API Catalogue
  • Getting started with senangPay API
    • User Registration
  • Integration API
    • Manual Integration API (Open API)
      • Generate Secure Hash
    • API for Recurring Payment
      • Generate Secure Hash - Recurring Payment
    • Tokenization API
      • 3D Get Token
      • Secure payments via API Tokenization with verified cards
Powered by GitBook
On this page
  1. Integration API
  2. Tokenization API

Secure payments via API Tokenization with verified cards

1.0 Pay credit card using token

Item
Detail

URL endpoint (POST)

https://app.senangpay.my/apiv1/pay_cc

Sandbox URL endpoint (POST)

https://app.senangpay.my/apiv1/pay_cc

1.1 Authorization Header (Basic Auth)

Type
Basic

Username

< your-merchant-id > As listed in the profile settings page.

Password

None, leave empty.

1.2 Request Parameter (All Mandatory)

Parameter Name

Parameter value/description

name

Your customer name. Maximum length is 100.

  • Example : Abu Bin Ali

email

Your customer email.

  • Example : ahmad@google.com

detail

Your order detail. Maximum length is 100.

  • Example : Order for product id #4

phone

Your customer phone number.

  • Example : 0109876543

order_id

Your order id. Can be number or string. Other character is invalid.

  • Example : 123

amount

Your order amount in integer format. Convert from decimals as necessary.

  • Example : if the amount is RM 2.00, you need to send 200.

token

hash

A string generated using your secret key (found in your profile settings) with the HMAC SHA256 algorithm. The format is as follows: <your merchant id><name><email><phone><detail><order_id><amount> *Note: Do not include the < > characters.*

1.3 Response Parameter

Parameter Name

Parameter value / description

status

Your transaction status. 1 if successful. 0 if failed.

transaction_id

Your transaction ID number.

order_id

Your original order ID.

amount_paid

Amount transacted from the credit card in integer format.

  • Example : If the amount transacted is RM 2.00, it will output 200.

msg

Transaction status message. You'll receive "Payment was successful" for successful payments, or an error message if the transaction failed.

hash

A string generated using your secret key with HMAC SHA256. Format: <merchant_id><status_id><order_id> <transaction_id><amount_paid><msg> Exclude the < > characters.

1.4 Sample Response

{
   "status":1,
   "transaction_id":"14951544812820",
   "order_id":"1234",
   "amount_paid":1000,
   "msg":"Payment was successful",
   "hash":"99b6e99bb0aa663101b1e4f6f8d69c2efb41ef81a5a7aa030bf76a098a03d233"
}

** The "Test it" option is available when using Firefox or Safari to test the API

2.0 Enable/disable credit card

Item

Detail

URL endpoint (POST)

https://app.senangpay.my/apiv1/update_token_status

2.1 Authorization header (Basic Auth)

Type
Basic

Username

< your-merchant-id > As listed in the profile settings page.

Password

None, leave empty.

2.2 Request Parameter (All Mandatory)

Parameter Name
Parameter value / description

token

2.3 Response Parameter

Parameter Name

Parameter value/description

msg

Message for the token is successfully disabled or enabled.

token

Generated token from Get Token API that has been disabled or enabled.

** The "Test it" option is available when using Firefox or Safari to test the API

3.0 Validate payment token

Item

Detail

URL endpoint (POST)

https://app.senangpay.my/apiv1/validate_token

3.1 Authorization header (Basic Auth)

Type
Basic

Username

< your-merchant-id > As listed in the profile settings page.

Password

None, leave empty.

3.2 Request Parameter (All Mandatory)

Parameter Name
Parameter value / description

token

3.3 Response Parameter

Parameter Name

Parameter value/description

status

Token validation result.

  • 1 for success

  • 0 for failure.

msg

Message on token validation. "Card has been successfully verified" if successful, or an error message if not.

token

The token from the Get Token API, unchanged, showing whether it's enabled or disabled.

** The "Test it" option is available when using Firefox or Safari to test the API

Previous3D Get Token

Last updated 7 months ago

Generated token from

Generated token from

Generated token from

Get Token API
Get Token API
Get Token API

Charge credit card using token

post

Charge credit card using token

Authorizations
Body
namestringoptional
Example: Abu Bin Ali
emailstringoptional
Example: ahmad@google.com
detailstringoptional
Example: Order for product id 4
phoneintegeroptional
Example: 123456789
order_idstringoptional
Example: 3432D4
amountintegeroptional
Example: 25.5
tokenstringoptional

Generated token from Get Token API

Example: D12820HJ
hashstringoptional

Hash generated using HMAC SHA256. Construct the hash as follows hash_hmac(‘SHA256’, < your merchant id >< name >< email >< phone >< detail >< order_id >< amount >, <merchant_secret_key>) without the < > character

Example: a8167dd09f01ebed0b18e67b2cc2424a0d058ccc83d94803482ecdeedff7728f
Responses
application/json
application/json
PHP
JavaScript
Java
cURL
Node.js
<?php
  $curl = curl_init();

  curl_setopt_array($curl, array(
      CURLOPT_URL => 'https://sandbox.senangpay.my/apiv1/pay_cc',
      CURLOPT_RETURNTRANSFER => true,
      CURLOPT_ENCODING => '',
      CURLOPT_MAXREDIRS => 10,
      CURLOPT_TIMEOUT => 0,
      CURLOPT_FOLLOWLOCATION => true,
      CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
      CURLOPT_CUSTOMREQUEST => 'POST',
      CURLOPT_POSTFIELDS => http_build_query(array(
          'name' => 'amir',
          'email' => 'amir@email',
          'detail' => 'test',
          'phone' => '123456789',
          'order_id' => '123',
          'amount' => '200',
          'token' => '55200660d03fcd38d179659d487d69d17a98bbf4ee5de4b8bca2269c3b62e230',
          'hash' => '7eec18b9fe609ef5eea650d5aea9bb0a96ae7c83b101a872012dc9d5c07273b3'
      )),
      CURLOPT_HTTPHEADER => array(
          'Content-Type: application/x-www-form-urlencoded',
          'Authorization: Basic <token>'
      ),
  ));

  $response = curl_exec($curl);

  curl_close($curl);
  echo $response;
?>
200
401
{
  "status": 1,
  "transaction_id": 15899864888614642,
  "order_id": "3432D4",
  "amount_paid": 200,
  "msg": "Payment was successful",
  "hash": "a8167dd09f01ebed0b18e67b2cc2424a0d058ccc83d94803482ecdeedff7728f"
}

Charge credit card using token

Enable / disable Credit Cards

post

Enable or disable Credit Card by token

Authorizations
Body
tokenstringoptional

Generated token from Get Token API

Example: 6bcc32c3cf4c6de03f4b3c967a36606d965d54cd51eb6cb7507555e2ad7b4521
Responses
application/json
PHP
JavaScript
Java
cURL
Node.js
<?php
  $curl = curl_init();

  curl_setopt_array($curl, array(
      CURLOPT_URL => 'https://sandbox.senangpay.my/apiv1/update_token_status',
      CURLOPT_RETURNTRANSFER => true,
      CURLOPT_ENCODING => '',
      CURLOPT_MAXREDIRS => 10,
      CURLOPT_TIMEOUT => 0,
      CURLOPT_FOLLOWLOCATION => true,
      CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
      CURLOPT_CUSTOMREQUEST => 'POST',
      CURLOPT_POSTFIELDS => http_build_query(array(
          'token' => '55200660d03fcd38d179659d487d69d17a98bbf4ee5de4b8bca2269c3b62e230'
      )),
      CURLOPT_HTTPHEADER => array(
          'Content-Type: application/x-www-form-urlencoded',
          'Authorization: Basic <token>'
      ),
  ));

  $response = curl_exec($curl);

  curl_close($curl);
  echo $response;
?>
200
{
  "msg": "Credit card successfully disabled",
  "token": "6bcc32c3cf4c6de03f4b3c967a36606d965d54cd51eb6cb7507555e2ad7b4521"
}

Response update token status

Check token validity

post

Endpoint to validates the supplied token

Authorizations
Body
tokenstringoptional

Generated token from Get Token API

Example: 6bcc32c3cf4c6de03f4b3c967a36606d965d54cd51eb6cb7507555e2ad7b4521
Responses
application/x-www-form-urlencoded
PHP
JavaScript
Java
cURL
Node.js
<?php
  $curl = curl_init();

  curl_setopt_array($curl, array(
      CURLOPT_URL => 'https://sandbox.senangpay.my/apiv1/validate_token',
      CURLOPT_RETURNTRANSFER => true,
      CURLOPT_ENCODING => '',
      CURLOPT_MAXREDIRS => 10,
      CURLOPT_TIMEOUT => 0,
      CURLOPT_FOLLOWLOCATION => true,
      CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
      CURLOPT_CUSTOMREQUEST => 'POST',
      CURLOPT_POSTFIELDS => http_build_query(array(
          'token' => '55200660d03fcd38d179659d487d69d17a98bbf4ee5de4b8bca2269c3b62e230'
      )),
      CURLOPT_HTTPHEADER => array(
          'Content-Type: application/x-www-form-urlencoded',
          'Authorization: Basic <token>'
      ),
  ));

  $response = curl_exec($curl);

  curl_close($curl);
  echo $response;
?>
200
{
  "status": 1,
  "msg": "Card has been successfully verified",
  "token": "6bcc32c3cf4c6de03f4b3c967a36606d965d54cd51eb6cb7507555e2ad7b4521"
}

Validate token

  • 1.0 Pay credit card using token
  • 1.1 Authorization Header (Basic Auth)
  • 1.2 Request Parameter (All Mandatory)
  • 1.3 Response Parameter
  • 1.4 Sample Response
  • POSTCharge credit card using token
  • 2.0 Enable/disable credit card
  • 2.1 Authorization header (Basic Auth)
  • 2.2 Request Parameter (All Mandatory)
  • 2.3 Response Parameter
  • POSTEnable / disable Credit Cards
  • 3.0 Validate payment token
  • 3.1 Authorization header (Basic Auth)
  • 3.2 Request Parameter (All Mandatory)
  • 3.3 Response Parameter
  • POSTCheck token validity