbox' ID for Demo account (https://www.demo.qlicknpay.com/) and 'Live' ID for live production account (https://www.qlicknpay.com/)

Third Party Platform Guides

Merchant will be able to synchronize their products on Lazada/Shopee and QlicknPay using our Lazada/Shopee API. Each sold / updated / deleted product will be reflected in both Lazada/Shopee and QlicknPay.

Lazada

You will need your Lazada App Key and App Secret in order to use this feature.

Please follow the following steps to get your Lazada App Key and App Secret.

  1. Login into your Developer Lazada Account by going to https://uac.lazada.com/. If you do not have an account, please register the account embed with your Lazada Seller ID.
  2. Create your own app by going to App Console > Create. Choose Seller-In-House App and create. Fill in your app name, description and logo image according to your prefences.
  3. IMPORTANT! Specify your callback URL with the following URL: Please login to view the URL
  4. Get your App Key and App Secret at your APP overview page.

Shopee

Kindly get the following Shopee credentials ready in order to start using this feature.

  1. Login into your into your Shopee Open Platform account by going to https://open.shopee.com/login. If you do not have an account, please register for one.
  2. Create your own app by going to Console > Create an App. Fill in App Name as QlicknPay and the other details according to your preferences.
  3. Wait until Shopee approved your APP registration. Once your APP has been approved by Shopee, you can retrieve your Partner ID and Private Key at Overview Console page
  4. Link your console into your Shopee Seller account by logging in into your Shopee account at https://seller.shopee.com.my/account/signin and go to My Account page. Edit your Partner Platform and enter your Partner ID and Partner Key (Private Key).
  5. Retrieve your Shop ID by going back to your Shopee Open Platform > Shop List. Enter your Partner ID, Private Key and Shop ID here.