Skip to main content

Apply OTT

POST/rest/v1.1/qr/apply-ott

This API is used to get one time token that will be used as authorization parameter upon redirecting to DANA

API Type
SNAP API
Expected Timeout
8 second
SNAP Service Code
49
Accept
application/json
Content Type
applciation/json
This API is used for the following solution:
DANA Widget Binding
Seamlessly integrate DANA payments into merchant's platform, allowing customers to link their DANA accounts for faster, smoother transactions across all merchant's services.
Content-Type
string
1 - 127 charactersRequired
Content type, value always application/json
Authorization-Customer
string
1 - 512 charactersRequired
Contains customer token, which has been obtained from binding process, refer to refer to Apply Token API
X-TIMESTAMP
string
25 charactersRequired
Transaction date time, in format YYYY-MM-DDTHH:mm:ss+07:00. Time must be in GMT+7 (Jakarta time)
X-SIGNATURE
string
Required
Signature need to be generated with asymmetricSignature method
ORIGIN
string
Origin domain
X-PARTNER-ID
string
1 - 36 charactersRequired
Unique identifier for partner was generated by DANA, or known as clientId
X-EXTERNAL-ID
string
1 - 36 charactersRequired
Unique messaging reference identifier generated by merchant and should be unique within the same day
X-IP-ADDRESS
string
15 characters
IP address of the end user (customer) using IPv4 format
X-DEVICE-ID
string
1 - 400 charactersRequired
Device identification on which the API services is currently being accessed by the end user (customer). Sample:
  • Web Application:
    • Mozilla / 5.0 (Windows NT 10.0; Win64; x64)
    • AppleWebKit / 537.36 (KHTML, like Gecko)
    • Chrome / 75.0.3770.100
    • Safari / 537.36 OPR / 62.0.3331.99
  • Mobile Application:
    • Android:android-20013adf6cdd8123f
    • iOS: 72635bdfd223yvjm7246n sdj34hd4559393kjh42"
X-LATITUDE
string
1 - 10 characters
Location on which the API services is currently being accessed by the end user (customer), refer to ISO 6709 standard representation of geographic point location by coordinates, as below:
  • ±DD.DDDD format (without minutes and seconds)
  • ±DD = three-digit integer degrees part of latitude
  • .DDDD = variable-length fraction part in degrees
Sample:
New York City
Latitude: +40.75
X-LONGITUDE
string
1 - 10 characters
Location on which the API services is currently being accessed by the end user (customer), refer to ISO 6709 Standard representation of geographic point location by coordinates, as below:
  • ±DDD.DDDD format (without minutes and seconds)
  • ±DDD = four-digit integer degrees part of latitude
  • .DDDD = variable-length fraction part in degrees
Sample:
New York City
Latitude: -074.00
CHANNEL-ID
string
1 - 5 charactersRequired
Device identification on which the API services is currently being accessed by the end user (customer)
userResources
string array
1 - 64 charactersRequired
Value always One Time Token (OTT)
additionalInfo
json object
Additional information
additionalInfo.accessToken
string
1 - 512 charactersRequired
Contains customer token, which has been obtained from binding process, refer to [Account Binding & Unbinding documentation
POST .../rest/v1.1/qr/apply-ott HTTP/1.2
Content-type: application/json
Authorization-Customer: Bearer fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9a
X-TIMESTAMP: 2020-12-23T08:31:11+07:00
X-SIGNATURE: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
ORIGIN: www.hostname.com
X-PARTNER-ID: 82150823919040624621823174737537
X-EXTERNAL-ID: 41807553358950093184162180797837
X-IP-ADDRESS: 172.24.281.24
X-DEVICE-ID: 09864ADCASA
X-LATITUDE: -6.108841
X-LONGITUDE: 106.7782137
CHANNEL-ID: 95221
{
    "userResources": [
        "OTT"
    ],
    "additionalInfo": {
        "accessToken" : "fa8sjjEj813Y9JGoqwOeOPWbnt4CUpvIJbU1mMU4a11MNDZ7Sg5u9a"
    }
}
Content-Type
string
1 - 127 charactersRequired
Content type, value always application/json
X-TIMESTAMP
string
25 charactersRequired
Transaction date time, in format YYYY-MM-DDTHH:mm:ss+07:00. Time must be in GMT+7 (Jakarta time)
responseCode
string
7 charactersRequired
Refer to response code list
responseMessage
string
1 - 150 charactersRequired
Refer to response code list
userResources
array of json object
Required
User resources
resourceType
string
1 - 32 charactersConditional
Information of resource type. List of resource retrieved: OTT
Conditional Info
Y:= Successfully processed
value
string
1 - 64 charactersConditional
Value of OTT
Conditional Info
Y:= Successfully processed
additionalInfo
json object
Additional information
Content-type: application/json
X-TIMESTAMP: 2020-12-23T08:31:11+07:00 
{
    "responseCode": "2004900",
    "responseMessage": "Successful",
    "userResources": [
        {
        "resourceType": "OTT",
        "value": "jadoijasod9879847120947201ifh0afhq08hd1038"
        }
    ],
    "additionalInfo": {}
}
ResponseCauseSolution
2004900Successful
Success to be processed
Mark Apply OTT process as Success
4004900Bad Request
General request failed error
Mark Apply OTT process as Failed. Retry request with proper parameter
4004901Invalid Field Format
Invalid format for certain field
Mark Apply OTT process as Failed. Retry request with proper parameter
4004902Invalid Mandatory Field
Missing or invalid format on mandatory field
Mark Apply OTT process as Failed. Retry request with proper parameter
4014900Unauthorized. [reason]
General unauthorized error
Mark Apply OTT process as Failed. Retry request with proper parameter
4014902Invalid Customer Token
Customer token are invalid, perhaps due to token expiry
Mark Apply OTT process as Failed. Retry request with proper parameter
4014904Customer Token Not Found
Customer token not found in the system. This occurs on any API that requires token as input parameter
Mark Apply OTT process as Failed. Retry request with proper parameter
4034905Do Not Honor
Account or user status is abnormal
Mark Apply OTT process as Failed. Retry request with proper parameter or can contact DANA to check the user/account status
4294900Too Many Requests
Maximum transaction limit exceeded
Mark Apply OTT process as Failed. Retry request periodically
5004900General Error
General error non retry-able
Mark Apply OTT process as Failed. Retry request periodically
5004901Internal Server Error
Unknown internal server failure, please retry the process again
Mark Apply OTT process as Failed. Retry request periodically
Total timeout
Total timeout, the client side does not get any responses from the server side (Can be due to network issue, server slowing down, and so on)
Do a retry maximum 3 attempts, if still fails mark Apply OTT process as Failed
Unexpected response (Empty field/field does not exist/undefined response code)
The server does not produce expected responses (Can be due to hardware failure, bugs, and so on)
  • If the response code prefix are 202 and 5XX, mark Apply OTT process as Failed
  • If empty field/field does not exist, mark Apply OTT process as Failed