Notification - API GPN
NICEPAY provides push notifications via dbProcessUrl Merchant. The Merchant needs to reassure there is no Blacklist NICEPAY IP and should Whitelist NICEPAY IP to get the push notification only from NICEPAY's server.
Request Method | POST |
Merchant Token | SHA256 ( iMid+ tXid + amt+ merchantKey) |
IP | 103.20.51.0/24 103.117.8.0/24 |
User-Agent | User-Agent: Jakarta Commons-HttpClient/3.1 |
When your dbProcessUrl received a notification, NICEPAY strongly encourage Merchants to verify the notification using the Status Inquiry - API GPN
Parameter | Type | Size | Description | Example / Notes |
ccTransType | N | 2 | 1: Normal 2: Recurring 3: Pre-auth 4: Capture | When Success |
fee | N | 12 | Service Fee | 0 When Success, CC |
tXid | AN | 30 | Transaction ID | IONPAYTEST01202212141326511512 |
amt | N | 12 | Payment Amount | 15000 |
notaxAmt | N | 12 | Tax-free Amount | 0 |
cardNo | N | 20 | Card Number | 41111111****1111 |
issuBankCd | A | 4 | OTHR When success, CC | |
matchCl | N | 1 | Payment Flag (Notification Match Amount Indicator) | 1 |
preauthToken | AN | 64 | Pre-Auth Token | null |
cardExpYymm | N | 4 | Card Expiry (YYMM) | 3112 |
acquBankNm | A | 255 | Acquiring Bank Name. | BNI |
payMethod | N | 2 | 09 | |
currency | A | 3 | Currency | IDR |
instmntMon Required for CC | N | 2 | Installment Month Required for CC | 1 |
issuBankNm | A | 255 | Issuing Bank Name | Mandiri |
merchantToken | AN | 255 | Merchant Token | 8fe18983b08405e3b2185135b575e87b92ffdb68e8cc603c72d2ec2062129823 |
goodsNm | AN | 100 | Goods Name | Payment+of+Invoice+No+20221214132651 |
referenceNo | ANS | 40 | Merchant Ref. No | 20221214132651 |
authNo | N | 10 | Approval No | 511512 |
transTm | N | 6 | Transction Time (HH24MISS) | 132651 |
cpGuaranteeableStatus | N | 4 | Status Guaranteeable | null |
recurringToken | AN | 64 | Recurring Token | null |
vat | N | 12 | Vat | 0 When Success, CC |
instmntType | N | 2 | 2 | |
billingNm | A | 100 | Buyer Name | John+Doe |
acquBankCd | A | 4 | BNIN | |
transDt | N | 8 | Transaction Date (YYYYMMDD) | 20221214 |
status | A | 1 | 0 |
Parameter | Type | Size | Description |
mitraCd | A | 4 | |
payNo | N | 12 | Payment Number |
payValidDt | N | 8 | Expiry Date (YYYYMMDD) |
payValidTm | N | 6 | Expiry Time (HH24MISS) |
receiptCode | ANS | 20 | Authorization number |
mRefNo | AN | 18 | Reference No. |
depositDt | N | 8 | Deposit Date (YYYYMMDD) |
depositTm | N | 6 | Deposit Time (HH24MISS) |
The Merchant Token received by the Notification Endpoint must compare internally to prevent fake/invalid notifications.
💡Example Case:
For example, you have a merchantKey that is used to generate a token, which is 1234. When the merchantToken generated by the merchant is known, it is abcd, while the merchantToken obtained in the notification is abdd. Then the notification is considered fake/invalid.