Payment Token

👍

HTTPS POST / Server-to-Server

Payment requests and responses are encrypted using JWT

  • Algorithm : HMAC SHA-256 using Merchant’s Secret Key.

Refer JWT Token Guide on how to prepare requests and process responses.

https://sandbox-pgw.2c2p.com/payment/4.3/paymentToken
https://pgw.2c2p.com/payment/4.3/paymentToken

📘

API Parameter

Payment Token Request Parameter
Payment Token Response Parameter

🚧

Download Sample Code

PHP Code

Payment Token is a generic API for merchants who want to integrate with 2C2P's Payment Gateway. The purpose of using this API is to request a payment token before the merchant can create a payment request via Redirect API, Direct API & etc.

Payment Token Request


Please find the guidelines on how to prepare a payment token request and send to 2C2P below:

  1. Prepare payload data. See sample request data displaying the request structure below. 
  2. Generate JWT Token. Refer to Generate JWT Token 
{
    "merchantID": "JT01",
    "invoiceNo": "1523953661",
    "description": "item 1",
    "amount": 1000.00,
    "currencyCode": "SGD"
}
{
    "payload": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjaGFudElEIjoiSlQwMSIsImludm9pY2VObyI6IjE1MjM5NTM2NjEiLCJkZXNjcmlwdGlvbiI6Iml0ZW0gMSIsImFtb3VudCI6MTAwMCwiY3VycmVuY3lDb2RlIjoiU0dEIiwicGF5bWVudENoYW5uZWwiOlsiQ0MiLCJJUFAiLCJBUE0iXSwicmVxdWVzdDNEUyI6IiIsInRva2VuaXplIjpmYWxzZSwiY2FyZFRva2VucyI6WyIwMDAwMDAwMDEiLCIwMDAwMDAwMDIiXSwiY2FyZFRva2VuT25seSI6ZmFsc2UsInRva2VuaXplT25seSI6ZmFsc2UsImludGVyZXN0VHlwZSI6IiIsImluc3RhbGxtZW50UGVyaW9kRmlsdGVyIjpbMyw2XSwicHJvZHVjdENvZGUiOiIiLCJyZWN1cnJpbmciOmZhbHNlLCJpbnZvaWNlUHJlZml4IjoiIiwicmVjdXJyaW5nQW1vdW50IjowLCJhbGxvd0FjY3VtdWxhdGUiOmZhbHNlLCJtYXhBY2N1bXVsYXRlQW1vdW50IjowLCJyZWN1cnJpbmdJbnRlcnZhbCI6MCwicmVjdXJyaW5nQ291bnQiOjAsImNoYXJnZU5leHREYXRlIjoiIiwiY2hhcmdlT25EYXRlIjoiIiwicGF5bWVudEV4cGlyeSI6IiIsInByb21vdGlvbkNvZGUiOiIiLCJwYXltZW50Um91dGVJRCI6IiIsImZ4UHJvdmlkZXJDb2RlIjoiIiwiaW1tZWRpYXRlUGF5bWVudCI6ZmFsc2UsInVzZXJEZWZpbmVkMSI6IiIsInVzZXJEZWZpbmVkMiI6IiIsInVzZXJEZWZpbmVkMyI6IiIsInVzZXJEZWZpbmVkNCI6IiIsInVzZXJEZWZpbmVkNSI6IiIsInN0YXRlbWVudERlc2NyaXB0b3IiOiIiLCJzdWJNZXJjaGFudHMiOlt7Im1lcmNoYW50SUQiOiJKVDAxU3ViMSIsImludm9pY2VObyI6IkFCMjM0MjU0MyIsImFtb3VudCI6MTAwMCwiZGVzY3JpcHRpb24iOiJTdWIgaXRlbSAxIn1dLCJsb2NhbGUiOiJlbiIsImZyb250ZW5kUmV0dXJuVXJsIjoiaHR0cHM6Ly93d3cubWVyY2hhbnQuY29tL2Zyb250ZW5kL2luZGV4LnBocCIsImJhY2tlbmRSZXR1cm5VcmwiOiJodHRwczovL3d3dy5tZXJjaGFudC5jb20vYmFja2VuZC9pbmRleC5waHAiLCJub25jZVN0ciI6IjVLODI2NElMVEtDSDE2Q1EyNTAyU0k4Wk5NVE02N1ZTIiwidWlQYXJhbXMiOnsidXNlckluZm8iOnsibmFtZSI6IkRhdmlkQmlsbHkiLCJlbWFpbCI6ImRhdmlkYmlsbHlAMmMycC5jb20iLCJtb2JpbGVObyI6Ijg4ODg4ODg4IiwiY291bnRyeUNvZGUiOiJTRyIsIm1vYmlsZU5vUHJlZml4IjoiNjUiLCJjdXJyZW5jeUNvZGUiOiJTR0QifX19.Ys_8M8HvBGOhS2OEol2ht4T5CN4YeJ_P6YfPS_4-Aj0"
}
  1. Assign the JWT token to payload and send to payment token API
curl --location --request POST 'https://sandbox-pgw.2c2p.com/payment/4.3/paymentToken' \
--header 'Content-Type: application/json' \
--data-raw '{
    "payload": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjaGFudElEIjoiSlQwMSIsImludm9pY2VObyI6IjE1MjM5NTM2NjEiLCJkZXNjcmlwdGlvbiI6Iml0ZW0gMSIsImFtb3VudCI6MTAwMCwiY3VycmVuY3lDb2RlIjoiU0dEIiwicGF5bWVudENoYW5uZWwiOlsiQ0MiLCJJUFAiLCJBUE0iXSwicmVxdWVzdDNEUyI6IiIsInRva2VuaXplIjpmYWxzZSwiY2FyZFRva2VucyI6WyIwMDAwMDAwMDEiLCIwMDAwMDAwMDIiXSwiY2FyZFRva2VuT25seSI6ZmFsc2UsInRva2VuaXplT25seSI6ZmFsc2UsImludGVyZXN0VHlwZSI6IiIsImluc3RhbGxtZW50UGVyaW9kRmlsdGVyIjpbMyw2XSwicHJvZHVjdENvZGUiOiIiLCJyZWN1cnJpbmciOmZhbHNlLCJpbnZvaWNlUHJlZml4IjoiIiwicmVjdXJyaW5nQW1vdW50IjowLCJhbGxvd0FjY3VtdWxhdGUiOmZhbHNlLCJtYXhBY2N1bXVsYXRlQW1vdW50IjowLCJyZWN1cnJpbmdJbnRlcnZhbCI6MCwicmVjdXJyaW5nQ291bnQiOjAsImNoYXJnZU5leHREYXRlIjoiIiwiY2hhcmdlT25EYXRlIjoiIiwicGF5bWVudEV4cGlyeSI6IiIsInByb21vdGlvbkNvZGUiOiIiLCJwYXltZW50Um91dGVJRCI6IiIsImZ4UHJvdmlkZXJDb2RlIjoiIiwiaW1tZWRpYXRlUGF5bWVudCI6ZmFsc2UsInVzZXJEZWZpbmVkMSI6IiIsInVzZXJEZWZpbmVkMiI6IiIsInVzZXJEZWZpbmVkMyI6IiIsInVzZXJEZWZpbmVkNCI6IiIsInVzZXJEZWZpbmVkNSI6IiIsInN0YXRlbWVudERlc2NyaXB0b3IiOiIiLCJzdWJNZXJjaGFudHMiOlt7Im1lcmNoYW50SUQiOiJKVDAxU3ViMSIsImludm9pY2VObyI6IkFCMjM0MjU0MyIsImFtb3VudCI6MTAwMCwiZGVzY3JpcHRpb24iOiJTdWIgaXRlbSAxIn1dLCJsb2NhbGUiOiJlbiIsImZyb250ZW5kUmV0dXJuVXJsIjoiaHR0cHM6Ly93d3cubWVyY2hhbnQuY29tL2Zyb250ZW5kL2luZGV4LnBocCIsImJhY2tlbmRSZXR1cm5VcmwiOiJodHRwczovL3d3dy5tZXJjaGFudC5jb20vYmFja2VuZC9pbmRleC5waHAiLCJub25jZVN0ciI6IjVLODI2NElMVEtDSDE2Q1EyNTAyU0k4Wk5NVE02N1ZTIiwidWlQYXJhbXMiOnsidXNlckluZm8iOnsibmFtZSI6IkRhdmlkQmlsbHkiLCJlbWFpbCI6ImRhdmlkYmlsbHlAMmMycC5jb20iLCJtb2JpbGVObyI6Ijg4ODg4ODg4IiwiY291bnRyeUNvZGUiOiJTRyIsIm1vYmlsZU5vUHJlZml4IjoiNjUiLCJjdXJyZW5jeUNvZGUiOiJTR0QifX19.Ys_8M8HvBGOhS2OEol2ht4T5CN4YeJ_P6YfPS_4-Aj0"
}'

 

Payment Token Response


Please find below the guidelines on how to process a payment token response from 2C2P.

  1. Payment token API will return response data that contains JWT token. See sample response below.
  2. To decode the meaning of the JWT payload response, refer to Decode JWT Token
{
	"payload": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ3ZWJQYXltZW50VXJsIjoiaHR0cHM6Ly9zYW5kYm94LXBndy11aS4yYzJwLmNvbS9wYXltZW50LzQuMS8jL3Rva2VuL2tTQW9wczlad2hvczhoU1RTZUxUVWNDcndjbnJuZEpVWmFuR0p5M2ZCRXNYQ2lZbXlud3hIdks1aDdYUEJhZEpxRDBuRzd2NjV0NU4yalBWcm53WDJqTDRudSUyYktLU2VnalVqRVJLQ3lXUGclM2QiLCJwYXltZW50VG9rZW4iOiJrU0FvcHM5Wndob3M4aFNUU2VMVFVjQ3J3Y25ybmRKVVphbkdKeTNmQkVzWENpWW15bnd4SHZLNWg3WFBCYWRKcUQwbkc3djY1dDVOMmpQVnJud1gyakw0bnUrS0tTZWdqVWpFUktDeVdQZz0iLCJyZXNwQ29kZSI6IjAwMDAiLCJyZXNwRGVzYyI6IlN1Y2Nlc3MifQ.Tq0GW7rQeA9jqjobPXAiDmscQ82qtAAUrcUaVYqTAhw"
}
{
  "webPaymentUrl": "https://sandbox-pgw-ui.2c2p.com/payment/4.3/#/token/kSAops9Zwhos8hSTSeLTUcCrwcnrndJUZanGJy3fBEsXCiYmynwxHvK5h7XPBadJqD0nG7v65t5N2jPVrnwX2jL4nu%2bKKSegjUjERKCyWPg%3d",
  "paymentToken": "kSAops9Zwhos8hSTSeLTUcCrwcnrndJUZanGJy3fBEsXCiYmynwxHvK5h7XPBadJqD0nG7v65t5N2jPVrnwX2jL4nu+KKSegjUjERKCyWPg=",
  "respCode": "0000",
  "respDesc": "Success"
}

Run test with Swagger Editor