Create Order Test
Payment Gateway - Create Order
POST/v1.0/access-token/b2b.htm
This is the API used by Gapura Payment Gateway to create a new order and receive a hosted checkout URL.
API Type
SNAP API
Expected Timeout
8 second
SNAP Service Code
54
Accept
application/json
Content Type
applciation/json
This API is used for the following solution:
Easy to use checkout page hosted by DANA.
Easy to use checkout page hosted by DANA.
Content-Type
string
RequiredContent type, value always `application/json`
X-TIMESTAMP
string
Transaction date time, in format YYYY-MM-DDTHH:mm:ss+07:00. Time must be in GMT+7 (Jakarta time)
X-CLIENT-KEY
string
ConditionalA unique identifier that can be generated by partner or DANA
Authorization
string
ConditionalContains bearer JWT token, which can been obtained from Authorization Token Request API
Conditional Info
Autohrization for this API requires a symmetric signature
orderTitle
string
RequiredAdditional information of order title
scenario
enum
RequiredREDIRECT
Use this value for Drop-in Solution
API
Use this value for Drop-in Solution
goods
object
Additional information of order title
Content-Type
string
RequiredContent type, value always `application/json`
X-TIMESTAMP
string
Transaction date time, in format YYYY-MM-DDTHH:mm:ss+07:00. Time must be in GMT+7 (Jakarta time)
X-CLIENT-KEY
string
ConditionalA unique identifier that can be generated by partner or DANA
Authorization
string
ConditionalContains bearer JWT token, which can been obtained from Authorization Token Request API
Conditional Info
Autohrization for this API requires a symmetric signature
orderTitle
string
RequiredAdditional information of order title
scenario
enum
RequiredREDIRECT
Use this value for Drop-in Solution
API
Use this value for Drop-in Solution
goods
object
Additional information of order title
JSON
POST .../v1.0/access-token/b2b.htm HTTP/1.2
Content-type: application/json
X-TIMESTAMP: 2022-03-22T14:45:43+07:00
X-CLIENT-KEY: dcb60ae4-4d38-11ec-81d3-0242ac130003
X-SIGNATURE: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
CHANNEL-ID: 95221
{
"grantType":"client_credentials",
"additionalInfo":{},
"text": 1123,
"boolean": false
}
Content-Type
string
RequiredContent type, value always `application/json`
X-TIMESTAMP
string
Transaction date time, in format YYYY-MM-DDTHH:mm:ss+07:00. Time must be in GMT+7 (Jakarta time)
X-CLIENT-KEY
string
ConditionalA unique identifier that can be generated by partner or DANA
Authorization
string
ConditionalContains bearer JWT token, which can been obtained from Authorization Token Request API
Conditional Info
Autohrization for this API requires a symmetric signature
orderTitle
string
RequiredAdditional information of order title
scenario
enum
RequiredREDIRECT
Use this value for Drop-in Solution
API
Use this value for Drop-in Solution
goods
object
Additional information of order title
Content-Type
string
RequiredContent type, value always `application/json`
X-TIMESTAMP
string
Transaction date time, in format YYYY-MM-DDTHH:mm:ss+07:00. Time must be in GMT+7 (Jakarta time)
X-CLIENT-KEY
string
ConditionalA unique identifier that can be generated by partner or DANA
Authorization
string
ConditionalContains bearer JWT token, which can been obtained from Authorization Token Request API
Conditional Info
Autohrization for this API requires a symmetric signature
orderTitle
string
RequiredAdditional information of order title
scenario
enum
RequiredREDIRECT
Use this value for Drop-in Solution
API
Use this value for Drop-in Solution
goods
object
Additional information of order title
JSON
POST .../v1.0/access-token/b2b.htm HTTP/1.2
Content-type: application/json
X-TIMESTAMP: 2022-03-22T14:45:43+07:00
X-CLIENT-KEY: dcb60ae4-4d38-11ec-81d3-0242ac130003
X-SIGNATURE: 85be817c55b2c135157c7e89f52499bf0c25ad6eeebe04a986e8c862561b19a5
CHANNEL-ID: 95221
{
"grantType":"client_credentials",
"additionalInfo":{},
"text": 1123,
"boolean": false
}
| Response | Cause | Solution |
|---|---|---|
2007300Successful | Success to be processed | Proceed to invoke the next API. The value of "accessToken" is inserted into HTTP-Header "Authorization" |
4007300Bad Request | General request failed error | Action is aborted. Show appropriate error message to users and contact the other party to check the issue |
4007301Invalid Field Format | Invalid format for certain field | Action is aborted. Show appropriate error message to users and contact the other party to check the issue |
4007302Invalid Mandatory Field | Missing or invalid format on mandatory field | Action is aborted. Show appropriate error message to users and contact the other party to check the issue |
4017300Unauthorized. [reason] | General unauthorized error | Action is aborted. Show appropriate error message to users and contact the other party to check the issue |
4097300Conflict | Cannot use same X-EXTERNAL-ID in same day | Action is aborted. Show appropriate error message to users and contact the other party to check the issue |
4297300Too Many Requests | Maximum transaction limit exceeded | Do a retry maximum 3 attempts, if the result is still the same then action is aborted. Show appropriate error message to users |
5007300General Error | General error non retry-able | Do a retry maximum 3 attempts, if the result is still the same then action is aborted. Show appropriate error message to users |
5007301Internal Server Error | Unknown internal server failure, please retry the process again | Do a retry maximum 3 attempts, if the result is still the same then action is aborted. Show appropriate error message to users |
Total Timeout | Total timeout, the client side does not get any responses from the server side (can be due to network issue, server slowing down, and so on) | Do a retry maximum 3 attempts, if the result is still the same then action is aborted. Show appropriate error message to users |
Unexpected response | The server does not produce expected responses (can be due to hardware failure, bugs, and so on) | Do a retry maximum 3 attempts, if the result is still the same then action is aborted. Show appropriate error message to users |