Account Binding
DOKU has partnered with various banks and e-wallet to provide Direct Debit SNAP Payment Service. Learn more about how DOKU can help you integrate with Direct Debit SNAP here.
Requirements
Before start integration, you must have retrieved credentials from Acquirer.
If you don't have the credentials yet, we can help to facilitate you to get one. Here is the flow to get credentials:
Direct API - BRI Direct Debit Activation
- Login to DOKU Back Office
- Go to Configuration > Direct Debit
- Select Specific Direct Debit SNAP Channel (Example: OVO, CIMB, BRI, etc) and click Activate button
- Input
Consumer Key - Input
Consumer Secret - Click Activate button
Congratulations! You are now ready for the integration.
Integration steps
Here is the overview of how to integrate with Direct Debit:
- Account Binding (tokenization)
- Check Balance (optional for some acquirer)
- Create payment using the token
- Acknowledge payment result
Optional but recommended to have:
- Direct Debit Status Inquiry
- Unbinding
Account Binding (Tokenization)
To perform Account Binding, you will need to hit this API through your Backend:
Direct API - Direct Debit Account Binding
API Request
| Type | Value | Description |
|---|---|---|
| HTTP Method | POST | |
| API endpoint (Sandbox) | https://api-sandbox.doku.com/direct-debit/[acquirer-name]/v1.0/registration-account-binding | Possible Values for [acquirer-name] : ovo, cimb, allobank, bri |
| API endpoint (Production) | https://api.doku.com/direct-debit/[acquirer-name]/v1.0/registration-account-binding | Possible Values for [acquirer-name] : ovo, cimb, allobank, bri |
Here is the sample of request header to perform Account Binding:
X-PARTNER-ID: MCH-0001-10791114622547
X-EXTERNAL-ID: 1684987418452706687
X-TIMESTAMP: 2023-01-27T15:58:59+07:00
X-IP-ADDRESS: 192.168.23.23
X-DEVICE-ID: 912f12e223624d2e94828b1681992be3
X-SIGNATURE: hMac123234nsjkdfhajnkssfhgjklsfsdfdfgdfgdfg124dfgfgh
Request Header Explanation
| Parameter | Description |
|---|---|
| X-PARTNER-ID | Unique ID for a partner (DOKU'S Client ID) |
| X-EXTERNAL-ID | Numeric String. Reference number that should be unique in the same day (request-id) |
| X-TIMESTAMP | Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format |
| X-IP-ADDRESS | IP address of the end user (customer) using IPv4 format. Notes: Mandatory for Allobank (Min:10, Max:15), Optional for rest of acquirer |
| X-SIGNATURE | algoritma symmetric signature HMAC_SHA512 (clientSecret, stringToSign) with formula stringToSign = HTTPMethod +โ:โ+ EndpointUrl +":"+ AccessToken +":โ+ Lowercase(HexEncode(SHA-256(minify(RequestBody))))+ ":โ + TimeStamp |
Here is the sample of request body to perform Account Binding:
{
"phoneNo": "0857957868761",
"additionalInfo": {
"custIdMerchant": "TEST-123",
"customerName": "Paulus",
"email": "john.doe@doku.com",
"idCard": "12345",
"country": "Indonesia",
"address": "Bali",
"dateOfBirth": "19990101",
"successRegistrationUrl": "https://sandbox.doku.com/bo/login/",
"failedRegistrationUrl": "https://www.seleniumeasy.com/test",
"deviceModel": "iphone12",
"osType": "ios",
"channel": "app"
}
}
Request Body Explanation
| Parameter | Type | Mandatory | Description |
|---|---|---|---|
phoneNo | string (16) | Mandatory | Phone number registered to user's account in acquirer. Allowed chars: alphabetic, numeric, special charsMin Length: 9 , Max Length : 16. Start with 62 |
additionalInfo | object | Mandatory | |
additionalInfo.custIdMerchant | string (64) | Mandatory | Customer ID Allowed chars: alphabetic, numeric, special chars |
additionalInfo.customerName | string (70) | Optional | Customer Name. |
additionalInfo.email | string (254) | Conditional | Customer's email Notes: Mandatory for Allobank, Optional for other Acquirer |
additionalInfo.idCard | string (20) | Optional | Customer Identity Card number (KTP) for our risk engine assessment |
additionalInfo.country | string(60) | Optional | Customer's country of residence |
additionalInfo.address | string (255) | Optional | Customer's address |
additionalInfo.dateOfBirth | date | Optional | yyyymmdd |
additionalInfo.successRegistrationUrl | string (255) | Mandatory | redirect URL in case of binding request was a success |
additionalInfo.failedRegistrationUrl | string (255) | Mandatory | redirect URL in case of binding request was a failure |
additionalInfo.deviceModel | string (64) | Conditional | Device's model the customer is accessing the request from. Notes: Mandatory for Allobank, Optional for other Acquirer |
additionalInfo.osType | string (64) | Conditional | Device's operating system the customer is accessing the request from Notes: Mandatory for Allobank, Optional for other Acquirer |
additionalInfo.channel | string | Conditional | Channel of from what platform the customer is accessing this request from Notes: Mandatory for Allobank, Optional for other Acquirer |
API Response
After hitting the above API request, DOKU will give the response.
| Type | Value |
|---|---|
| HTTP Status | 200 |
| Result | CREATED |
Here is the sample response header:
X-PARTNER-ID: MCH-0001-10791114622547
X-EXTERNAL-ID: 1684987418452706687
X-TIMESTAMP: 2023-01-27T15:58:59+07:00
X-IP-ADDRESS: 192.168.23.23
X-DEVICE-ID: 912f12e223624d2e94828b1681992be3
X-SIGNATURE: hMac123234nsjkdfhajnkssfhgjklsfsdfdfgdfgdfg124dfgfgh
Response Header Explanation
| Parameter | Description |
|---|---|
| X-PARTNER-ID | Unique ID for a partner (DOKU'S Client ID) |
| X-EXTERNAL-ID | Numeric String. Reference number that should be unique in the same day (request-id) |
| X-TIMESTAMP | Client's current local time in yyyy-MM- ddTHH:mm:ssTZD format |
| X-IP-ADDRESS | IP address of the end user (customer) using IPv4 format. Notes: Mandatory for Allobank (Min:10, Max:15), Optional for rest of acquirer |
| X-SIGNATURE | algoritma symmetric signature HMAC_SHA512 (clientSecret, stringToSign) dengan formula stringToSign = HTTPMethod +โ:โ+ EndpointUrl +":"+ AccessToken +":โ+ Lowercase(HexEncode(SHA-256(minify(RequestBody))))+ ":โ + TimeStamp |
Here is the sample of response body:
{
"responseCode": "2000700",
"responseMessage": "Successful",
"referenceNo": "",
"redirectUrl": "https://app.doku.com/direct-debit/ui/binding/2238230713001534401107183161486001168389",
"additionalInfo": {
"custIdMerchant": "CUSTOMER_OVOxDOKU",
"accountStatus": "PENDING",
"authCode": "1234123412341234"
}
}
Response Body Explanation
| Parameter | Type | Mandatory | Description |
|---|---|---|---|
responseCode | string (7) | Mandatory | Response code as defined in SNAP Regulation |
responseMessage | string (150) | Mandatory | Response message as defined in SNAP Regulation |
referenceNo | string (64) | Optional | account binding unique identifier on acquirer's side. Notes: will be returned to merchant if acquirer returns it |
redirectUrl | string (2048) | Mandatory | URL to redirect user to Acquirer's webview to let customer finish OTP |
additionalInfo | object | Mandatory | |
additionalInfo.custIdMerchant | string (64) | Optional | Customer's ID |
additionalInfo.accountStatus | string | Optional | Customer's account status. Value : PENDING |
additionalInfo.authCode | string(128) | Mandatory | Customer's auth code |