Integration Guide

Online Banking, E-Wallet, Virtual Account and QR Payments

Suggest Edits

Payment Request

Implementation Example in PHP

<?php 
$secret_key = '123'; // Shop password 

$order_data = array( 
    'api_key'   => '1d038f70-3eff-013a-cebf-02420a00092b', 
    'amount'    => 10000.00, 
    'currency'  => 'IDR', 
    'reference' => '123456789',
); 

$data = base64_encode(json_encode($order_data)); 
$sign = hash_hmac('md5', $data, $secret_key); // Signature formation 
?> 

<form action="https://secure.8b.world/alt" method="post">
    <input type="hidden" name="data" value="<?php echo $data ?>">
    <input type="hidden" name="sign" value="<?php echo $sign ?>">
    <input type="submit" value="Send request">
</form>

Example of Using Basic Parameters to Form the data Parameter

{
    "api_key": "1d038f70-3eff-013a-cebf-02420a00092b",
    "amount": "10000.00",
    "currency": "IDR",
    "reference": "123456789",
    "params": {
        "payer_firstname": "Name",
        "payer_lastname": "Surname",
        "user_email": "[email protected]",
        "user_phone": "+622851280"
    }
}

data and sign parameters are formed as a result of base64-encoding a JSON document and forming a signature (secret_key used for signature – 123):

data Parameter

`eyJhcGlfa2V5IjoiMWQwMzhmNzAtM2VmZi0wMTNhLWNlYmYtMDI0MjBhMDAwOTJiIiwiYW1vdW50IjoxMDAwMC4wMCwiY3VycmVuY3kiOiJJRFIiLCJyZWZlcmVuY2UiOiIxMjM0NTY3ODkiLCJwYXJhbXMiOnsicGF5ZXJfZmlyc3RuYW1lIjoiTmFtZSIsInBheWVyX2xhc3RuYW1lIjoiU3VybmFtZSIsInVzZXJfZW1haWwiOiIxMjM0NUBhYmMuY29tIiwidXNlcl9waG9uZSI6Iis2MjI4NTEyODAifX0=`

sign Parameter

“bde24ba9c2868d9a538ade7353c1bd13”

System Response Example

{
  "data": "eyJ0cmFuc2FjdGlvbl9pZCI6MSwicmVmZXJlbmNlIjoiMTIzNDU2Nzg5IiwiZXh0ZXJuYWxfcmVmZXJlbmNlIjoiMTIzNDU2NzgtMTIzNC0xMjM0LTEyMzQtMTgyN2RjZWE2MWM4IiwiYXBpX2tleSI6IjFkMDM4ZjcwLTNlZmYtMDEzYS1jZWJmLTAyNDIwYTAwMDkyYiIsImFtb3VudCI6IjEwMDAwLjAwIiwiY3VycmVuY3kiOiJJRFIiLCJzdGF0dXMiOjAsInN0YXR1c19uYW1lIjoiY3JlYXRlZCIsInN5c3RlbV9hbW91bnQiOiIxMDAwMC4wMCIsImNvbW1pc3Npb24iOiIwLjAiLCJzeXN0ZW1fY3VycmVuY3kiOiJJRFIiLCJjYXJkX251bWJlciI6bnVsbCwiY2FyZGhvbGRlciI6bnVsbCwicHJvY2Vzc2luZ19lcnJvcl9tc2ciOm51bGwsImF1dGhvcml6YXRpb25fY29kZSI6bnVsbCwic3VjY2Vzc191cmwiOiJodHRwOi8vc2VjdXJlLXRlc3QuYW55cGF5LnVrIiwiZmFpbHVyZV91cmwiOiJodHRwOi8vc2VjdXJlLXRlc3QuYW55cGF5LnVrLyIsIm9wZXJhdGlvbl9hbW91bnQiOiIxMDAwMC4wMCIsInJlZnVuZF9kZXRhaWxzIjpbXX0sInN1Y2Nlc3MiOnRydWUsImVycm9yIjpudWxsLCJyZWRpcmVjdF91cmwiOiJodHRwczovL3VuaXF1ZXVybC5ydS9saW5rL3BheW1lbnQvMTIzNDU2NzgtMTIzNC0xMjM0LTEyMzQtMTgyN2RjZWE2MWM4LyIsInRpbWVfcHJvYyI6IjQuMjQgc2VjLiIsInJlcXVlc3RfaWQiOiIyMzI5ODQzNDkyIg",
  "sign": "e4ed896e55e966eddf5b51da696e6138",
  "success": true,
  "time_proc": "4.01 sec.",
  "request_id": "2329843492"
}

After base64-decoding the data parameter, the redirect_url parameter can be extracted from the response:

"redirect_url":"https://uniqueurl.ru/link/payment/12345678-1234-1234-1234-1827dcea61c8/"

The received redirect_url parameter must be used to redirect the User to a payment form, allowing them to perform the necessary steps to confirm the payment.

If the selected payment method requires manual input of a payment ID in a third-party app (e.g., MobileApp, Online Banking, ATM), the gateway_payment_id will be present in the response instead of redirect_url. The value of this parameter must be displayed to the User for manual input:

"gateway_payment_id":"8211932279441"

If the selected payment method requires the User to scan a QR code to complete the payment (e.g., QRIS, Instapay QRPH), the qrcode parameter will be present in the response. This parameter may contain a base64-encoded image of the QR code:

"qrcode":""

or payment data, which must be used by the Partner to form a scannable QR code to display to the User:

"qrcode":"000THIS IS A DUMMY QR00012345000GO TO SIMULATE PAGE ON DASHBOARD TO COMPLETE PAYMENT00012345000COM.PROVIDER.WWW00012345000QRWWW000123000"

It is advisable to verify the request signature for validity before redirecting the User. If the response contains empty parameters, you should check the transaction status.


Request Description

You can refer to the guide for this request at this link.


Payment Callback Message


Callback Message Example

{
  "data": "eyJ0cmFuc2FjdGlvbl9pZCI6IjEiLCJyZWZlcmVuY2UiOiIxMjM0NTY3ODkiLCJhcGlfa2V5IjoiMWQwMzhmNzAtM2VmZi0wMTNhLWNlYmYtMDI0MjBhMDAwOTJiIiwiYW1vdW50IjoiMTAwMDAuMDAiLCJjdXJyZW5jeSI6IkRSIiwic3RhdHVzIjoiOTkiLCJzdGF0dXNfbmFtZSI6ImVycm9yIiwic3lzdGVtX2Ftb3VudCI6IjEwMDAwLjAwIiwic3lzdGVtX2N1cnJlbmN5IjoiSURSIiwib3BlcmF0aW9uX2Ftb3VudCI6IjEwMDAwLjAwIiwiY29tbWlzc2lvbiI6IjAuMCIsInBheW1lbnRfc3lzdGVtX3R5cGUiOiJkaXJlY3QiLCJjYXJkX251bWJlciI6IiIsImNhcmRfcGFuNiI6IiIsImNhcmRfcGFuNCI6IiIsImNhcmRob2xkZXJfbmFtZSI6IiIsInByb2Nlc3NpbmdfZXJyb3JfbXNnIjoiRXJyb3IgZGVzY3JpcHRpb24iLCJhdXRob3JpemF0aW9uX2NvZGUiOiIiLCJwYXJhbXMiOiJ7fSJ9",
  "sign": "34cf1f0adf4ab65a4cb120f025b55776"
}

Basic MIME base64 decoded JSON document

print_r(json_decode(base64_decode($\_POST['data'])));

stdClass Object (  
  [transaction_id] => 1  
  [reference] => 123456789  
  [api_key] => 1d038f70-3eff-013a-cebf-02420a00092b  
  [amount] => 10000.00  
  [currency] => IDR  
  [status] => 99  
  [status_name] => error  
  [system_amount] => 10000.00  
  [system_currency] => IDR  
  [operation_amount] => 10000.00  
  [commission] => 0.0  
  [payment_system_type] => direct  
  [card_number] =>  
  [card_pan6] =>  
  [card_pan4] =>  
  [cardholder_name] =>  
  [processing_error_msg] => Error description  
  [authorization_code] =>  
  [params] => Array (  
    [0] =>  
  )  
)  
)

Request Description

You can refer to the guide for this request at this link.


Refund request


Implementation Example in PHP

<?php 
$secret_key = 123; // shop password 
$order_data = array ( 
  'amount' => 1.23,
  'api_key' => '1d038f70-3eff-013a-cebf-02420a00092b',
  'transaction_id' => 1
);

$data = base64_encode(json_encode($order_data)); 
$sign = hash_hmac('md5', $data, $secret_key); //signature formation 

$curl = curl_init(); 
curl_setopt($curl, CURLOPT_URL, 'https://secure.8b.world/alt/refund'); 
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, array('data' => $data, 'sign' => $sign)); 

if ($result = curl_exec($curl)){ 
  $result = json_decode($result); 
  if ($result->success && $result->data && $result->sign && hash_hmac('md5', $result->data, $secret_key) === $result->sign){ 
    $result = json_decode(base64_decode($result->data)); 
    // Processing result 
    print_r($result); 
  } 
} 
curl_close($curl); 
?>

Response Example

The response will contain the following JSON structure:

{
  "data": "eyJvcmRlciI6eyJ0cmFuc2FjdGlvbl9pZCI6MSwicmVmZXJlbmNlIjoidGVzdG9yZGVyMDEiLCJhcGlfa2V5IjoiMWQwMzhmNzAtM2VmZi0wMTNhLWNlYmYtMDI0MjBhMDAwOTJiJyIsImFtb3VudCI6IjEuMjMiLCJjdXJyZW5jeSI6IkVVUiIsInN0YXR1cyI6NCwic3RhdHVzX25hbWUiOiJyZWZ1bmQiLCJjYXJkX251bWJlciI6bnVsbCwiY2FyZGhvbGRlciI6bnVsbCwicHJvY2Vzc2luZ19lcnJvcl9tc2ciOm51bGwsImF1dGhvcml6YXRpb25fY29kZSI6bnVsbCwic3VjY2Vzc191cmwiOiJodHRwOi8vbG9jYWxob3N0LyIsImZhaWx1cmVfdXJsIjoiaHR0cDovL2xvY2FsaG9zdC8iLCJyZWZ1bmRfZGV0YWlscyI6W3sicmVmdW5kX2Ftb3VudCI6MS4yMywiY3JlYXRlZF9hdCI6IjIwMjQuMDcuMjIgMTI6MTk6MzIiLCJyZWZ1bmRfaW5pdF90eXBlIjowfV0sImxpbmtfcmVmZXJlbmNlIjoiYzdkMGZkNWIwYzkwNDg0N2QyMGM1YThkMTVlOTI0NjAifSwic3VjY2VzcyI6dHJ1ZSwidGltZV9wcm9jIjoiMC45NiBzZWMuIiwicmVxdWVzdF9pZCI6Ijg2ODkwNTc5NjkifQ",
  "sign": "0e20d899affcd4b44512f7e9e3a644ab",
  "success": true,
  "time_proc": "0.59 sec.",
  "request_id": "8689057969"
}

Decoding the data parameter will yield the following array of elements:

stdClass Object (
  [items] => Array (
    [0] => stdClass Object (
      [transaction_id] => 1
      [reference] => testorder01
      [api_key] => 1d038f70-3eff-013a-cebf-02420a00092b
      [amount] => 1.23
      [currency] => EUR
      [status] => 4
      [status_name] => refund
      [card_number] => 
      [cardholder] => 
      [processing_error_msg] => Error description
      [authorization_code] =>
      [success_url] => http://localhost/
      [failure_url] => http://localhost/
      [processing_error_group_reference] => 
      [processing_error_kind] => 0
      [operation_amount] => 10000.00
      [refund_details] => Array (
        [refund_amount] => 1.23
        [created_at] => 2024.07.22 12:19:32
        [refund_init_type] => 0
      )
      [link_reference] => c7d0fd5b0c904847d20c5a8d15e92460
    )
  )
  [success] => true
  [time_proc] => 0.96 sec.
  [request_id] => 8689057969
)

Request Description

You can refer to the guide for this request at this link.


Transaction information request


Implementation Example in PHP

<?php 
$secret_key = 123; // shop password 
$order_data = array ( 
  'api_key' => '1d038f70-3eff-013a-cebf-02420a00092b',
  'transaction_id' => 1 // or 'reference' => '123456789'
);

$data = base64_encode(json_encode($order_data)); 
$sign = hash_hmac('md5', $data, $secret_key); //signature formation 

$curl = curl_init(); 
curl_setopt($curl, CURLOPT_URL, 'https://secure-test.8b.world/atl/get_orders_data'); 
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, array('data' => $data, 'sign' => $sign)); 

if ($result = curl_exec($curl)){ 
  $result = json_decode($result); 
  if ($result->success && $result->data && $result->sign && hash_hmac('md5', $result->data, $secret_key) === $result->sign){ 
    $result = json_decode(base64_decode($result->data)); 
    // Processing result 
    print_r($result); 
  } 
} 
curl_close($curl); 
?>

Response Example

Response will contain the following JSON structure:

{
  "data": "eyJpdGVtcyI6W3sidHJhbnNhY3Rpb25faWQiOjEsInJlZmVyZW5jZSI6IjEyMzQ1Njc4OSIsImV4dGVybmFsX3JlZmVyZW5jZSI6IjEyMzQ1Njc4LTEyMzQtMTIzNC0xMjM0LTE4MjdkY2VhNjFjOCIsImFwaV9rZXkiOiIxZDAzOGY3MC0zZWZmLTAxM2EtY2ViZi0wMjQyMGEwMDA5MmIiLCJhbW91bnQiOiIxMDAwMC4wMCIsImN1cnJlbmN5IjoiSURSIiwic3RhdHVzIjo5OSwic3RhdHVzX25hbWUiOiJlcnJvciIsInN5c3RlbV9hbW91bnQiOiIxMDAwMC4wMCIsImNvbW1pc3Npb24iOiIwLjAiLCJzeXN0ZW1fY3VycmVuY3kiOiJJRFIiLCJjYXJkX251bWJlciI6bnVsbCwiY2FyZGhvbGRlciI6bnVsbCwicHJvY2Vzc2luZ19lcnJvcl9tc2ciOiJFcnJvciBkZXNjcmlwdGlvbiIsImF1dGhvcml6YXRpb25fY29kZSI6bnVsbCwic3VjY2Vzc191cmwiOiJodHRwOi8vbG9jYWxob3N0LyIsImZhaWx1cmVfdXJsIjoiaHR0cDovL2xvY2FsaG9zdC8iLCJwcm9jZXNzaW5nX2Vycm9yX2dyb3VwX3JlZmVyZW5jZSI6bnVsbCwicHJvY2Vzc2luZ19lcnJvcl9raW5kIjowLCJvcGVyYXRpb25fYW1vdW50IjoiMTAwMDAuMDAiLCJyZWZ1bmRfZGV0YWlscyI6W10sInJlZnVuZF90b3RhbF9hbW91bnQiOjAuMCwiaW50ZXJuYWxfZXJyb3JfcmVmZXJlbmNlIjpudWxsLCJleHRlcm5hbF9lcnJvcl9pZCI6MjV9XSwic3VjY2VzcyI6dHJ1ZSwidGltZV9wcm9jIjoiMC41OSBzZWMuIiwicmVxdWVzdF9pZCI6IjkxMjYwNTUzMzcifQ",
  "sign": "b15773978173444c146b8f29484d891a",
  "success": true,
  "time_proc": "0.59 sec.",
  "request_id": "9126055337"
}

Decoding the data parameter will yield an array of elements with a structure that is analogous to a Callback request sent by System to Partner’s system:

stdClass Object (
  [items] => Array(
    [0] => stdClass Object(
      [transaction_id] => 1
      [reference] => 123456789
      [external_reference] => 12345678-1234-1234-1234-1827dcea61c8
      [api_key] => 1d038f70-3eff-013a-cebf-02420a00092b
      [amount] => 10000.00
      [currency] => IDR
      [status] => 99
      [status_name] => error
      [system_amount] => 10000.00
      [commission] => 0.0
      [system_currency] => IDR
      [card_number] => 
      [cardholder] => 
      [processing_error_msg] => Error description
      [authorization_code] =>
      [success_url] => http://localhost/
      [failure_url] => http://localhost/
      [processing_error_group_reference] => 
      [processing_error_kind] => 0
      [operation_amount] => 10000.00
      [refund_details] => Array ( )
      [refund_total_amount] => 0.0
      [internal_error_reference] =>
      [external_error_id] => 25
    )
  )
  [success] => true
  [time_proc] => 0.01 sec.
  [request_id] => 7902788179
)

Request Description

You can refer to the guide for this request at this link.

Updated 3 days ago