Secure payments via Tokenisation API with verified cards
1. Pay with credit card using token
URL endpoint (POST)
https://app.senangpay.my/apiv1/pay_cc
Sandbox URL endpoint (POST)
https://app.senangpay.my/apiv1/pay_cc
1.1 Authorisation header (Basic authorisation)
Username
< your-merchant-id > As listed in the profile settings page.
Password
None, leave empty.
1.2 Request parameters (All mandatory)
Parameter name
Parameter value/description
name
Your customer's name. Maximum length is 100 characters.
Example : Abu Bin Ali
Your customer's e-mail.
Example : [email protected]
detail
Your order details. Maximum length is 100 characters.
Example : Order for product id #4
phone
Your customer's phone number.
Example : 0109876543
order_id
Your order ID. Can be a number or string. Other characters are invalid.
Example : 123
amount
Your order amount in integer format. Convert from decimals as necessary.
Example: if the amount is RM 2.00, you need to set it as 200.
token
Generated token from Get Token API.
hash
A string generated using your secret key (found in your profile settings) with the HMAC SHA256 algorithm. The format is as follows:
<your merchant id><name><email><phone><detail><order_id><amount>
*Note: Do not include the < > characters.
1.3 Response Parameters
Parameter Name
Parameter value/description
status
Your transaction status. 1 if successful. 0 if failed.
transaction_id
Your transaction ID number.
order_id
Your original order ID.
amount_paid
Amount transacted from the credit card in integer format.
Example : If the amount transacted is RM 2.00, it will output 200.
msg
Transaction status message. You'll receive "Payment was successful" for successful payments, or an error message if the transaction failed.
hash
A string generated using your secret key (found in your profile settings) with the HMAC SHA256 algorithm. The format is as follows:
<merchant_id><status_id><order_id> <transaction_id><amount_paid><msg>
*Note: Do not include the < > characters.
1.4 Sample Response
{
"status":1,
"transaction_id":"14951544812820",
"order_id":"1234",
"amount_paid":1000,
"msg":"Payment was successful",
"hash":"99b6e99bb0aa663101b1e4f6f8d69c2efb41ef81a5a7aa030bf76a098a03d233"
}
*The 'Test it' option is available if you are using Firefox or Safari to test the API.
Charge credit card using token
Request parameters for payment using tokenization
Abu Bin Ali[email protected]Order for product id 41234567893432D425.5Generated token from Get Token API
D12820HJHash generated using HMAC SHA256. Construct the hash as follows hash_hmac(‘SHA256’, < your merchant id >< name >< email >< phone >< detail >< order_id >< amount >, <merchant_secret_key>) without the < > character
a8167dd09f01ebed0b18e67b2cc2424a0d058ccc83d94803482ecdeedff7728f<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://sandbox.senangpay.my/apiv1/pay_cc',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => http_build_query(array(
'name' => 'amir',
'email' => 'amir@email',
'detail' => 'test',
'phone' => '123456789',
'order_id' => '123',
'amount' => '200',
'token' => '55200660d03fcd38d179659d487d69d17a98bbf4ee5de4b8bca2269c3b62e230',
'hash' => '7eec18b9fe609ef5eea650d5aea9bb0a96ae7c83b101a872012dc9d5c07273b3'
)),
CURLOPT_HTTPHEADER => array(
'Content-Type: application/x-www-form-urlencoded',
'Authorization: Basic <token>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
?>
{
"status": 1,
"transaction_id": 15899864888614642,
"order_id": "3432D4",
"amount_paid": 200,
"msg": "Payment was successful",
"hash": "a8167dd09f01ebed0b18e67b2cc2424a0d058ccc83d94803482ecdeedff7728f"
}* The "Test it" option is available when using Firefox or Safari to test the API.
2. Enable or Disable Credit Cards
Item
Detail
URL endpoint (POST)
https://app.senangpay.my/apiv1/update_token_status
2.1 Authorisation Header (Basic authorisation)
Username
< your-merchant-id > As listed in the profile settings page.
Password
None, leave empty.
2.2 Request Parameters (All Mandatory)
token
Generated token from Get Token API
2.3 Response Parameters
Parameter Name
Parameter value/description
msg
Message for the token is successfully disabled or enabled.
token
Generated token from Get Token API that has been disabled or enabled.
Enable or disable Credit Card by token
Request parameters to enable/disable credit cards using token
Generated token from Get Token API
6bcc32c3cf4c6de03f4b3c967a36606d965d54cd51eb6cb7507555e2ad7b4521<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://sandbox.senangpay.my/apiv1/update_token_status',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => http_build_query(array(
'token' => '55200660d03fcd38d179659d487d69d17a98bbf4ee5de4b8bca2269c3b62e230'
)),
CURLOPT_HTTPHEADER => array(
'Content-Type: application/x-www-form-urlencoded',
'Authorization: Basic <token>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
?>
Response update token status
{
"msg": "Credit card successfully disabled",
"token": "6bcc32c3cf4c6de03f4b3c967a36606d965d54cd51eb6cb7507555e2ad7b4521"
}* The "Test it" option is available when using Firefox or Safari to test the API.
3. Validate Payment Token
Item
Detail
URL endpoint (POST)
https://app.senangpay.my/apiv1/validate_token
3.1 Authorisation Header (Basic Authorisation)
Username
< your-merchant-id > As listed in the profile settings page.
Password
None, leave empty.
3.2 Request Parameters (All Mandatory)
token
Generated token from Get Token API
3.3 Response Parameters
Parameter Name
Parameter value/description
status
Token validation result.
1for success0for failure.
msg
Message on token validation. "Card has been successfully verified" if successful, or an error message if not.
token
The token from the Get Token API, unchanged, showing whether it's enabled or disabled.
Endpoint to validates the supplied token
Request parameters to validate token
Generated token from Get Token API
6bcc32c3cf4c6de03f4b3c967a36606d965d54cd51eb6cb7507555e2ad7b4521<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://sandbox.senangpay.my/apiv1/validate_token',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => http_build_query(array(
'token' => '55200660d03fcd38d179659d487d69d17a98bbf4ee5de4b8bca2269c3b62e230'
)),
CURLOPT_HTTPHEADER => array(
'Content-Type: application/x-www-form-urlencoded',
'Authorization: Basic <token>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
?>
Validate token
{
"status": 1,
"msg": "Card has been successfully verified",
"token": "6bcc32c3cf4c6de03f4b3c967a36606d965d54cd51eb6cb7507555e2ad7b4521"
}* The "Test it" option is available when using Firefox or Safari to test the API.
Last updated