Permata API

Generate Token

Step By Step request Generate Token (sample):

  • 1. Use key-id for test :

    'API-Key: cd86fe4b-bc4f-4200-8ad4-d04971c65ac6'

  • 2. Use $username = ec1f94aa-161b-446a-afb0-2de29a52060e

  • 3. Use $password = fd0f38d4-46dd-44ce-b318-c208f7f0e6df

  • 4. Generate header timestamp. example :

    OAUTH-Timestamp : 2017-12-09T03:52:01.000+07:00
  • 5. Use payload data :grant_type=client_credentials

  • 6. Generate signature for header "oauth-signature"

    - construct payload permata signature concat at field using ":" separator

    API-Key:OAUTH-Timestamp:payload

    basic_auth from user and pass sample :

    - Client ID / username :

    ec1f94aa-161b-446a-afb0-2de29a52060e

    - Client Secret Key / password :

    fd0f38d4-46dd-44ce-b318-c208f7f0e6df

    generated Base64 Basic Auth:

    NzNlODQzY2QtMGIyOC00Zjk4LWEyNjItYjVkYmRmOWVlNTQ5OjJkNDU3MDVjLWU5OTItNGJkOC1iN2ZlLTdkMmQxZGM2YzRjMQ==

Example full payload for permata oauth signature :

cd86fe4b-bc4f-4200-8ad4-d04971c65ac6:2017-12-09T03:52:01.000+07:00:grant_type=client_credentials

Sample generate hmac sha256 using PHP :

//Define Message
$message = 'cd86fe4b-bc4f-4200-8ad4-d04971c65ac6:2017-12-09T03:52:01.000+07:00:grant_type=client_credentials';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Signature
$signature = base64_encode($hash);
echo 'Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099

The result are OAUTH-Signature:YcKit0AOOJns0z/DWS+VJDHPJr/MWGiqZzqzFHIkBgo=

$payloadName['grant_type']='client_credentials';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded ','keyid: cd86fe4b-bc4f-4200-8ad4-d04971c65ac6','OAUTH-Signature: YcKit0AOOJns0z/DWS+VJDHPJr/MWGiqZzqzFHIkBgo=','OAUTH-Timestamp : 2017-12-09T03:52:01.000+07:00');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_USERPWD, $username . ":" . $password);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $payloadName);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Sample Response


{
    "access_token": "15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy",
    "token_type": "Bearer",
    "expires_in": 10800,
    "scope": "resource.WRITE resource.READ"
} 

Sample generate hmac sha256 using JAVA :


//Define Message
String message = ' 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}';
//Create Hash
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(permataStaticKey.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key)
//Create token
String hash = Base64.encodeBase64String(sha256_HMAC.doFinal(string2hash.getBytes("UTF-8")));
System.out.println(hash);

Sample Response


{
    "access_token": "15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy",
    "token_type": "Bearer",
    "expires_in": 10800,
    "scope": "resource.WRITE resource.READ"
}

Use token Oauth And Permata Signature to Hit Services

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header
    'authorization: Bearer 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy'

  • b. add header

    'organizationname: WD62876099'

  • c. add header

    'permata-timestamp : 2017-11-07T10:22:57.000'

  • d. add header permata-signature :


    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator
    access_token:permata-timestamp:bodymessage(message without space)

Example :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57:{"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}

Sample generate hmac sha256 using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$token = base64_encode($hash);
echo 'Token: ' . $token . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=

Sample request using PHP curl :

$jsonPayload=''{"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);
curl -X POST -k https://api.pbdevtest.com/apiservice/InquiryServices/BalanceInfo_V2/inq -H 'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ' -H 'cache-control: no-cache' -H 'content-type: application/json' -H 'organizationname: Permata Bank' -H 'permata-signature: YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=' -H 'permata-timestamp: 2017-11-07T10:22:57.000+07:00' -d '{"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}'

Sample Response


{
    "BalInqRs": {
        "MsgRsHdr": {
            "ResponseTimestamp": "2017-11-24T01:56:16.245+07:00",
            "CustRefID": "0878987654321",
            "StatusCode": "14",
            "StatusDesc": "Account Not Found"
        },
        "InqInfo": {
            "AccountNumber": "701075323",
            "AccountCurrency": "",
            "AccountBalanceAmount": "",
            "BalanceType": "AvailBalance"
        }
    }
}

Example :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57:{"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}

Sample generate hmac sha256 using PHP :

//Define Message
$message = ' 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$token = base64_encode($hash);
echo 'Token: ' . $token . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=

Sample request using PHP curl :

$jsonPayload='{"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);
curl -X POST -k https://api.pbdevtest.com/apiservice/InquiryServices/BalanceInfo_V2/inq -H 'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ' -H 'cache-control: no-cache' -H 'content-type: application/json' -H 'organizationname: Permata Bank' -H 'permata-signature: YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=' -H 'permata-timestamp: 2017-11-07T10:22:57' -d '{"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}'

Sample Response


{
    "BalInqRs": {
        "MsgRsHdr": {
            "ResponseTimestamp": "2017-11-24T01:56:16.245+07:00",
            "CustRefID": "0878987654321",
            "StatusCode": "14",
            "StatusDesc": "Account Not Found"
        },
        "InqInfo": {
            "AccountNumber": "701075323",
            "AccountCurrency": "",
            "AccountBalanceAmount": "",
            "BalanceType": "AvailBalance"
        }
    }
}

Balance Inquiry

1.1 Detail

Name Balance Inquiry
Description Balance Inquiry Operations: inq
Transport Protocol HTTP POST
Message Format JSON
Interaction Type Synchronous
Security Policy API Key + JWE
Interface ID

1.2 Request

Message Format

Field Type Length Mandatory Description
BalInqRq
MsgRqHdr
RequestTimestamp xs:dateTime Y Format:
YYYY-MM-DDTHH:mm:ss
2017-07-21T14:32:01.000+07:00
CustRefID xs:string 20 Y
InqInfo
AccountNumber xs:string Y Account number

1.3 Response

Message Format

Field Type Length Mandatory Description
BalInqRs
MsgRqHdr
ResponseTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00.000
CustRefID xs:string Y
StatusCode xs:string * Y Status code
StatusDesc xs:string * N Status description
InqInfo
AccountNumber xs:string Y
AccountCurrency xs:string Y
AccountBalanceAmount xs:string Y
BalanceType xs:string Y

Sample code

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header

    'authorization: Bearer 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy'

  • b. add header

    'organizationname: WD62876099'

  • c. add header

    'permata-timestamp : 2017-11-07T10:22:57.000'

  • d. add header permata-signature :
    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator access_token:permata-timestamp:bodymessage(message without space)

Post

https://api.pbdevtest.com/apiservice/InquiryServices/BalanceInfo/inq

Sample Request


{ 
   "BalInqRq":{ 
      "MsgRqHdr":{ 
         "RequestTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"0878987654321"
      },
      "InqInfo":{ 
         "AccountNumber":"701075323"
      }
   }
}

Sample Response


{
    "BalInqRs": {
        "MsgRsHdr": {
            "ResponseTimestamp": "2017-07-21T14:32:01.000+07:00",
            "CustRefID": "0878987654321",
            "StatusCode": "00",
            "StatusDesc": "Success"
        },
        "InqInfo": {
            "AccountNumber": "701075323",
            "AccountCurrency": "IDR",
            "AccountBalanceAmount": "106555123",
            "BalanceType": "AvailBalance"
        }
    }
}

Example :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57:{"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}

Sample generate hmac sha256 using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$token = base64_encode($hash);
echo 'Token: ' . $token . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=

Sample request using PHP curl :

$jsonPayload='{"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Sample generate hmac sha256 using JAVA :


//Define Message
String message = ' 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"701075323"}}}';
//Create Hash
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(permataStaticKey.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key)
//Create token
String hash = Base64.encodeBase64String(sha256_HMAC.doFinal(string2hash.getBytes("UTF-8")));
System.out.println(hash);

Sample request using JAVA :


String host = "host";
String payload = "{"BalInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-0721T14:32:01+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccounNumber":"701075323"}}}";

String OrganizationName = "WD62876099";
String authorization = "Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ" ;
String Content_Type = "application/json";
String PERMATA_Signature = "YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=";
String PERMATA_Timestamp = "2017-11-07T10:22:57";

HttpClient httpClient = HttpClientBuilder.create().build();
HttpPost request = new HttpPost(host);

request.setEntity(new StringEntity(payload));
request.setHeader("authorization",authorization);
request.setHeader("OrganizationName",OrganizationName);
request.setHeader("Content-Type",Content_Type);
request.setHeader("PERMATA-Signature",PERMATA_Signature);
request.setHeader("PERMATA-Timestamp",PERMATA_Timestamp);

HttpResponse response = httpClient.execute(request);
System.out.println(response.getStatusLine().getStatusCode());

Inquiry Overbooking

1.1 Detail

Name Inquiry Overbooking
Description Service to get source and destination Account Operations: inq
Transport Protocol HTTP POST
Message Format JSON
Interaction Type Synchronous
Security Policy API Key + JWE
Interface ID

1.2 Request

Message Format

Field Type Length Mandatory Description
AcctInqRq
MsgRqHdr
RequestTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00.000
CustRefID xs:string 20 Y
InqInfo
AccountNumber xs:string Y Account number

1.3 Response

Message Format

Field Type Length Mandatory Description
AcctInqRs
MsgRqHdr
ResponseTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00.000
CustRefID xs:string 20 Y
StatusCode xs:string * Y Status code
StatusDesc xs:string * N Status description
InqInfo
AccountNumber xs:string Y
AccountName xs:string Y

Sample code

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header

    'authorization: Bearer 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy'

  • b. add header

    'organizationname: WD62876099'

  • c. add header

    'permata-timestamp : 2017-11-07T10:22:57.000+07:00'

  • d. add header permata-signature :
    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator access_token:permata-timestamp:bodymessage(message without space)

Post

https://api.pbdevtest.com/apiservice/InquiryServices/AccountInfo/inq

Sample Request


{ 
   "AcctInqRq":{ 
      "MsgRqHdr":{ 
         "RequestTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"0878987654321"
      },
      "InqInfo":{ 
            "AccountNumber":"9999002800"
      }
   }
}

Sample Response


{
    "AcctInqRs": {
        "MsgRsHdr": {
            "ResponseTimestamp": "2017-11-24T05:06:26.698+07:00",
            "CustRefID": "0878987654321",
            "StatusCode": "00",
            "StatusDesc": "Success"
        },
        "InqInfo": {
            "AccountNumber": "701075323",
            "AccountName": "KR DUMMY ACCOUNT TB"
        }
    }
}

Example :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"AcctInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"9999002800"}}}

Sample generate hmac sha256 using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"AcctInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"9999002800"}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$signature = base64_encode($hash);
echo 'Permata Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=

Sample request using PHP curl :

$jsonPayload='{"AcctInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"9999002800"}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000+07:00');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Sample generate hmac sha256 using JAVA :


//Define Message
String message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"AcctInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccountNumber":"9999002800"}}}';
//Create Hash
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(permataStaticKey.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key)
//Create token
String hash = Base64.encodeBase64String(sha256_HMAC.doFinal(string2hash.getBytes("UTF-8")));
System.out.println(hash);

Sample request using JAVA :


String host = "host";
String payload = "{"AcctInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-0721T14:32:01+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccounNumber":"701075323"}}}";

String OrganizationName = "WD62876099";
String authorization = "Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ" ;
String Content_Type = "application/json";
String PERMATA_Signature = "YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=";
String PERMATA_Timestamp = "2017-11-07T10:22:57";

HttpClient httpClient = HttpClientBuilder.create().build();
HttpPost request = new HttpPost(host);

request.setEntity(new StringEntity(payload));
request.setHeader("authorization",authorization);
request.setHeader("OrganizationName",OrganizationName);
request.setHeader("Content-Type",Content_Type);
request.setHeader("PERMATA-Signature",PERMATA_Signature);
request.setHeader("PERMATA-Timestamp",PERMATA_Timestamp);

HttpResponse response = httpClient.execute(request);
System.out.println(response.getStatusLine().getStatusCode());

Overbooking (Posting)

1.1 Detail

Name Overbooking
Description Service to Posting Overbook Operations: add
Transport Protocol HTTP POST
Message Format JSON
Interaction Type Synchronous
Security Policy API Key + JWE
Interface ID

1.2 Request

Message Format

Field Type Length Mandatory Description
XferAddRq
MsgRqHdr
RequestTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00.000
CustRefID xs:string 20 Y
XferInfo
FromAccount xs:string Y Remmiter Account number
ToAccount xs:string Y Bennef Account number
Amount xs:number Y Transaction Amount
CurrencyCode xs:string Y Transaction Currency
ChargeTo xs:string Y 0 : Charge to Remmiter/Sender
TrxDesc xs:string N Transaction Description
TrxDesc2 xs:string N Transaction Description
BenefEmail xs:string N Benef Email Address
BenefAcctName xs:string Y Benef Name
BenefPhoneNo xs:string Y Benef Phone Number
FromAcctName xs:string Y Remmiter Name
TkiFlag xs:string Y TKI Flag (Y or N)

1.3 Response

Message Format

Field Type Length Mandatory Description
XferAddRs
MsgRsHdr
RequestTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00.000
CustRefID xs:string 20 Y
StatusCode xs:string * Y Status code
StatusDesc xs:string * N Status description
TrxReffNo xs:string * Y Transaction Reff Number

Sample code

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header

    'authorization: Bearer 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy'

  • b. add header

    'organizationname: WD62876099'

  • c. add header

    'permata-timestamp : 2017-11-07T10:22:57.000'

  • d. add header permata-signature :
    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator access_token:permata-timestamp:bodymessage(message without space)

Post

https://api.pbdevtest.com/apiservice/BankingServices/FundsTransfer/add

Sample Request


{
  "XferAddRq": {
    "MsgRqHdr": {
      "RequestTimestamp": "2017-07-21T14:32:01.000+07:00",
      "CustRefID": "0001234502"
    },
    "XferInfo": {
      "FromAccount":"701075331",
      "ToAccount":"701075323",
      "Amount":21001,
      "CurrencyCode":"IDR",
      "ChargeTo":"0",
      "TrxDesc":"Coba 1",
      "TrxDesc2":"Desc 2",
      "BenefEmail":"john@gmail.com",
      "BenefAcctName":"John",
      "BenefPhoneNo":"0821222333467",
      "FromAcctName":"Doe",
      "TkiFlag":""
    }
  }
} 

Sample Response


{
    "XferAddRs": {
        "MsgRsHdr": {
            "ResponseTimestamp": "2017-12-04T19:45:07.765+07:00",
            "CustRefID": "0001234502",
            "StatusCode": "00",
            "StatusDesc": "Success"
        },
        "TrxReffNo": "0870171204984683"
    }
} 

Example :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"XferAddRq": {"MsgRqHdr": {"RequestTimestamp": "2017-07-21T14:32:01.000+07:00","CustRefID": "0001234502"},"XferInfo": {"FromAccount":"701075331","ToAccount":"701075323","Amount":21001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","FromAcctName":"Doe","TkiFlag":""}}}

Sample generate hmac sha256 using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"XferAddRq": {"MsgRqHdr": {"RequestTimestamp": "2017-07-21T14:32:01.000+07:00","CustRefID": "0001234502"},"XferInfo": {"FromAccount":"701075331","ToAccount":"701075323","Amount":21001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","FromAcctName":"Doe","TkiFlag":""}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$signature = base64_encode($hash);
echo 'Permata Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=

Sample request using PHP curl :

$jsonPayload='{"XferAddRq": {"MsgRqHdr": {"RequestTimestamp": "2017-07-21T14:32:01.000+07:00","CustRefID": "0001234502"},"XferInfo": {"FromAccount":"701075331","ToAccount":"701075323","Amount":21001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","FromAcctName":"Doe","TkiFlag":""}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Sample generate hmac sha256 using JAVA :


//Define Message
String message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57:"{"XferAddRq": {"MsgRqHdr": {"RequestTimestamp": "2017-07-21T14:32:01+07:00","CustRefID": "0001234502"},"XferInfo": {"FromAccount":"701075331","ToAccount":"701075323","Amount":21001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","FromAcctName":"Doe","TkiFlag":""}}}';
//Create Hash
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(permataStaticKey.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key)
//Create token
String hash = Base64.encodeBase64String(sha256_HMAC.doFinal(string2hash.getBytes("UTF-8")));
System.out.println(hash);

Sample request using JAVA :


String host = "host";
String payload = "{"XferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-0721T14:32:01+07:00","CustRefID":"0878987654321"},"InqInfo":{"AccounNumber":"701075323"}}}";

String OrganizationName = "WD62876099";
String authorization = "Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ" ;
String Content_Type = "application/json";
String PERMATA_Signature = "YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=";
String PERMATA_Timestamp = "2017-11-07T10:22:57.000";

HttpClient httpClient = HttpClientBuilder.create().build();
HttpPost request = new HttpPost(host);

request.setEntity(new StringEntity(payload));
request.setHeader("authorization",authorization);
request.setHeader("OrganizationName",OrganizationName);
request.setHeader("Content-Type",Content_Type);
request.setHeader("PERMATA-Signature",PERMATA_Signature);
request.setHeader("PERMATA-Timestamp",PERMATA_Timestamp);

HttpResponse response = httpClient.execute(request);
System.out.println(response.getStatusLine().getStatusCode());

Transfer Inquiry Online

1.1 Detail

Name Inquiry Transfer Online
Description Service to get source and destination Account Operations: inq (Inq Trf Online)
Transport Protocol HTTP POST
Message Format JSON
Interaction Type Synchronous
Security Policy API Key + JWE
Interface ID

1.2 Request

Message Format

Field Type Length Mandatory Description
OlXferInqRq
MsgRqHdr
RequestTimestamp xs:dateTime Y Format : YYYY-MM-DDTHH:mm:ss 2017-10-14T16:25:09.000+07:00.000
CustRefID xs:string 20 Y
XferInfo
ToAccount xs:string Y Benef Account number
BankId xs:string Y Bank ID (List BankId on Attachment)
BankName xs:string N Bank Name (fill with blank)

1.3 Response

Message Format

Field Type Length Mandatory Description
OlXferInqRs
MsgRsHdr
ResponseTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00.000
CustRefID xs:string 20 Y
StatusCode xs:string * Y Status code
StatusDesc xs:string * N Status description
XferInfo
ToAccount xs:string Y Benef Account Number
ToAccountFullName xs:string Y Benef Name
BankId xs:string * Y Bank ID
(List BankId below)
BankName xs:string * N Bank Name

Sample code

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header

    'authorization: Bearer 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy'
  • b. add header

    'organizationname: WD62876099'
  • c. add header

    'permata-timestamp : 2017-11-07T10:22:57.000+07:00'
  • d. add header permata-signature :
    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator access_token:permata-timestamp:bodymessage(message without space)

Post

https://api.pbdevtest.com/apiservice/InquiryServices/OnlineXferInfo/inq

Sample Request


{
  "OlXferInqRq" : {
    "MsgRqHdr" : {
      "RequestTimestamp" : "2017-07-21T14:32:01.000+07:00",
      "CustRefID" : "0878987654321"
    },
    "XferInfo" : {
      "ToAccount" : "456456",
      "BankId" : "80017",
      "BankName" : "BANK MANDIRI"
   }
  }
}

Sample Response


{ 
   "OlXferInqRs":{ 
      "MsgRsHdr":{ 
         "ResponseTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"0878987654321",
         "StatusCode":"00",
         "StatusDesc":"Success"
      },
      "XferInfo":{ 
            "ToAccount":"456456",
            "ToAccountFullName":"ALEX HIDAYAT                  ",
            "BankId":"80017",
            "BankName":"BANK MANDIRI"
      }
   }
}

Example :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57.000+07:00: {"OlXferInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"XferInfo":{"ToAccount":"456456","BankId":"80017","BankName":"BANK MANDIRI"}}}

Sample generate hmac sha256 using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57.000+07:00: {"OlXferInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"XferInfo":{"ToAccount":"456456","BankId":"80017","BankName":"BANK MANDIRI"}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$token = base64_encode($hash);
echo 'Permata Signature: ' .$signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=

Sample request using PHP curl :

$jsonPayload='{"OlXferInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"XferInfo":{"ToAccount":"456456","BankId":"80017","BankName":"BANK MANDIRI"}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000+07:00');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Sample generate hmac sha256 using JAVA :


//Define Message
String message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57:" {"OlXferInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0878987654321"},"XferInfo":{"ToAccount":"456456","BankId":"142861","BankName":""}}}';
//Create Hash
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(permataStaticKey.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key)
//Create token
String hash = Base64.encodeBase64String(sha256_HMAC.doFinal(string2hash.getBytes("UTF-8")));
System.out.println(hash);

Sample request using JAVA :


String host = "host";
String payload = "{"OlXferInqRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0878987654321"},"XferInfo":{"ToAccount":"456456","BankId":"142861","BankName":""}}}";
String OrganizationName = "WD62876099";
String authorization = "Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ" ;
String Content_Type = "application/json";
String PERMATA_Signature = "YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=";
String PERMATA_Timestamp = "2017-11-07T10:22:57";

HttpClient httpClient = HttpClientBuilder.create().build();
HttpPost request = new HttpPost(host);
request.setEntity(new StringEntity(payload));
                
request.setHeader("authorization",authorization);
request.setHeader("OrganizationName",OrganizationName);
request.setHeader("Content-Type",Content_Type);
request.setHeader("PERMATA-Signature",PERMATA_Signature);
request.setHeader("PERMATA-Timestamp",PERMATA_Timestamp);
HttpResponse response = httpClient.execute(request);
System.out.println(response.getStatusLine().getStatusCode());

Transfer Online

1.1 Detail

Name Transfer Online
Description Service For Transfer Obline to Other Bank Operations: add
Transport Protocol HTTP POST
Message Format JSON
Interaction Type Synchronous
Security Policy API Key + JWT
Interface ID

1.2 Request

Message Format

Field Type Length Mandatory Description
OlXferAddRq
MsgRqHdr
RequestTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00
CustRefID xs:string 20 Y Customer Reff ID
XferInfo
FromAccount xs:string Y Remitter Account number
ToAccount xs:string Y Benef Account number
ToBankId xs:string Y Benef Bank ID
ToBankName xs:string Y Benef Bank Name
Amount xs:number Y Transaction Amount
ChargeTo xs:string Y 0 : Charge to Remitter/Sender
TrxDesc xs:string N Transaction Description
TrxDesc2 xs:string N Transaction Description
BenefEmail xs:string N Benef Email Address
BenefAcctName xs:string Y Benef Name
BenefPhoneNo xs:string Y Benef Phone Number
FromAcctName xs:string Y Remitter Name
DatiII xs:string N Dati II If TKI Flag 'Y' → DatiII mandatory
TkiFlag xs:string Y TKI Flag (fill with 'Y' or 'N')

1.3 Response

Message Format

Field Type Length Mandatory Description
XferAddRs
MsgRsHdr
ResponseTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00
CustRefID xs:string 20 Y
StatusCode xs:string * Y Status code
StatusDesc xs:string * N Status description
TrxReffNo xs:string Transaction Reff Number

Sample code

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header

    'authorization: Bearer 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy'
  • b. add header

    'organizationname: WD62876099'
  • c. add header

    'permata-timestamp : 2017-11-07T10:22:57.000+07:00'
  • d. add header permata-signature :
    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator access_token:permata-timestamp:bodymessage(message without space)

Post

https://api.pbdevtest.com/apiservice/BankingServices/InterBankTransfer/add

Sample Request


{ 
   "OlXferAddRq":{ 
      "MsgRqHdr":{ 
         "RequestTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"0001234409"
      },
      "XferInfo":{ 
         "FromAccount":"701075331",
         "ToAccount":"701075323",
         "ToBankId":"86079",
         "ToBankName":"MANDIRI",
         "Amount":20001,
         "ChargeTo":"0",
         "TrxDesc":"Coba 1",
         "TrxDesc2":"Desc 2",
         "BenefEmail":"john@gmail.com",
         "BenefAcctName":"John",
         "BenefPhoneNo":"0821222333467",
         "FromAcctName":"Doe",
         "DatiII":"",
         "TkiFlag":""
      }
   }
}

Sample Response


{
    "OlXferAddRs": {
        "MsgRsHdr": {
            "ResponseTimestamp": "2017-12-04T20:08:18.531+07:00",
            "CustRefID": "0001234409",
            "StatusCode": "00",
            "StatusDesc": "Success"
        },
        "TrxReffNo": "0898171204984691"
    }
}

Example :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57.000+07:00: {"OlXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0001234409"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"86079","ToBankName":"MANDIRI","Amount":20001,"ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","FromAcctName":"Doe","DatiII":"","TkiFlag":""}}}

Sample generate hmac sha256 using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"OlXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0001234409"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"86079","ToBankName":"MANDIRI","Amount":20001,"ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","FromAcctName":"Doe","DatiII":"","TkiFlag":""}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$signature = base64_encode($hash);
echo 'Permata Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=

Sample request using PHP curl :

$jsonPayload='{"OlXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0001234409"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"86079","ToBankName":"MANDIRI","Amount":20001,"ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","FromAcctName":"Doe","DatiII":"","TkiFlag":""}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:XiG848NZNNZaNvebAQRKFVjKmads/p/WmiPb6lCve9c=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000+07:00');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Sample generate hmac sha256 using JAVA :


//Define Message
String message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"OlXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0001234409"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"142861","ToBankName":"MANDIRI","Amount":20001,"ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","FromAcctName":"Doe","DatiII":"","TkiFlag":""}}}';
//Create Hash
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(permataStaticKey.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key)
//Create token
String hash = Base64.encodeBase64String(sha256_HMAC.doFinal(string2hash.getBytes("UTF-8")));
System.out.println(hash);

Sample request using JAVA :


String host = "host";
String payload = "{"OlXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0001234409"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"142861","ToBankName":"MANDIRI","Amount":20001,"ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","FromAcctName":"Doe","DatiII":"","TkiFlag":""}}}";

String OrganizationName = "WD62876099";
String authorization = "Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ" ;
String Content_Type = "application/json";
String PERMATA_Signature = "YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=";
String PERMATA_Timestamp = "2017-11-07T10:22:57";

HttpClient httpClient = HttpClientBuilder.create().build();
HttpPost request = new HttpPost(host);

request.setEntity(new StringEntity(payload));
request.setHeader("authorization",authorization);
request.setHeader("OrganizationName",OrganizationName);
request.setHeader("Content-Type",Content_Type);
request.setHeader("PERMATA-Signature",PERMATA_Signature);
request.setHeader("PERMATA-Timestamp",PERMATA_Timestamp);

HttpResponse response = httpClient.execute(request);
System.out.println(response.getStatusLine().getStatusCode());

LLG

1.1 Detail

Name LLG
Description Service For LLG Operations: add
Cut Off Time Monday-Friday at 15:00 Jakarta time.
Transport Protocol HTTP POST
Message Format JSON
Interaction Type Synchronous
Security Policy API Key + JWT
Interface ID

1.2 Request

Message Format

Field Type Length Mandatory Description
LlgXferAddRq
MsgRqHdr
RequestTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00
CustRefID xs:string 20 Y Customer Reff ID
XferInfo
FromAccount xs:string Y Remitter Account number
ToAccount xs:string Y Benef Account number
ToBankId xs:string Y Benef Bank ID
ToBankName xs:string Y Benef Bank Name
Amount xs:number Y Transaction Amount
CurrencyCode xs:string N Transaction Currency
ChargeTo xs:string Y 0 : Charge to Remitter/Sender
TrxDesc xs:string N Transaction Description
TrxDesc2 xs:string N Transaction Description
CitizenStatus xs:string Y 0: WNI
1: WNA
ResidentStatus xs:string Y 0 : Resident
1: Non Resident
BenefType xs:string Y 1: Individu
2. Corporate
BenefEmail xs:string N Benef Email Address
BenefAcctName xs:string Y Benef Name
BenefPhoneNo xs:string N Benef Phone Number
BenefBankAddress xs:string N
BenefBankBranchName xs:string N
BenefBankCity xs:string N
FromAcctName xs:string Y Remitter Name
FromCurrencyCode xs:string N
Filler1 xs:string N
Filler2 xs:string N
Filler3 xs:string N
BenefAddress1 xs:string N
BenefAddress2 xs:string N
BenefAddress3 xs:string N
DatiII xs:string N Dati II If TKI Flag Y → DatiII mandatory
TkiFlag xs:string N TKI Flag (fill with 'Y' or 'N')

1.3 Response

Message Format

Field Type Length Mandatory Description
LlgXferAddRs
MsgRsHdr
ResponseTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00
CustRefID xs:string 20 Y
StatusCode xs:string * Y Status code
StatusDesc xs:string * N Status description
TrxReffNo xs:string Transaction Reff Number

Sample code

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header

    'authorization: Bearer 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy'
  • b. add header

    'organizationname: WD62876099'
  • c. add header

    'permata-timestamp : : 2017-11-07T10:22:57.000+07:00'
  • d. add header permata-signature :
    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator access_token:permata-timestamp:bodymessage(message without space)

Post

https://api.pbdevtest.com/apiservice/BankingServices/LlgTransfer/add

Sample Request


{
  "LlgXferAddRq": {
    "MsgRqHdr": {
      "RequestTimestamp": "2017-07-21T14:32:01.000+07:00",
      "CustRefID": "0001234407"
    },
    "XferInfo": {
         "FromAccount":"701075331",
         "ToAccount":"701075323",
         "ToBankId":"86079",
         "ToBankName":"MANDIRI",
         "Amount":22001,
         "CurrencyCode":"IDR",
         "ChargeTo":"0",
         "TrxDesc":"Coba 1",
         "TrxDesc2":"Desc2",
         "CitizenStatus":"0",
         "ResidentStatus":"0",
         "BenefType":"1",
         "BenefEmail":"john@gmail.com",
         "BenefAcctName":"John",
         "BenefPhoneNo":"0821222333467",
         "BenefBankAddress":"JALAN JEND SUDIRMAN",
         "BenefBankBranchName":"SUDIRMAN",
         "BenefBankCity":"JAKARTA",
         "FromAcctName":"Doe",
         "FromCurrencyCode":"IDR",
         "Filler1":"",
         "Filler2":"",
         "Filler3":"",
         "BenefAddress1":"jl Berkah no.14",
         "BenefAddress2":"Perum Satu",
         "BenefAddress3":"Pulo Gadung",
         "DatiII":"",
         "TkiFlag":""
    }
  }
}

Sample Response


{
    "LlgXferAddRs": {
        "MsgRsHdr": {
            "ResponseTimestamp": "2017-12-04T20:04:07.105+07:00",
            "CustRefID": "0001234407",
            "StatusCode": "00",
            "StatusDesc": "Success"
        },
        "TrxReffNo": "0870171204984685"
    }
}

Example :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"LlgXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0001234407"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"86079","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefType":"1","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"","TkiFlag":""}}}

Sample generate hmac sha256 using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"LlgXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0001234407"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"86079","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefType":"1","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"","TkiFlag":""}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$signature = base64_encode($hash);
echo 'Permata Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=

Sample request using PHP curl :

$jsonPayload='{"LlgXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0001234407"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"86079","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefType":"1","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"","TkiFlag":""}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Sample generate hmac sha256 using JAVA :


//Define Message
String message = "15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"LlgXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0001234407"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"142861","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefType":"1","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"","TkiFlag":""}}}";
//Create Hash
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(permataStaticKey.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key)
//Create token
String hash = Base64.encodeBase64String(sha256_HMAC.doFinal(string2hash.getBytes("UTF-8")));
System.out.println(hash);

Sample request using JAVA :


String host = "host";
String payload = "{"LlgXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0001234407"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"142861","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefType":"1","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"","TkiFlag":""}}}";
String OrganizationName = "WD62876099";
String authorization = "Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ" ;
String Content_Type = "application/json";
String PERMATA_Signature = "YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=";
String PERMATA_Timestamp = "2017-11-07T10:22:57";

HttpClient httpClient = HttpClientBuilder.create().build();
HttpPost request = new HttpPost(host);
request.setEntity(new StringEntity(payload));
                
request.setHeader("authorization",authorization);
request.setHeader("OrganizationName",OrganizationName);
request.setHeader("Content-Type",Content_Type);
request.setHeader("PERMATA-Signature",PERMATA_Signature);
request.setHeader("PERMATA-Timestamp",PERMATA_Timestamp);
HttpResponse response = httpClient.execute(request);
System.out.println(response.getStatusLine().getStatusCode());

RTGS (POSTING)

7.1 Detail

Name RTGS
Description Service For RTGS
Operation: add
Cut Off Time Monday-Friday at 15:00 Jakarta time.
Transport ProtocolHTTP POST
Message Format JSON
Interaction Type Synchronous
Security Policy API Key + JWT
Interface ID

7.2 Request

Format Message

Field Type Length Mandatory Description
RtgsXferAddRq
MsgRqHdr
RequestTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00
CustRefID xs:string 20 Y Customer Reff ID
XferInfo
FromAccount xs:string Y Remitter Account Number
ToAccount xs:string Y Benef Account Number
ToBankId xs:string Y Benef Bank ID
ToBankName xs:string Y Benef Bank Name
Amount xs:string Y Transaction Amount
CurrencyCode xs:string N Transaction Currency
ChargeTo xs:string Y 0 : Charge to Remitter/Sender
TrxDesc xs:string N Transaction Description
TrxDesc2 xs:string N Transaction Description
CitizenStatus xs:string Y 0: WNI
1: WNA
ResidentStatus xs:string Y 0 : Resident
1: Non Resident
BenefType xs:string Y 1: Individu
2. Corporate
BenefEmail xs:string N Benef Email Adress
BenefAcctName xs:string Y Benef Name
BenefPhoneNo xs:string N Benef Phone Number
BenefBankAddress xs:string N
BenefBankBranchName xs:string N
BenefBankCity xs:string N
FromAcctName xs:string Y Remitter Name
FromCurrencyCode xs:string N
Filler1 xs:string N
Filler2 xs:string N
Filler3 xs:string N
BenefAddress1 xs:string
BenefAddress2 xs:string
BenefAddress3 xs:string
DatiII xs:string N Dati II
If TKI Flag 'Y' → DatiII mandatory
TkiFlag xs:string N TKI Flag (fill with 'Y' or 'N')

7.3 Reponse

Format Message

Field Type Length Mandatory Description
RtgsXferAddRs
MsgRsHdr
ResponseTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
14T16:25:09.000+07:00
CustRefID xs:string 20 Y
StatusCode xs:string * Y Status Code
StatusDesc xs:string * N Status Description
TrxReffNo xs:string Transaction Reff Number

Sample code

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header

    'authorization: Bearer 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy'

  • b. add header

    'organizationname: WD62876099'

  • c. add header

    'permata-timestamp : 2017-11-07T10:22:57.000+07:00'

  • d. add header permata-signature :
    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator

    access_token:permata-timestamp:bodymessage(message without space)

Post

https://api.pbdevtest.com/apiservice/BankingServices/RtgsTransfer/add

Sample Request


{ 
   "RtgsXferAddRq":{ 
      "MsgRqHdr":{ 
         "RequestTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"0878987654321"
      },
      "XferInfo":{ 
         "FromAccount":"701075331",
         "ToAccount":"701075323",
         "ToBankId":"008",
         "ToBankName":"MANDIRI",
         "Amount":22001,
         "CurrencyCode":"IDR",
         "ChargeTo":"0",
         "TrxDesc":"Coba 1",
         "TrxDesc2":"Desc2",
         "CitizenStatus":"0",
         "ResidentStatus":"0",
         "BenefEmail":"john@gmail.com",
         "BenefAcctName":"John",
         "BenefPhoneNo":"0821222333467",
         "BenefBankAddress":"JALAN JEND SUDIRMAN",
         "BenefBankBranchName":"SUDIRMAN",
         "BenefBankCity":"JAKARTA",
         "FromAcctName":"Doe",
         "FromCurrencyCode":"IDR",
         "Filler1":"",
         "Filler2":"",
         "Filler3":"",
         "BenefAddress1":"jl Berkah no.14",
         "BenefAddress2":"Perum Satu",
         "BenefAddress3":"Pulo Gadung",
         "DatiII":"1211",
         "TkiFlag":"0"
      }
   }
}

Sample Response


{ 
   "RtgsXferAddRs":{ 
      "MsgRsHdr":{ 
         "ResponseTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"0878987654321",
         "StatusCode":"00",
         "StatusDesc":"Success"
      },
      "TrxReffNo":"0121323333"
   }
}

Example :

Mobile Voucher :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"RtgsXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"008","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"1211","TkiFlag":"0"}}}

And generate hmac sha256 for payload.

Sample generate hmac using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"RtgsXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"008","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"1211","TkiFlag":"0"}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$signature = base64_encode($hash);
echo 'Permata Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
TU2/FlufAeVnf7qarpFZE3fZUGpRBI8rt08mQt3HAxk=

Sample request using PHP curl :

$jsonPayload='{"RtgsXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"008","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"1211","TkiFlag":"0"}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:TU2/FlufAeVnf7qarpFZE3fZUGpRBI8rt08mQt3HAxk=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000+07:00');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Sample generate hmac sha256 using JAVA :


//Define Message
String message = "15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"RtgsXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"008","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"1211","TkiFlag":"0"}}}";
//Create Hash
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(permataStaticKey.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key)
//Create token
String hash = Base64.encodeBase64String(sha256_HMAC.doFinal(string2hash.getBytes("UTF-8")));
System.out.println(hash);

Sample request using JAVA :


String host = "host";
String payload = "{"RtgsXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"008","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"1211","TkiFlag":"0"}}}";
String OrganizationName = "WD62876099";
String authorization = "Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ" ;
String Content_Type = "application/json";
String PERMATA_Signature = "YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=";
String PERMATA_Timestamp = "2017-11-07T10:22:57";

HttpClient httpClient = HttpClientBuilder.create().build();
HttpPost request = new HttpPost(host);
request.setEntity(new StringEntity(payload));
                
request.setHeader("authorization",authorization);
request.setHeader("OrganizationName",OrganizationName);
request.setHeader("Content-Type",Content_Type);
request.setHeader("PERMATA-Signature",PERMATA_Signature);
request.setHeader("PERMATA-Timestamp",PERMATA_Timestamp);
HttpResponse response = httpClient.execute(request);
System.out.println(response.getStatusLine().getStatusCode());

Bill Inquiry

8.1 Detail

Name Bill Inquiry for Mobile Voucher & Virtual Account
Description Service to get :
- denom & price information for Mobile Voucher
- biller information for Virtual Account
Transport ProtocolHTTP POST
Message Format JSON
Interaction Type Synchronous
Security Policy API Key + JWE
Interface ID

8.2 Request

Format Message

Field Type Length Mandatory Description
BillInquiryRq
MsgRqHdr
RequestTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00
CustRefID xs:string 20 Y
BillInquiryInfo
BillType xs:string Y Billing Type :
"MOBILEVOUCHER"
"VIRTUALACCOUNT"
"CREDITCARD"
InstCode xs:string Y Institution Code or Biller ID (List BillerID on Attachment)
BillerNumber xs:string N Biller Number

8.3 Reponse

Format Message

Field Type Length Mandatory Description
BillInquiryRs
MsgRsHdr
ResponseTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00
CustRefID xs:string 20 Y
StatusCode xs:string * Y Status Code
StatusDesc xs:string * N Status Description
BillInquiryInfo
BillType xs:string Y Billing Type :
"MOBILEVOUCHER"
"VIRTUALACCOUNT"
"CREDITCARD"
VoucherList xs:string Y Mandatory for
"MOBILEVOUCHER"
Contains list of denom & price
BillName xs:string Y Mandatory for
"VIRTUALACCOUNT" & "CREDITCARD"
NumberOfRecord xs:string * Y Mandatory for
"VIRTUALACCOUNT"
Repeatable Mandatory for
"VIRTUALACCOUNT"
BillRef xs:string * N Mandatory for
"VIRTUALACCOUNT"
BillAmount xs:string Mandatory for
"VIRTUALACCOUNT"
BillCurrency xs:string Mandatory for
"VIRTUALACCOUNT"
BillAmountSign xs:string Mandatory for
"VIRTUALACCOUNT"
DueDate xs:string N Mandatory for
"CREDITCARD"(Permata Only)
Format : "YYYY-MM-DD"
DateOfBirth xs:string N Mandatory for
"CREDITCARD"(Permata Only)
Format : "YYYY-MM-DD"
MinimumAmount xs:string N Mandatory for
"CREDITCARD"(Permata Only)
TotalAmount xs:string N Mandatory for
"CREDITCARD"(Permata Only)
AvailableCreditBalance xs:string N Mandatory for
"CREDITCARD"(Permata Only)
AvailableCashBalance xs:string N Mandatory for
"CREDITCARD"(Permata Only)

Sample code

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header

    'authorization: Bearer 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy'

  • b. add header

    'organizationname: WD62876099'

  • c. add header

    'permata-timestamp : 2017-11-07T10:22:57.000+07:00'

  • d. add header permata-signature :
    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator

    access_token:permata-timestamp:bodymessage(message without space)

Post

https://api.pbdevtest.com/apiservice/InquiryServices/BillInfo

Sample Request

Mobile Voucher


{ 
   "BillInquiryRq":{ 
      "MsgRqHdr":{ 
         "RequestTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"000000123451"
      },
      "BillInquiryInfo":{ 
         "BillType":"MOBILEVOUCHER",
         "InstCode":"032",
         "BillNumber":"0812112233456"
      }
   }
}

Virtual Account


{ 
   "BillInquiryRq":{ 
      "MsgRqHdr":{ 
         "RequestTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"000000123451"
      },
     "BillInquiryInfo":{ 
        "BillType":"VIRTUALACCOUNT",
         "InstCode":"961",
         "BillNumber":"8961001060001361"
      }
   }
}

Creadit Card


{ 
   "BillInquiryRq":{ 
      "MsgRqHdr":{ 
         "RequestTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"000000123451"
      },
      "BillInquiryInfo":{ 
         "BillType":"CREDITCARD",
         "InstCode":"005",
         "BillNumber":"750000000123123"
      }
   }
}

Sample Response

Mobile Voucher


{ 
    "BillInquiryRs": {
        "MsgRsHdr": {
            "ResponseTimestamp": "2017-07-21T14:32:01.000+07:00",
            "CustRefID": "000000123451",
            "StatusCode": "00",
            "StatusDesc": "SUCCESS"
        },
        "BillInquiryInfo": {
            "BillType": "MOBILEVOUCHER",
            "VoucherList": " VOUCHER TELKOMSEL (SIMPATI) V20 =20000 V25 =25000 V50=50000 V150=150000 V200=200000 V300=300000 V500=500000 
            VOUCHER TELKOMSEL (SIMPATI) ",
            "Voucher1Denom": "20",
            "Voucher1Price": "20000",
            "Voucher2Denom": "25",
            "Voucher2Price": "25000",
            "Voucher3Denom": "50",
            "Voucher3Price": "50000",
            "Voucher4Denom": "100",
            "Voucher4Price": "100000",
            "Voucher5Denom": "150",
            "Voucher5Price": "150000",
            "Voucher6Denom": "200",
            "Voucher6Price": "200000",
            "Voucher7Denom": "300",
            "Voucher7Price": "300000",
            "Voucher8Denom": "500",
            "Voucher8Price": "500000",
            "Voucher9Denom": "",
            "Voucher9Price": "",
            "Voucher10Denom": "",
            "Voucher10Price": ""
          }
        }
      }

Virtual Account


{ 
    "BillInquiryRs":{ 
        "MsgRsHdr":{ 
            "ResponseTimestamp": "2017-07-21T14:32:01.000+07:00",
            "CustRefID": "000000123451",
            "StatusCode": "00",
            "StatusDesc": " SUCCESS "
        },
        "BillInquiryInfo": {
            "BillType": "VIRTUALACCOUNT",
            "BillName": "IMAM NASRUDIN SANTOS",
            "NumberOfRecord": "2",
            "BillReff1": "TOTAL",
            "BillAmount1": "000062397100",
            "BillCurrency1": "360",
            "BillAmountSign1": "C",
            "BillReff2": "PAYMENT REG",
            "BillAmount2": "000062397100",
            "BillCurrency2": "360",
            "BillAmountSign2": "C"
        }
    }
}

Credit Card Permata


{
   "BillInquiryRs": {
      "MsgRsHdr": {
         "ResponseTimestamp": "2017-07-21T14:32:01.000+07:00",
         "CustRefID": "000000123451",
         "StatusCode": "00",
         "StatusDesc": " SUCCESS "
      },
      "BillInquiryInfo": {
         "BillType": "CREDITCARD",
         "BillName": "IMAM NASRUDIN SANTOS",
         "DueDate": "2018-04-09",
         "DateOfBirth": "1988-01-09",
         "MinimumAmount": "100000",
         "TotalAmount": "1100000",
         "AvailableCreditBalance": "15000000",
         "AvailableCashBalance": "14000000"
      }
   }
}

Credit Card Non Permata


{
   "BillInquiryRs": {
      "MsgRsHdr": {
         "ResponseTimestamp": "2017-07-21T14:32:01.000+07:00",
         "CustRefID": "000000123451",
         "StatusCode": "00",
         "StatusDesc": " SUCCESS "
      },
      "BillInquiryInfo": {
         "BillType": "CREDITCARD",
         "BillName": "IMAM NASRUDIN SANTOS"
      }
   }
}

Example :

Mobile Voucher :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BillInquiryRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"000000123451"},"BillInquiryInfo":{"BillType":"MOBILEVOUCHER","InstCode":"032","BillNumber":"0812112233456"}}}

And generate hmac sha256 for payload.

Sample generate hmac using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BillInquiryRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"000000123451"},"BillInquiryInfo":{"BillType":"MOBILEVOUCHER","InstCode":"032","BillNumber":"0812112233456"}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$signature = base64_encode($hash);
echo 'Permata Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
4pBpdPTuEV9GYojSYjLctt+j5GqnEHDokmwn0Y3LOUg=

Sample request using PHP curl :

$jsonPayload='{"BillInquiryRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"000000123451"},"BillInquiryInfo":{"BillType":"MOBILEVOUCHER","InstCode":"032","BillNumber":"0812112233456"}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:4pBpdPTuEV9GYojSYjLctt+j5GqnEHDokmwn0Y3LOUg=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000+07:00');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Example :

Virtual Account :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BillInquiryRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"000000123451"},"BillInquiryInfo":{"BillType":"VIRTUALACCOUNT","InstCode":"961","BillNumber":"8961001060001361"}}}

And generate hmac sha256 for payload.

Sample generate hmac using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BillInquiryRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"000000123451"},"BillInquiryInfo":{"BillType":"VIRTUALACCOUNT","InstCode":"961","BillNumber":"8961001060001361"}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$signature = base64_encode($hash);
echo 'Permata Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
4pBpdPTuEV9GYojSYjLctt+j5GqnEHDokmwn0Y3LOUg=

Sample request using PHP curl :

$jsonPayload='{"BillInquiryRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"000000123451"},"BillInquiryInfo":{"BillType":"VIRTUALACCOUNT","InstCode":"961","BillNumber":"8961001060001361"}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:4pBpdPTuEV9GYojSYjLctt+j5GqnEHDokmwn0Y3LOUg=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000+07:00');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Sample generate hmac sha256 using JAVA :


//Define Message
String message = "15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"RtgsXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0878987654321"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"008","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"1211","TkiFlag":"0"}}}";
//Create Hash
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(permataStaticKey.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key)
//Create token
String hash = Base64.encodeBase64String(sha256_HMAC.doFinal(string2hash.getBytes("UTF-8")));
System.out.println(hash);

Sample request using JAVA :


String host = "host";
String payload = "{"BillInquiryRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"000000123451"},"BillInquiryInfo":{"BillType":"VIRTUALACCOUNT","InstCode":"961","BillNumber":"8961001060001361"}}}";
String OrganizationName = "WD62876099";
String authorization = "Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ" ;
String Content_Type = "application/json";
String PERMATA_Signature = "YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=";
String PERMATA_Timestamp = "2017-11-07T10:22:57";

HttpClient httpClient = HttpClientBuilder.create().build();
HttpPost request = new HttpPost(host);
request.setEntity(new StringEntity(payload));
                
request.setHeader("authorization",authorization);
request.setHeader("OrganizationName",OrganizationName);
request.setHeader("Content-Type",Content_Type);
request.setHeader("PERMATA-Signature",PERMATA_Signature);
request.setHeader("PERMATA-Timestamp",PERMATA_Timestamp);
HttpResponse response = httpClient.execute(request);
System.out.println(response.getStatusLine().getStatusCode());

Bill Payment

9.1 Detail

Name Bill Payment for Mobile Voucher & Virtual Account
Description Service Payment Mobile Voucher & Virtual Account
Transport Protocol HTTP POST
Message Format JSON
Interaction Type Synchronous
Security Policy API Key + JWE
Interface ID

9.2 Request

Format Message

Field Type Length Mandatory Description
BillPaymentRq
MsgRqHdr
RequestTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00
CustRefID xs:string 20 Y
BillPaymentInfo
BillType xs:string Y Billing Type :
"MOBILEVOUCHER"
"VIRTUALACCOUNT"
"CREDIT CARD"
InstCode xs:string Y Institution Code or Biller ID (List BillerID on Attachment)
BillNumber xs:string Y Biller Number
TrxAmount xs:string Y Transaction Amount
Currency xs:string Transaction Currency
UserId xs:string Y Group ID
DebAccNumber xs:string Y Remitter Account Number
DebAccName xs:string Remitter Name
DebAccCur xs:string Remitter Account Currency
BillName xs:string N Mandatory for
"CREDITCARD"(Permata Only, from resp Inq)
Format : "YYYY-MM-DD"
DueDate xs:string N Mandatory for
"CREDITCARD"(Permata Only, from resp Inq)
Format : "YYYY-MM-DD"
DateOfBirth xs:string N Mandatory for
"CREDITCARD"(Permata Only, from resp Inq)
Format : "YYYY-MM-DD"
MinimumAmount xs:string N Mandatory for
"CREDITCARD"(Permata Only, from resp Inq)
TotalAmount xs:string N Mandatory for
"CREDITCARD"(Permata Only, from resp Inq)
AvailableCreditBalance xs:string N Mandatory for
"CREDITCARD"(Permata Only, from resp Inq)
AvailableCashBalance xs:string N Mandatory for
"CREDITCARD"(Permata Only, from resp Inq)

9.3 Reponse

Format Message

Field Type Length Mandatory Description
BillPaymentRs
MsgRsHdr
ResponseTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00
CustRefID xs:string 20 Y
StatusCode xs:string * Y Status Code
StatusDesc xs:string * N Status Description
BillRefNo
BillType xs:string Y Billing Type :
"MOBILEVOUCHER"
"VIRTUALACCOUNT"
VoucherList xs:string Y Mandatory for
MOBILEVOUCHER
Contains list of denom & price
BillName xs:string Y
NumberOfRecord xs:string * Y Number of
Repeatable
BillReff xs:string * N
BillAmount xs:string Billing Amount
BillCurrency xs:string Billing Currency
BillAmountSign xs:string Billing Amount Sign

Sample code

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header

    'authorization: Bearer 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy'

  • b. add header

    'organizationname: WD62876099'

  • c. add header

    'permata-timestamp : 2017-11-07T10:22:57.000+07:00'

  • d. add header permata-signature :
    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator

    access_token:permata-timestamp:bodymessage(message without space)

Post

https://api.pbdevtest.com/apiservice/BankingServices/Payment/directpay

Sample Request

Mobile Voucher


{ 
   "BillPaymentRq":{ 
      "MsgRqHdr":{ 
         "RequestTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"000000123451"
      },
      "BillPaymentInfo":{ 
         "BillType":"MOBILEVOUCHER",
         "InstCode":"032",
         "BillNumber":"0812112233456",
         "TrxAmount":"50000",
         "Currency":"360",
         "UserId":"WD2698001",
         "DebAccNumber":"701075323",
         "DebAccName":"Dummy Account TB",
         "DebAccCur":"360"
      }
   }
}

Virtual Account


{ 
   "BillPaymentRq":{ 
      "MsgRqHdr":{ 
         "RequestTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"000000123451"
      },
      "BillPaymentInfo":{ 
         "BillType":"VIRTUALACCOUNT",
         "InstCode":"961",
         "BillNumber":"8961001060001361",
         "TrxAmount":"62397100",
         "Currency":"360",
         "UserId":"WD2698001",
         "DebAccNumber":"701075323",
         "DebAccName":"Dummy Account TB",
         "DebAccCur":"360"
      }
   }
}

Sample Response

Mobile Voucher


{ 
   "BillPaymentRs":{ 
      "MsgRsHdr":{ 
         "ResponseTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"0878987654321",
         "StatusCode":"00",
         "StatusDesc":"Success"
      },
      "BillRefNo":"0121323333",
      "InstCode":"032"
   }
}

Virtual Account


{ 
   "BillPaymentRs":{ 
      "MsgRsHdr":{ 
         "ResponseTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"0878987654321",
         "StatusCode":"00",
         "StatusDesc":"Success"
      },
      "BillRefNo":"0121323333",
      "InstCode":"961"
   }
}

Example :

Mobile Voucher

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BillPaymentRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"000000123451"},"BillPaymentInfo":{"BillType":"MOBILEVOUCHER","InstCode":"032","BillNumber":"0812112233456","TrxAmount":"50000","Currency":"360","UserId":"WD2698001","DebAccNumber":"701075323","DebAccName":"DummyAccountTB","DebAccCur":"360"}}}

And generate hmac sha256 for payload.

Sample generate hmac using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BillPaymentRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"000000123451"},"BillPaymentInfo":{"BillType":"MOBILEVOUCHER","InstCode":"032","BillNumber":"0812112233456","TrxAmount":"50000","Currency":"360","UserId":"WD2698001","DebAccNumber":"701075323","DebAccName":"DummyAccountTB","DebAccCur":"360"}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$signature = base64_encode($hash);
echo 'Permata Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
T52I6PBgsKFCPN20C1LYJjd96T4FOIkpAA7g95Lk3PM=

Sample request using PHP curl :

$jsonPayload='{"BillPaymentRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"000000123451"},"BillPaymentInfo":{"BillType":"MOBILEVOUCHER","InstCode":"032","BillNumber":"0812112233456","TrxAmount":"50000","Currency":"360","UserId":"WD2698001","DebAccNumber":"701075323","DebAccName":"DummyAccountTB","DebAccCur":"360"}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:T52I6PBgsKFCPN20C1LYJjd96T4FOIkpAA7g95Lk3PM=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000+07:00');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Example :

Virtual Account

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BillPaymentRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"000000123451"},"BillPaymentInfo":{"BillType":"VIRTUALACCOUNT","InstCode":"961","BillNumber":"8961001060001361","TrxAmount":"62397100","Currency":"360","UserId":"WD2698001","DebAccNumber":"701075323","DebAccName":"DummyAccountTB","DebAccCur":"360"}}}

And generate hmac sha256 for payload.

Sample generate hmac using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BillPaymentRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"000000123451"},"BillPaymentInfo":{"BillType":"VIRTUALACCOUNT","InstCode":"961","BillNumber":"8961001060001361","TrxAmount":"62397100","Currency":"360","UserId":"WD2698001","DebAccNumber":"701075323","DebAccName":"DummyAccountTB","DebAccCur":"360"}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$signature = base64_encode($hash);
echo 'Permata Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
T52I6PBgsKFCPN20C1LYJjd96T4FOIkpAA7g95Lk3PM=

Sample request using PHP curl :

$jsonPayload='{"BillPaymentRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"000000123451"},"BillPaymentInfo":{"BillType":"VIRTUALACCOUNT","InstCode":"961","BillNumber":"8961001060001361","TrxAmount":"62397100","Currency":"360","UserId":"WD2698001","DebAccNumber":"701075323","DebAccName":"DummyAccountTB","DebAccCur":"360"}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:K9WUn4PHrs8+lD+ZB0/WUJep8MmTN+DxpdhcmxnS1iY=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000+07:00');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Sample generate hmac sha256 using JAVA :


//Define Message
String message = "15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"BillPaymentRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"000000123451"},"BillPaymentInfo":{"BillType":"MOBILEVOUCHER","InstCode":"032","BillNumber":"0812112233456","TrxAmount":"50000","Currency":"360","UserId":"WD2698001","DebAccNumber":"701075323","DebAccName":"DummyAccountTB","DebAccCur":"360"}}}";
//Create Hash
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(permataStaticKey.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key)
//Create token
String hash = Base64.encodeBase64String(sha256_HMAC.doFinal(string2hash.getBytes("UTF-8")));
System.out.println(hash);

Sample request using JAVA :


String host = "host";
String payload = "{"BillPaymentRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"000000123451"},"BillPaymentInfo":{"BillType":"VIRTUALACCOUNT","InstCode":"961","BillNumber":"8961001060001361","TrxAmount":"62397100","Currency":"360","UserId":"WD2698001","DebAccNumber":"701075323","DebAccName":"DummyAccountTB","DebAccCur":"360"}}}";
String OrganizationName = "WD62876099";
String authorization = "Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ" ;
String Content_Type = "application/json";
String PERMATA_Signature = "YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=";
String PERMATA_Timestamp = "2017-11-07T10:22:57";

HttpClient httpClient = HttpClientBuilder.create().build();
HttpPost request = new HttpPost(host);
request.setEntity(new StringEntity(payload));
                
request.setHeader("authorization",authorization);
request.setHeader("OrganizationName",OrganizationName);
request.setHeader("Content-Type",Content_Type);
request.setHeader("PERMATA-Signature",PERMATA_Signature);
request.setHeader("PERMATA-Timestamp",PERMATA_Timestamp);
HttpResponse response = httpClient.execute(request);
System.out.println(response.getStatusLine().getStatusCode());

Account Statement

10.1 Detail

Name Account Statement
Description Service to show detail statement
Transport Protocol HTTP POST
Message Format JSON
Interaction Type Synchronous
Security Policy API Key + JWE
Interface ID

10.2 Request

Format Message

Field Type Length Mandatory Description
AcctStmtRq
MsgRqHdr
RequestTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00
CustRefID xs:string 20 Y
PageCtrl
MoreFlag xs:string N "Y" : for next page flag
SequenceNum xs:string 30 N From response
StatementInfo
AccountNumber xs:string Y
AccountCurrency xs:string Y
StartDate xs:string Y Format :
YYYY-MM-DD
EndDate xs:string Y Format :
YYYY-MM-DD

10.3 Response

Format Message

Field Type Length Mandatory Description
AcctStmtRs
MsgRsHdr
ResponseTimestamp xs:dateTime Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00
CustRefID xs:string 20 Y
StatusCode xs:string * Y Status Code
StatusDesc xs:string * N Status Description
StatementInfo
BalanceAmount xs:string Y Available Balance
SignBalance xs:string Sign Available Balance
DetailStatement
PageCtrl
MoreFlag xs:string N "Y" : if has next record
"N" : if has no next record
SequenceNum xs:string N Sequence number
AccstmtDtl *
Repeatable
PostingDate xs:string * Format :
YYYY-MM-DD
EffectiveDate xs:string Format :
YYYY-MM-DD
ChequeNo xs:string Cheque Number
RefNo xs:string Ref Number
TrxAmount xs:string Transaction Amount
TrxCurrency xs:string Transaction Currency
TrxType xs:string Transaction Type
"D" for Debet Transaction
"C" for Credit Transaction
PayRef xs:string Pay Ref
CustRef xs:string Cust Ref Number
TrxDesc xs:string Transaction Description

Sample code

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header

    'authorization: Bearer 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy'

  • b. add header

    'organizationname: WD62876099'

  • c. add header

    'permata-timestamp : 2017-11-07T10:22:57.000+07:00'

  • d. add header permata-signature :
    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator access_token:permata-timestamp:bodymessage(message without space)

Post

https://api.pbdevtest.com/apiservice/AccountStatement/inq

Sample Request

First Request (output max 200 row)


{ 
   "AcctStmtRq":{ 
      "MsgRqHdr":{ 
         "RequestTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"0878987654321"
      },
      "StatementInfo":{ 
         "AccountNumber":"701075331",
         "AccountCurrency":"IDR",
         "StartDate":"2017-11-29",
         "EndDate":"2017-11-29"
      }
   }
}

Next Flag Request


{ 
   "AcctStmtRq":{ 
      "MsgRqHdr":{ 
         "RequestTimestamp":"2017-07-21T14:32:01.000+07:00",
         "CustRefID":"0878987654321"
      },
      "PageCtrl": {
         "MoreFlag": "Y",
         "SequenceNum": "201809010708197250579580017909"
         },
      "StatementInfo":{ 
         "AccountNumber":"701075331",
         "AccountCurrency":"IDR",
         "StartDate":"2017-11-29",
         "EndDate":"2017-11-29"
      }
   }
}

Sample Response


{
    "AcctStmtRs": {
        "MsgRsHdr": {
            "ResponseTimestamp": "2017-12-03T06:12:31.591+07:00",
            "CustRefID": "0878987654321",
            "StatusCode": "00",
            "StatusDesc": ""
        },
        "StatementInfo": {
            "BalanceAmount": "75007644391974",
            "SignBalance": "C",
            "DetailStatement": {
                "AcctStmtDtl": [
                    {
                        "PostingDate": "2017-11-29",
                        "EffectiveDate": "2017-11-29",
                        "ChequeNo": "0000000000",
                        "RefNo": "000000000",
                        "TrxAmount": "121700",
                        "TrxCurrency": "",
                        "TrxType": "D",
                        "PayRef": "0897332526700000",
                        "CustRef": "",
                        "TrxDesc": "PAY PLN 540223456789 PeB via Base24 11:00:42 0897332526700000"
                    },
                    {
                        "PostingDate": "2017-11-29",
                        "EffectiveDate": "2017-11-29",
                        "ChequeNo": "0000000000",
                        "RefNo": "000000000",
                        "TrxAmount": "121700",
                        "TrxCurrency": "",
                        "TrxType": "D",
                        "PayRef": "0897332526700000",
                        "CustRef": "",
                        "TrxDesc": "PAY PLN 540223456789 PeB via Base24 11:00:42 0897332526700000"
                    },
                    {
                        "PostingDate": "2017-11-29",
                        "EffectiveDate": "2017-11-29",
                        "ChequeNo": "0000000000",
                        "RefNo": "000000000",
                        "TrxAmount": "121700",
                        "TrxCurrency": "",
                        "TrxType": "D",
                        "PayRef": "0897332526700000",
                        "CustRef": "",
                        "TrxDesc": "PAY PLN 540223456789 PeB via Base24 11:00:42 0897332526700000"
                    }
                ]
            }
        }
    }
}

Example :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"AcctStmtRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"StatementInfo":{"AccountNumber":"701075331","AccountCurrency":"IDR","StartDate":"2017-11-29","EndDate":"2017-11-29"}}}

And generate hmac sha256 for payload.

Sample generate hmac using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57:{"AcctStmtRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"StatementInfo":{"AccountNumber":"701075331","AccountCurrency":"IDR","StartDate":"2017-11-29","EndDate":"2017-11-29"}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$signature = base64_encode($hash);
echo 'Permata Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
NTMILw+eOl0vmwfqHPXRNuRX2XWHB3TZqyGp5SFGS24=

Sample request using PHP curl :

$jsonPayload='{"AcctStmtRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01.000+07:00","CustRefID":"0878987654321"},"StatementInfo":{"AccountNumber":"701075331","AccountCurrency":"IDR","StartDate":"2017-11-29","EndDate":"2017-11-29"}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:NTMILw+eOl0vmwfqHPXRNuRX2XWHB3TZqyGp5SFGS24=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000+07:00');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Sample generate hmac sha256 using JAVA :


//Define Message
String message = "15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57:{"AcctStmtRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0878987654321"},"StatementInfo":{"AccountNumber":"701075331","AccountCurrency":"IDR","StartDate":"2017-11-29","EndDate":"2017-11-29"}}}";
//Create Hash
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(permataStaticKey.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key)
//Create token
String hash = Base64.encodeBase64String(sha256_HMAC.doFinal(string2hash.getBytes("UTF-8")));
System.out.println(hash);

Sample request using JAVA :


String host = "host";
String payload = "{"AcctStmtRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0878987654321"},"StatementInfo":{"AccountNumber":"701075331","AccountCurrency":"IDR","StartDate":"2017-11-29","EndDate":"2017-11-29"}}}";
String OrganizationName = "WD62876099";
String authorization = "Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ" ;
String Content_Type = "application/json";
String PERMATA_Signature = "YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=";
String PERMATA_Timestamp = "2017-11-07T10:22:57";

HttpClient httpClient = HttpClientBuilder.create().build();
HttpPost request = new HttpPost(host);
request.setEntity(new StringEntity(payload));
                
request.setHeader("authorization",authorization);
request.setHeader("OrganizationName",OrganizationName);
request.setHeader("Content-Type",Content_Type);
request.setHeader("PERMATA-Signature",PERMATA_Signature);
request.setHeader("PERMATA-Timestamp",PERMATA_Timestamp);
HttpResponse response = httpClient.execute(request);
System.out.println(response.getStatusLine().getStatusCode());

Inquiry Status Transaction

11.1 Detail

Name Inquiry Status Transaction
Description Service to show status of transaction (Success or Not)
Transport Protocol HTTP POST
Message Format JSON
Interaction Type Synchronous
Security Policy API Key + JWE
Interface ID

11.2 Request

Format Message

Field Type Length Mandatory Description
StatusTransactionRq
CorpID xs:string Y CorporateID
CustRefID xs:string 20 Y Customer Reff ID

11.3 Response

Format Message

Field Type Length Mandatory Description
StatusTransactionRs
StatusCode xs:string * Y Status code
StatusDec xs:string * N Status description
CustRefID xs:string 20 Y Customer Reff ID
TrxReffNo xs:string Transaction Reff Number

Sample code

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header

    'authorization: Bearer 15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy'

  • b. add header

    'organizationname: WD62876099'

  • c. add header

    'permata-timestamp : 2017-11-07T10:22:57.000+07:00'

  • d. add header permata-signature :
    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator

    access_token:permata-timestamp:bodymessage(message without space)

Post

https://api.pbdevtest.com/apiservice/InquiryServices/StatusTransaction/Service/inq

Sample Request


{
   "StatusTransactionRq":{
    "CorpID": "WD62876045",
    "CustRefID": "0091234501"
    }
} 

Sample Response


{
    "StatusTransactionRs": {
        "StatusCode": "00",
        "StatusDesc": "00",
        "CustRefID": "0091234501",
        "TrxReffNo": "0870171204984696"
    }
}

Example :

15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"StatusTransactionRq":{"CorpID":"WD62876045","CustRefID":"0091234501"}}

And generate hmac sha256 for payload.

Sample generate hmac using PHP :

//Define Message
$message = '15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"StatusTransactionRq":{"CorpID":"WD62876045","CustRefID":"0091234501"}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$signature = base64_encode($hash);
echo 'Permata Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
qCjFWATcvWadBKBgg2k0T1SRk5gKx18wxZL1O8A6iWM=

Sample request using PHP curl :

$jsonPayload='{"StatusTransactionRq":{"CorpID":"WD62876045","CustRefID":"0091234501"}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ',
'permata-signature:qCjFWATcvWadBKBgg2k0T1SRk5gKx18wxZL1O8A6iWM=', 'organizationname: WD62876099',
'permata-timestamp: 2017-11-07T10:22:57.000+07:00');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

Sample generate hmac sha256 using JAVA :


//Define Message
String message = "15hBgzeXpK6M8WZJqPwL5z615iFxFS2OW1hKTnUV6c17OEuJKSXsKy:2017-11-07T10:22:57: {"LlgXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0001234407"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"142861","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefType":"1","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"","TkiFlag":""}}}";
//Create Hash
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(permataStaticKey.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key)
//Create token
String hash = Base64.encodeBase64String(sha256_HMAC.doFinal(string2hash.getBytes("UTF-8")));
System.out.println(hash);

Sample request using JAVA :


String host = "host";
String payload = "{"LlgXferAddRq":{"MsgRqHdr":{"RequestTimestamp":"2017-07-21T14:32:01+07:00","CustRefID":"0001234407"},"XferInfo":{"FromAccount":"701075331","ToAccount":"701075323","ToBankId":"142861","ToBankName":"MANDIRI","Amount":22001,"CurrencyCode":"IDR","ChargeTo":"0","TrxDesc":"Coba1","TrxDesc2":"Desc2","CitizenStatus":"0","ResidentStatus":"0","BenefType":"1","BenefEmail":"john@gmail.com","BenefAcctName":"John","BenefPhoneNo":"0821222333467","BenefBankAddress":"JALANJENDSUDIRMAN","BenefBankBranchName":"SUDIRMAN","BenefBankCity":"JAKARTA","FromAcctName":"Doe","FromCurrencyCode":"IDR","Filler1":"","Filler2":"","Filler3":"","BenefAddress1":"jlBerkahno.14","BenefAddress2":"PerumSatu","BenefAddress3":"PuloGadung","DatiII":"","TkiFlag":""}}}";
String OrganizationName = "WD62876099";
String authorization = "Bearer e2jex8v6CwAhJSBVfXFveXtykKC4o01fDOZ3Q3Qp5vglylwk1NONWQ" ;
String Content_Type = "application/json";
String PERMATA_Signature = "YSHxWxEc2rohVDCI8f/H1S3oNBn7l1wf6hNcAscAdb4=";
String PERMATA_Timestamp = "2017-11-07T10:22:57";

HttpClient httpClient = HttpClientBuilder.create().build();
HttpPost request = new HttpPost(host);
request.setEntity(new StringEntity(payload));
                
request.setHeader("authorization",authorization);
request.setHeader("OrganizationName",OrganizationName);
request.setHeader("Content-Type",Content_Type);
request.setHeader("PERMATA-Signature",PERMATA_Signature);
request.setHeader("PERMATA-Timestamp",PERMATA_Timestamp);
HttpResponse response = httpClient.execute(request);
System.out.println(response.getStatusLine().getStatusCode());

Inquiry Status Transaction Virtual Account (For Virtual Account partner)

12.1 Detail

Name Inquiry Status Transaction VA
Description Service to show status of transaction (Success or Not)
Transport Protocol HTTP POST
Message Format JSON
Interaction Type Synchronous
Security Policy API Key + JWE
Interface ID

12.2 Request

Format Message

Field Type Length Mandatory Description
GetReportRq
MsgRqHdr
RequestTimestamp xs:string 20 Y Format :
YYYY-MM-DDTHH:mm:ss
2017-10-14T16:25:09.000+07:00
CustRefID xs:string 20 Y Customer Reff ID
ReportInfo
FromDate xs:string Y String date :
Ex : 2018-09-04T00:44:14.000Z
ToDate xs:string Y String date :
Ex : 2018-09-04T00:44:14.000Z
VirtualAccountId xs:string N Virtual account Number / Biller Number

12.3 Response

Format Message

Field Type Length Mandatory Description
GetReportRs
MsgRsHdr
RqUID
ResponseTimestamp
StatusCode xs:string * Y Status Code
StatusDesc xs:string * N Status Description
TransactionInfoList xs:string Transaction info list,
If only 1 record will be an json object, if more than 1
transaction info it will be json array
BackendTransactionInfo xs:string
StatusCode xs:string * Y String Status Code
Amount xs:string * N Amount Transaction
TraceNumber xs:string * N Trace No
TransactionDate xs:string * N String Transaction Date
VirtualAccountId xs:string * N Virtual account Number / Biller Number

Sample code

After get response from generate token oauth. use access_token to generate permata signature.

  • a. use access_token from response as header

    'authorization: Bearer 24pIQhyIELyO7oe4id0UVj7EpyBvsFwk5ocIER3UF0pJtyoxnfor2J'

  • b. add header

    'organizationname: WD62876099'

  • c. add header

    'permata-timestamp : 2018-08-28T09:14:12.000+07:00'

  • d. add header permata-signature :
    - construct permata-signature :
    - construct payload permata signature concat at field using ":" separator

    access_token:permata-timestamp:bodymessage(message without space)

Post

https://api.pbdevtest.com/apiservice/InquiryServices/StatusTransaction/Service/inq

Sample Request


{
    "GetReportRq": {
        "MsgRqHdr": {
            "CustRefID": "4055be34-6dea-4b56-a9fb-d01f0c86a7f2", "RequestTimestamp": "2018-08-27T04:59:04.000+02:00"
        },
        "ReportInfo" : {
         "FromDate": "2018-09-04T00:44:14.000Z",
         "ToDate": "2018-09-05T00:44:14.000Z",
         "VirtualAccountId" : "8769011234567893"
        }
    }
}

Sample Response

For 1 Record Transaction


{
    "GetReportRs": {
        "MsgRsHdr": {
            "RqUID": "4055be34-6dea-4b56-a9fb-d01f0c86a7f2",
            "ResponseTimestamp": "2018-09-04T14:50:14.958+07:00",
            "StatusCode": "0",
            "StatusDesc": "Success"
        },
        "TransactionInfoList": {
            "BackendTransactionInfo": {
                "StatusCode": "00"
            },
            "Amount": "1000000",
            "TraceNumber": "616349",
            "TransactionDate": "2018-09-04T14:40:42.000+07:00",
            "VirtualAccountId": "8769011234567893"
        }
    }
}

For multiple Record Transaction


 {
    "GetReportRs": {
        "MsgRsHdr": {
            "RqUID": "4055be34-6dea-4b56-a9fb-d01f0c86a7f2",
            "ResponseTimestamp": "2018-09-04T15:14:19.237+07:00",
            "StatusCode": "0",
            "StatusDesc": "Success"
        },
        "TransactionInfoList": [
            {
                "BackendTransactionInfo": {
                    "StatusCode": "00"
                },
                "Amount": "1000000",
                "TraceNumber": "      ",
                "TransactionDate": "2018-09-04T13:51:45.000+07:00",
                "VirtualAccountId": "8769011234567894"
            },
            {
                "BackendTransactionInfo": {
                    "StatusCode": "00"
                },
                "Amount": "1005000",
                "TraceNumber": "      ",
                "TransactionDate": "2018-09-04T15:51:45.000+07:00",
                "VirtualAccountId": "8769011234567894"
            }
        ]
    }
}

Example :

24pIQhyIELyO7oe4id0UVj7EpyBvsFwk5ocIER3UF0pJtyoxnfor2J: 2018-08-28T09:14:12.000+07:00: {"GetReportRq":{"MsgRqHdr":{"CustRefID":"4055be34-6dea-4b56-a9fb-d01f0c86a7f2","RequestTimestamp":"2018-08-27T04:59:04.000+07:00"},"ReportInfo":{"FromDate":"2018-09-04T00:44:14.000Z","ToDate":"2018-09-05T00:44:14.000Z","VirtualAccountId":"8769011234567893"}}}

And generate hmac sha256 for payload.

Sample generate hmac using PHP :

//Define Message
$message = '24pIQhyIELyO7oe4id0UVj7EpyBvsFwk5ocIER3UF0pJtyoxnfor2J: 2018-08-28T09:14:12.000+07:00: {"GetReportRq":{"MsgRqHdr":{"CustRefID":"4055be34-6dea-4b56-a9fb-d01f0c86a7f2","RequestTimestamp":"2018-08-27T04:59:04.000+07:00"},"ReportInfo":{"FromDate":"2018-09-04T00:44:14.000Z","ToDate":"2018-09-05T00:44:14.000Z","VirtualAccountId":"8769011234567893"}}}';
//Create Hash
$hash = hash_hmac('sha256', $message, $_GET['permata_static_key'],"true");
echo 'hash before base64 : ' .$hash. ' ';
//Create Token
$signature = base64_encode($hash);
echo 'Permata Signature: ' . $signature . ' ';

Use 'permata_static_key' with WD62811305f7f796a480bb2c53d76099,
The result are permata-signature:
qCjFWATcvWadBKBgg2k0T1SRk5gKx18wxZL1O8A6iWM=

Sample request using PHP curl :

$jsonPayload='{"GetReportRq": {"MsgRqHdr": {"CustRefID": "4055be34-6dea-4b56-a9fb-d01f0c86a7f2","RequestTimestamp": "2018-08-27T04:59:04.000+02:00"},"ReportInfo" : {"FromDate": "2018-09-04T00:44:14.000Z","ToDate": "2018-09-05T00:44:14.000Z","VirtualAccountId" : "8769011234567893"}}}';
$process = curl_init($host);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/json',
'authorization: Bearer 24pIQhyIELyO7oe4id0UVj7EpyBvsFwk5ocIER3UF0pJtyoxnfor2J',
'permata-signature:JOBPHaQloSCRHZdnUmED8RxrrLj7xejujcr4DgXkOrM=', 'organizationname: WD62876099',
'permata-timestamp: 2018-08-28T09:14:12.000+07:00');
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $jsonPayload);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);

List of Response Code

No RC Desc

List of Response Code

BANK_CODE BANK_NAME RTGS LLG TRF ONLINE

List of Response Code

INST_CODE INST_NAME STATUS

List of Response Code

INSTITUTION_CODE INSTITUTION_NAME