Direct API

Information about the latest version of Direct API to set up direct payments.

 

Please note:
This feature is only available for Enterprise package users and restricted to authorised merchants only. Please contact us to whitelist your server's outgoing IP address.

What is Direct API?

Direct API is an advanced payment integration that allows you to streamline the checkout process by skipping the traditional payment form. With Direct API, customers can initiate payments directly from their preferred payment method without the need to fill out lengthy forms or provide additional information.

senangPay's Payment Direct v3 consists of two parts:

A. Client Session
B. Javascript Web SDK

 

email-graphic-05-1024x792

 

How to apply?

You may e-mail us at help@senangpay.my or call our support team.

How to enable this feature?

You can simply upgrade your package to the Enterprise package on your dashboard. Click here to learn how to upgrade your package.

Supported payment methods

  1. Credit cards
  2. FPX
  3. Boost
  4. Touch ‘n Go
  5. GrabPay
  6. ShopeePay

A. Client Session

POST request from your server to this API endpoint

 

PARAMETER DATA TYPE COMPULSORY EXAMPLE DESCRIPTION
payment_method string YES fpx possible values:
  1. fpx (online banking)
  2. boost (Boost wallet)
  3. tng (Touch n Go wallet)
  4. grabpay (Grab wallet)
  5. grabPl (GrabPL)
  6. shopeepay (Shopeepay)
  7. shopback (Shopback BNPL)
  8. cc (Card Payment)
  9. jcb_direct (JCB)
fpx_bank_code

string compulsory if payment_method = ‘fpx 27 Refer Appendix A
shopeepay_platform string compulsory if payment_method = ‘shopeepay mobile “desktop” or “mobile”

filter_card array optional for cc [1,2] Refer Appendix B
customer_name string YES Mohd Aiman Customer’s name
customer_email string YES aiman@gmail.com Customer’s email address
customer_phone string YES 0193339922 Customer’s phone number
order_id string YES payment_for_ID339112 Unique ID for this transaction for your reference
amount string YES 200 Payment price multiplied by 100
detail string YES
Payment for Order ID ID339112
Description of payment
hash string YES d9d7936b0f84262785ceff36207d7a7590b2b08696cef9643c9ffac1787e2882 Sha256 hash with the below string:
{secret key}{customer_name}{customer_email}
{customer_phone}{order_id}{amount}{detail}
{payment_method}

 

*This API is restricted to authorized merchants. Please request that your server's outgoing IP address be whitelisted.

Request Authorization Header (Basic Auth)

Username

Merchant id (from senangpay Dashboard)

Password

{leave blank}

Response Parameters

result

0 - failed

1 - successful

msg

Error message description

uuid

client token to use in JavaScript web SDK in PART B

B. JavaScript Web SDK

1. Include these assets in your web page just below the <head> tag:

<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>

Production:

<link rel="stylesheet" href="https://senangpay.my/sdk/senangpay_v1.0.1.min.css">
<script src="https://senangpay.my/sdk/senangpay_v1.0.1.min.js"></script>

Sandbox:

<link rel="stylesheet" href="https://senangpay.my/sdk/senangpay_v1.0.1.min.css">
<script src="https://senangpay.my/sdk/senangpay_v1.0.1_sanbdox.min.js"></script>

2. Create a HTML element in the<body> tag;

<div id='senangpay_payment'></div>

3. Initiate senangPay class in JavaScript:

const senangpay = new Senangpay(merchantid);
senangpay.pay(uuid);
  • Get the UUID from the client session API in Part A response
  • The UUID is only valid for 60 seconds
  • Get merchant ID from the senangPay dashboard under the menu Setting→Profile

C. Callback and Return URL

What Parameters does the shopping cart receive from senangPay

The table below lists the details of the elements:
Item Detail
status_id This is to indicate the status of the payment. It only has three values: 2 for pending authorization, 1 for successful and 0 for failed.
order_id This is the order that is sent to senangPay. This is to identify the shopping cart transaction.
msg This is the message to describe the payment status. The maximum length is 100 characters. Take note that the message may contain underscores. You can replace the underscore with a space when displaying the message to your customers. Example: Payment_was_successful.
transaction_id This is the transaction ID used by senangPay. You can use this ID to track the transaction in senangPay. The maximum length is 100 characters. Example 14363538840
hash This is the data to ensure that data integrity has passed from senangPay to the merchant’s shopping cart. Refer to section ‘How to verify if the secure hash is correct’ for more info.

How to verify if the secure hash is correct

1. Merchants will need to generate the secure hash and compare the secure hash that was received from senangPay.

2. For example, if the parameters received from senangPay are as below:
Item Detail
secret key 53-784
status_id 1
order_id 56
transaction_id 14363538840
msg Payment_was_successful
3. The string to be hashed is $str = 53-78415614363538840Payment_was_successful which will generate the hash value of :
  • md5($str) => 69686562c29ad3f7955b1843a5c275ca
  • hash_hmac(‘SHA256′, $str, ’53-784’) => 4ca7837c6c4ddb5f6ba573ea701235b2d04bc6400d32787539e07aaf319eb70f
4. Now you need to compare the hash value that you have generated with the hash value sent from senangPay. If the value does not match, then the data may have been tampered with.

APPENDIX A

FPX Bank List API

1. Production:  https://api.senangpay.my/fpx_bank_list GET

2. Staging: https://api.sandbox.senangpay.my/fpx_bank_list GET

Request Authorization Header(Basic Auth)

Username Merchant Id (from senangpay Dashboard)
Password {leave blank}

Response Parameters

fpx_bank_list Array with these properties:
1. fpx_bank_code(to be used in payment API)
2. name (Name of the bank)
3. status (active/inactive) *inactive means bank is offline*
4. type (b2b/b2c)
5. logo (logo of the bank)

Sample Output: 

"fpx_bank_list": [

{
"fpx_bank_code": "22",
"name": "Affin Bank",
"status": "active",
"logo": "https://app.senangpay.my/public/images/bank/logo_affin.png", "type": "b2c"
},

{
"fpx_bank_code": "27",
"name": "Alliance Bank Malaysia Berhad",
"status": "active",
"logo": "https://app.senangpay.my/public/images/bank/logo_alliance.png", "type": "b2c"
},
]
}
 

Appendix B

Value Bank Issuer Card Type
1 Bank Kerjasama Rakyat

Credit Card

2 Bank Kerjasama Rakyat Debit Card
3 Maybank

Credit Card

4 Maybank Debit Card
5 CIMB

Credit Card

6 CIMB Debit Card

 

 Appendix C

1. B2C FPX Payment

Bank fpx_bank_code
CIMB Bank Berhad 2
Bank Islam Malaysia Berhad 3
Hong Leong Bank Berhad 4
HSBC Bank Berhad 6
Malayan Banking Berhad (M2U) 7
Public Bank Berhad 9
RHB Bank Berhad 10
Ambank Berhad 13
United Overseas Bank Berhad 14
Kuwait Finance House 15
Bank Kerjasama Rakyat Malaysia 21
Affin Bank 22
OCBC Bank 23
Standard Chartered Bank 24
Bank Muamalat 25
Bank Simpanan Nasional 26
Alliance Bank Malaysia Berhad 27
Malayan Banking Berhad (M2E) 29

2. B2B FPX Payment

Bank fpx_bank_code
CIMB Bank Berhad 34
Bank Islam Malaysia Berhad 36
Hong Leong Bank Berhad 38
HSBC Bank Berhad 40
Public Bank Berhad 44
RHB Bank Berhad 46
Kuwait Finance House 52
Bank Kerjasama Rakyat Malaysia 54
OCBC Bank 58
Bank Simpanan Nasional 64
Malayan Banking Berhad (M2E) 68