Notification - API E-Wallet
 provides push s via dbProcessUrl . The needs to reassure there is no Blacklist IP and should Whitelist IP to get push only from server.
Request Method | POST |
---|---|
Merchant Token | SHA256 ( iMid+ tXid + amt+ merchantKey) |
IP | 103.20.51.0/24 103.117.8.0/24 |
User-Agent | User-Agent: Jakarta Commons-HttpClient/3.1 |

When your dbProcessUrl received a , strongly recommend to verify using Status Inquiry - API E-Wallet.
Parameter | Type | Size | Description | Example / Notes |
---|---|---|---|---|
merchantToken | AN | 255 |  token | f6199198b16b5197afac725f110441bd19a8d8bc4a58830cd9abb544729948ea |
tXid | N | 30 | Transaction ID | IONPAYTEST05202212141556331691 |
referenceNo | ANS | 40 |  Order Number | referenceNo=ord20221214151221 |
payMethod | N | 2 | Payment Method Code | 05 |
transDt | N | 8 | Transaction Date | 20221214 |
transTm | N | 6 | Transaction Time | 155913 |
currency | A | 3 | Currency | IDR |
goodsNm | AN | 100 | Goods Name | Testing |
billingNm | A | 100 | Billing Name | John-Doe |
matchCl | N | 1 |  Flag: Notification Match Amount Indicator | 1 |
status | A | 1 | 0 |

Parameter | Type | Size | Description |
---|---|---|---|
mitraCd | A | 4 | Mitra Code |
payNo | N | 12 |  Number |
payValidDt | N | 8 | Expiry Date (YYYYMMDD) |
payValidTm | N | 6 | Expiry Time (HH24MISS) |
receiptCode | ANS | 20 | Authorization Number |
mRefNo | AN | 18 | Reference Number |
depositDt | N | 8 | Deposit Date (YYYYMMDD) |
depositTm | N | 6 | Deposit Time (HH24MISS) |
The Token received by Notification Endpoint must compare internally to prevent fake/invalid s.
💡Example Case:
For example, you have a merchantKey that is used to generate a token, which is 1234. When merchantToken generated by is known, it is abcd, while merchantToken obtained in is abdd. Then is considered fake/invalid.