Payment Direct

The Payment Direct API allows merchants to start and process a transaction with a single payment instruction.

👍

HTTPS POST / Server-to-Server

https://sandbox-pgw.2c2p.com/payment/4.3/paymentdirect

https://pgw.2c2p.com/payment/4.3/paymentdirect

📘

API Parameter

Payment Direct Request Parameters
Payment Direct Response Parameters

Payment Direct Request

🚧

Before you call the Payment Direct API

Required to understand how to prepare paymentToken payload

  1. Prepare payment token data. Refer to Payment Token Request Parameters
  2. Generate JWT Token. Refer to Generate JWT Token
{
    "merchantID": "JT01",
    "invoiceNo": "1523953661",
    "description": "item 1",
    "amount": 1000.00,
    "currencyCode": "SGD"
}

{"paymentToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjaGFudElEIjoiSlQwMSIsImludm9pY2VObyI6IjE1MjM5NTM2NjEiLCJkZXNjcmlwdGlvbiI6Iml0ZW0gMSIsImFtb3VudCI6MTAwMCwiY3VycmVuY3lDb2RlIjoiU0dEIiwicGF5bWVudENoYW5uZWwiOlsiQ0MiLCJJUFAiLCJBUE0iXSwicmVxdWVzdDNEUyI6IiIsInRva2VuaXplIjpmYWxzZSwiY2FyZFRva2VucyI6WyIwMDAwMDAwMDEiLCIwMDAwMDAwMDIiXSwiY2FyZFRva2VuT25seSI6ZmFsc2UsInRva2VuaXplT25seSI6ZmFsc2UsImludGVyZXN0VHlwZSI6IiIsImluc3RhbGxtZW50UGVyaW9kRmlsdGVyIjpbMyw2XSwicHJvZHVjdENvZGUiOiIiLCJyZWN1cnJpbmciOmZhbHNlLCJpbnZvaWNlUHJlZml4IjoiIiwicmVjdXJyaW5nQW1vdW50IjowLCJhbGxvd0FjY3VtdWxhdGUiOmZhbHNlLCJtYXhBY2N1bXVsYXRlQW1vdW50IjowLCJyZWN1cnJpbmdJbnRlcnZhbCI6MCwicmVjdXJyaW5nQ291bnQiOjAsImNoYXJnZU5leHREYXRlIjoiIiwiY2hhcmdlT25EYXRlIjoiIiwicGF5bWVudEV4cGlyeSI6IiIsInByb21vdGlvbkNvZGUiOiIiLCJwYXltZW50Um91dGVJRCI6IiIsImZ4UHJvdmlkZXJDb2RlIjoiIiwiaW1tZWRpYXRlUGF5bWVudCI6ZmFsc2UsInVzZXJEZWZpbmVkMSI6IiIsInVzZXJEZWZpbmVkMiI6IiIsInVzZXJEZWZpbmVkMyI6IiIsInVzZXJEZWZpbmVkNCI6IiIsInVzZXJEZWZpbmVkNSI6IiIsInN0YXRlbWVudERlc2NyaXB0b3IiOiIiLCJzdWJNZXJjaGFudHMiOlt7Im1lcmNoYW50SUQiOiJKVDAxU3ViMSIsImludm9pY2VObyI6IkFCMjM0MjU0MyIsImFtb3VudCI6MTAwMCwiZGVzY3JpcHRpb24iOiJTdWIgaXRlbSAxIn1dLCJsb2NhbGUiOiJlbiIsImZyb250ZW5kUmV0dXJuVXJsIjoiaHR0cHM6Ly93d3cubWVyY2hhbnQuY29tL2Zyb250ZW5kL2luZGV4LnBocCIsImJhY2tlbmRSZXR1cm5VcmwiOiJodHRwczovL3d3dy5tZXJjaGFudC5jb20vYmFja2VuZC9pbmRleC5waHAiLCJub25jZVN0ciI6IjVLODI2NElMVEtDSDE2Q1EyNTAyU0k4Wk5NVE02N1ZTIiwidWlQYXJhbXMiOnsidXNlckluZm8iOnsibmFtZSI6IkRhdmlkQmlsbHkiLCJlbWFpbCI6ImRhdmlkYmlsbHlAMmMycC5jb20iLCJtb2JpbGVObyI6Ijg4ODg4ODg4IiwiY291bnRyeUNvZGUiOiJTRyIsIm1vYmlsZU5vUHJlZml4IjoiNjUiLCJjdXJyZW5jeUNvZGUiOiJTR0QifX19.Ys_8M8HvBGOhS2OEol2ht4T5CN4YeJ_P6YfPS_4-Aj0"}
  1. Assign the JWT encrypted data to parameter paymentToken

The sample code below demonstrates the data structure for an API request. 

{
    "paymentToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjaGFudElEIjoiSlQwMSIsImludm9pY2VObyI6IjE1MjM5NTM2NjEiLCJkZXNjcmlwdGlvbiI6Iml0ZW0gMSIsImFtb3VudCI6MTAwMCwiY3VycmVuY3lDb2RlIjoiU0dEIiwicGF5bWVudENoYW5uZWwiOlsiQ0MiLCJJUFAiLCJBUE0iXSwicmVxdWVzdDNEUyI6IiIsInRva2VuaXplIjpmYWxzZSwiY2FyZFRva2VucyI6WyIwMDAwMDAwMDEiLCIwMDAwMDAwMDIiXSwiY2FyZFRva2VuT25seSI6ZmFsc2UsInRva2VuaXplT25seSI6ZmFsc2UsImludGVyZXN0VHlwZSI6IiIsImluc3RhbGxtZW50UGVyaW9kRmlsdGVyIjpbMyw2XSwicHJvZHVjdENvZGUiOiIiLCJyZWN1cnJpbmciOmZhbHNlLCJpbnZvaWNlUHJlZml4IjoiIiwicmVjdXJyaW5nQW1vdW50IjowLCJhbGxvd0FjY3VtdWxhdGUiOmZhbHNlLCJtYXhBY2N1bXVsYXRlQW1vdW50IjowLCJyZWN1cnJpbmdJbnRlcnZhbCI6MCwicmVjdXJyaW5nQ291bnQiOjAsImNoYXJnZU5leHREYXRlIjoiIiwiY2hhcmdlT25EYXRlIjoiIiwicGF5bWVudEV4cGlyeSI6IiIsInByb21vdGlvbkNvZGUiOiIiLCJwYXltZW50Um91dGVJRCI6IiIsImZ4UHJvdmlkZXJDb2RlIjoiIiwiaW1tZWRpYXRlUGF5bWVudCI6ZmFsc2UsInVzZXJEZWZpbmVkMSI6IiIsInVzZXJEZWZpbmVkMiI6IiIsInVzZXJEZWZpbmVkMyI6IiIsInVzZXJEZWZpbmVkNCI6IiIsInVzZXJEZWZpbmVkNSI6IiIsInN0YXRlbWVudERlc2NyaXB0b3IiOiIiLCJzdWJNZXJjaGFudHMiOlt7Im1lcmNoYW50SUQiOiJKVDAxU3ViMSIsImludm9pY2VObyI6IkFCMjM0MjU0MyIsImFtb3VudCI6MTAwMCwiZGVzY3JpcHRpb24iOiJTdWIgaXRlbSAxIn1dLCJsb2NhbGUiOiJlbiIsImZyb250ZW5kUmV0dXJuVXJsIjoiaHR0cHM6Ly93d3cubWVyY2hhbnQuY29tL2Zyb250ZW5kL2luZGV4LnBocCIsImJhY2tlbmRSZXR1cm5VcmwiOiJodHRwczovL3d3dy5tZXJjaGFudC5jb20vYmFja2VuZC9pbmRleC5waHAiLCJub25jZVN0ciI6IjVLODI2NElMVEtDSDE2Q1EyNTAyU0k4Wk5NVE02N1ZTIiwidWlQYXJhbXMiOnsidXNlckluZm8iOnsibmFtZSI6IkRhdmlkQmlsbHkiLCJlbWFpbCI6ImRhdmlkYmlsbHlAMmMycC5jb20iLCJtb2JpbGVObyI6Ijg4ODg4ODg4IiwiY291bnRyeUNvZGUiOiJTRyIsIm1vYmlsZU5vUHJlZml4IjoiNjUiLCJjdXJyZW5jeUNvZGUiOiJTR0QifX19.Ys_8M8HvBGOhS2OEol2ht4T5CN4YeJ_P6YfPS_4-Aj0",
    "clientID": "E380BEC2BFD727A4B6845133519F3AD7",
    "locale": "en",
    "responseReturnUrl": "https://pgw.2c2p.com/ui/4.3/info",
    "payment": {
        "code": {
            "channelCode": "CC",
        },
        "data": {
            "name": "DavidBilly",
            "email": "[email protected]",
            "mobileNo": "0888888888",
            "cardBank": "OCBC",
            "cardCountry": "SG",
            "accountTokenization":true, // only required if user select the save card
            "interestType" : "M", // Only require when user select the ipp options
            "installmentPeriod": 6,    // Only require when user select the ipp options
            "token": "0888888112333",   //For CC is card token, for samsung pay/master pass is encrypted token from their sdk
            "qrType": "URL",  // only required for QR payment
            "paymentExpiry": "2021-12-31 23:59:59", //to overwrite with the expiry of the paymentToken
            "billingAddress1": "20 Anson Road #12-01", // Only required if there have billing address
            "billingAddress2": "Twenty Anson",
            "billingAddress3": "",
            "billingCity": "Singapore",
            "billingState": "Singapore",
            "billingPostalCode": "79912",
            "billingCountryCode": "SG",
            "shippingAddress1": "20 Anson Road #12-01", // Only required if there have shipping address (3DS 2.0)
            "shippingAddress2": "Twenty Anson",
            "shippingAddress3": "",
            "shippingCity": "Singapore",
            "shippingState": "Singapore",
            "shippingPostalCode": "79912",
            "shippingCountryCode": "SG",
            "cardNo": "4111111111111111",
            "expiryMonth": 12,
            "expiryYear": 2021,
            "securityCode": "123",
        }
    }
}

curl --location --request POST 'https://sandbox-pgw.2c2p.com/payment/4.3/paymentdirect' \
--header 'Content-Type: application/json' \
--data-raw '{
    "paymentToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjaGFudElEIjoiSlQwMSIsImludm9pY2VObyI6IjE1MjM5NTM2NjEiLCJkZXNjcmlwdGlvbiI6Iml0ZW0gMSIsImFtb3VudCI6MTAwMCwiY3VycmVuY3lDb2RlIjoiU0dEIiwicGF5bWVudENoYW5uZWwiOlsiQ0MiLCJJUFAiLCJBUE0iXSwicmVxdWVzdDNEUyI6IiIsInRva2VuaXplIjpmYWxzZSwiY2FyZFRva2VucyI6WyIwMDAwMDAwMDEiLCIwMDAwMDAwMDIiXSwiY2FyZFRva2VuT25seSI6ZmFsc2UsInRva2VuaXplT25seSI6ZmFsc2UsImludGVyZXN0VHlwZSI6IiIsImluc3RhbGxtZW50UGVyaW9kRmlsdGVyIjpbMyw2XSwicHJvZHVjdENvZGUiOiIiLCJyZWN1cnJpbmciOmZhbHNlLCJpbnZvaWNlUHJlZml4IjoiIiwicmVjdXJyaW5nQW1vdW50IjowLCJhbGxvd0FjY3VtdWxhdGUiOmZhbHNlLCJtYXhBY2N1bXVsYXRlQW1vdW50IjowLCJyZWN1cnJpbmdJbnRlcnZhbCI6MCwicmVjdXJyaW5nQ291bnQiOjAsImNoYXJnZU5leHREYXRlIjoiIiwiY2hhcmdlT25EYXRlIjoiIiwicGF5bWVudEV4cGlyeSI6IiIsInByb21vdGlvbkNvZGUiOiIiLCJwYXltZW50Um91dGVJRCI6IiIsImZ4UHJvdmlkZXJDb2RlIjoiIiwiaW1tZWRpYXRlUGF5bWVudCI6ZmFsc2UsInVzZXJEZWZpbmVkMSI6IiIsInVzZXJEZWZpbmVkMiI6IiIsInVzZXJEZWZpbmVkMyI6IiIsInVzZXJEZWZpbmVkNCI6IiIsInVzZXJEZWZpbmVkNSI6IiIsInN0YXRlbWVudERlc2NyaXB0b3IiOiIiLCJzdWJNZXJjaGFudHMiOlt7Im1lcmNoYW50SUQiOiJKVDAxU3ViMSIsImludm9pY2VObyI6IkFCMjM0MjU0MyIsImFtb3VudCI6MTAwMCwiZGVzY3JpcHRpb24iOiJTdWIgaXRlbSAxIn1dLCJsb2NhbGUiOiJlbiIsImZyb250ZW5kUmV0dXJuVXJsIjoiaHR0cHM6Ly93d3cubWVyY2hhbnQuY29tL2Zyb250ZW5kL2luZGV4LnBocCIsImJhY2tlbmRSZXR1cm5VcmwiOiJodHRwczovL3d3dy5tZXJjaGFudC5jb20vYmFja2VuZC9pbmRleC5waHAiLCJub25jZVN0ciI6IjVLODI2NElMVEtDSDE2Q1EyNTAyU0k4Wk5NVE02N1ZTIiwidWlQYXJhbXMiOnsidXNlckluZm8iOnsibmFtZSI6IkRhdmlkQmlsbHkiLCJlbWFpbCI6ImRhdmlkYmlsbHlAMmMycC5jb20iLCJtb2JpbGVObyI6Ijg4ODg4ODg4IiwiY291bnRyeUNvZGUiOiJTRyIsIm1vYmlsZU5vUHJlZml4IjoiNjUiLCJjdXJyZW5jeUNvZGUiOiJTR0QifX19.Ys_8M8HvBGOhS2OEol2ht4T5CN4YeJ_P6YfPS_4-Aj0",
    "clientID": "E380BEC2BFD727A4B6845133519F3AD7",
    "locale": "en",
    "responseReturnUrl": "https://pgw.2c2p.com/ui/4.3/info",
    "payment": {
        "code": {
            "channelCode": "CC",
        },
        "data": {
            "name": "DavidBilly",
            "email": "[email protected]",
            "mobileNo": "0888888888",
            "cardBank": "OCBC",
            "cardCountry": "SG",
            "accountTokenization":true, // only required if user select the save card
            "interestType" : "M", // Only require when user select the ipp options
            "installmentPeriod": 6,    // Only require when user select the ipp options
            "token": "0888888112333",   //For CC is card token, for samsung pay/master pass is encrypted token from their sdk
            "qrType": "URL",  // only required for QR payment
            "paymentExpiry": "2021-12-31 23:59:59", //to overwrite with the expiry of the paymentToken
            "billingAddress1": "20 Anson Road #12-01", // Only required if there have billing address
            "billingAddress2": "Twenty Anson",
            "billingAddress3": "",
            "billingCity": "Singapore",
            "billingState": "Singapore",
            "billingPostalCode": "79912",
            "billingCountryCode": "SG",
            "shippingAddress1": "20 Anson Road #12-01", // Only required if there have shipping address (3DS 2.0)
            "shippingAddress2": "Twenty Anson",
            "shippingAddress3": "",
            "shippingCity": "Singapore",
            "shippingState": "Singapore",
            "shippingPostalCode": "79912",
            "shippingCountryCode": "SG",
            "cardNo": "4111111111111111",
            "expiryMonth": 12,
            "expiryYear": 2021,
            "securityCode": "123",
        }
    }
}'

Payment Direct Response

  1. Read the Response Data. The sample code below demonstrates the data structure for an API response. 
//1) Non-redirect (Transaction completed)
{
    "payload" : "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjaGFudElEIjoiSlQwNCIsImludm9pY2VObyI6IjI4MDUyMDA3NTkyMSIsImNhcmRObyI6IjQxMTExMVhYWFhYWDExMTEiLCJhbW91bnQiOiIyMzAuODciLCJjdXJyZW5jeUNvZGUiOiJUSEIiLCJ0cmFuUmVmIjoiMjg2ODgyMSIsInJlZmVyZW5jZU5vIjoiMjc4NTcwMyIsImFwcHJvdmFsQ29kZSI6IjUzMTQ4NCIsImVjaSI6IjA1IiwidHJhbnNhY3Rpb25EYXRlVGltZSI6IjIwMjAwNTI4MDgwNTA4IiwicmVzcENvZGUiOiIwMDAwIiwicmVzcERlc2MiOiJTdWNjZXNzIn0.QdjSI_dUbiRularwEIFuYROE_svc3Xkm-t58X-VnPxI",
    "channelCode": "CC",
    "invoiceNo": "1523953661",
    "respCode": "2000",
    "respDesc": "Transaction is completed, please do payment inquiry request for full payment information."
}
 
 
//2) Redirect(Mobile/Web-IFrame) & (Alternative Payment Method for WebPay)
{
    "channelCode": "CC",
    "data": "https://api.2c2p.com/pgw/authenticate/e5d8d1ed-2684-48b2-a7b6-d36fbc4fa5c2",
    "respCode": "1000",
    "respDesc": "Redirect to authenticate ACS bank page."
}
  1. Parameter payload is returned if the payment has been coompleted.
  2. Decrypt the payload data. For details on decrypt JWT tokens, refer to: Decode JWT Token
  3. The sample code below demonstrates a correctly decoded payment response.
{
	"payload": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjaGFudElEIjoiSlQwNCIsImludm9pY2VObyI6IjI4MDUyMDA3NTkyMSIsImNhcmRObyI6IjQxMTExMVhYWFhYWDExMTEiLCJhbW91bnQiOiIyMzAuODciLCJjdXJyZW5jeUNvZGUiOiJUSEIiLCJ0cmFuUmVmIjoiMjg2ODgyMSIsInJlZmVyZW5jZU5vIjoiMjc4NTcwMyIsImFwcHJvdmFsQ29kZSI6IjUzMTQ4NCIsImVjaSI6IjA1IiwidHJhbnNhY3Rpb25EYXRlVGltZSI6IjIwMjAwNTI4MDgwNTA4IiwicmVzcENvZGUiOiIwMDAwIiwicmVzcERlc2MiOiJTdWNjZXNzIn0.QdjSI_dUbiRularwEIFuYROE_svc3Xkm-t58X-VnPxI"
}

{
  "merchantID": "JT04",
  "invoiceNo": "280520075921",
  "cardNo": "411111XXXXXX1111",
  "amount": "230.87",
  "currencyCode": "THB",
  "tranRef": "2868821",
  "referenceNo": "2785703",
  "approvalCode": "531484",
  "eci": "05",
  "transactionDateTime": "20200528080508",
  "respCode": "0000",
  "respDesc": "Success"
}
  1. The payload data represent the payment result. Merchant can use as payment acknowledgement. Refer to Payment Response (Backend) Parameters for parameter specification.

Updated about 1 year ago