Integration Guide

Requirements

Make sure you have integrated with either Credit Card or Direct Debit
Make sure that you sent customer.id parameter on the request to DOKU in order to activate the tokenization feature

Integration steps

Get token list
Show token list to the customer
Use the token for future payment

1. Get token list

To get token list, you will need to hit this API through your backend:

API Request

Type	Value
HTTP Method	POST
API endpoint (Sandbox)	`https://api-sandbox.doku.com/tokenization/v1/tokens`
API endpoint (Production)	`https://api.doku.com/tokenization/v1/tokens`

Here is the sample of request header to generate payment URL:

Client-Id: MCH-0001-10791114622547
Request-Id: 9716a8cb-5ec1-4f8f-b72c-cd25975bafff
Request-Timestamp: 2020-08-11T08:45:42Z
Signature: HMACSHA256=9UPUFzOqJc47aJzD9ESOTcWg6TMsg3mqSP+DnUO8ENE=

Request Header Explanation

Parameter	Description
Client-Id	Client ID retrieved from DOKU Back Office
Request-Id	Unique random string (max 128 characters) generated from merchant side to protect duplicate request
Request-Timestamp	Timestamp request on UTC time in ISO8601 UTC+0 format. It means to proceed transaction on UTC+7 (WIB), merchant need to subtract time with 7. Ex: to proceed transaction on September 22th 2020 at 08:51:00 WIB, the timestamp should be 2020-09-22T01:51:00Z
Signature	Security parameter that needs to be generated on merchant Backend and placed to the header request to ensure that the request is coming from valid merchant. Please refer to this section to generate the signature

Here is the sample request body to get token list:

{
    "customer": {
        "id": "CUST-0001"
    },
    "token_data": {
        "type": "DIRECT_DEBIT"
    }
}

Request Body Explanation

Parameter	Type	Mandatory	Description
`customer.id`	`string`	Mandatory	Unique customer identifier generated by merchant. Allowed chars: `alphabetic, numeric, special chars` Max Length: `50`
`token_data.type`	`string`	Optional	Token type, if not specified then return all type of tokens Possible value: `DIRECT_DEBIT, CREDIT_CARD`

API Response

After hitting the above API request, DOKU will give the response.

Type	Value
HTTP Status	200
Result	SUCCESS

Here is the sample response header:

Client-Id: MCH-0001-10791114622547
Request-Id: 9716a8cb-5ec1-4f8f-b72c-cd25975bafff
Response-Timestamp: 2020-08-11T08:45:42Z
Signature: HMACSHA256=1jap2tpgvWt83tG4J7IhEwUrwmMt71OaIk0oL0e6sPM=

Response Header Explanation

Parameter	Description
Client-Id	Same as the request
Request-Id	Same as the request
Response-Timestamp	Timestamp Response on UTC with format ISO8601 UTC+0 from DOKU
Signature	Signature generated by DOKU based on the response body

Here is the sample of response body:

[
    {
        "token_data": {
            "type": "DIRECT_DEBIT"
        },
        "customer": {
            "id": "CUST-0001",
            "name": "Anton Budiman"
        },
        "debit_card": {
            "issuer": "BRI",
            "token_id": "243591d7e49f45109961581718c3ef82",
            "masked_card": "*********8982",
        }
    },
    {
        "token_data": {
            "type": "DIRECT_DEBIT"
        },
        "customer": {
            "id": "CUST-0001",
            "name": "Anton Budiman"
        },
        "debit_card": {
            "issuer": "BRI",
            "token_id": "05fc9236261381647e24a14a691e1590",
            "masked_card": "*********8981",
        }
    },
    {
        "token_data": {
            "type": "CREDIT_CARD"
        },
        "customer": {
            "id": "CUST-0001",
            "name": "Anton Budiman"
        },
        "credit_card": {
            "issuer": "BCA",
            "token_id": "4bc187a24c60fc88977604d170eea4a5",
            "masked_card": "4096****5464",
            "brand": "visa"
        }
    }
]

Response Body Explanation

Parameter	Type	Mandatory	Description
`token_data.type`	`string`	Mandatory	Token type: `DIRECT_DEBIT, CREDIT_CARD`
`customer.id`	`string`	Mandatory	Same as the request
`customer.name`	`string`	Optional	Customer name saved on DOKU
`debit_card.issuer`	`string`	Mandatory	Issuer of the debit card
`debit_card.token_id`	`string`	Mandatory	Token generated by DOKU. Use this value when hit request to DOKU for payment request Possible value: `alphabetic, numeric, special characters` Max length: `256`
`debit_card.masked_card`	`string`	Mandatory	Debit card number masked
`credit_card.issuer`	`string`	Mandatory	Issuer of the credit card
`credit_card.token_id`	`string`	Mandatory	Token generated by DOKU. Use this value when hit request to DOKU for payment request Possible value: `alphabetic, numeric, special characters` Max length: `256`
`credit_card.masked_card`	`string`	Mandatory	Credit card number masked
`credit_card.brand`	`string`	Optional	Principal of the credit card

2. Show Token List to your customer

You can save the debit_card.token_id and credit_card.token_id to your system along with the customer.id, so that the customer will be associated with their respective tokens.

3. Use token for future payment

You can send then the token_id along with the payment request. Learn more for each payment channel:

Explore the New API Documentation!

Requirements​

Integration steps​

1. Get token list​

API Request​

API Response​

2. Show Token List to your customer​

3. Use token for future payment​