Setup and Integration
API Endpoint for MOTO Transaction
This feature is only available upon request. If you are interested to
use this feature, please open a ticket to our support team.
A. Creating MOTO Payment
Item | Detail |
---|---|
API Endpoint | http://app.senangpay.my/apiv1/pay_cc |
1. Authorization header
Type | Basic |
---|---|
Username | < your-merchant-id > As listed in the profile settings page. |
Password | None, leave empty. |
2. Request Parameter (all is mandatory)
Parameter Name | Parameter value/description |
---|---|
order_id | Your order id. Can be numbers or a string. Other characters are invalid. E.g., 1234 |
name | Your customer’s name. Maximum length is 100. E.g., Abu Bin Ali |
phone | Your customer’s phone number. E.g., 0109876543 |
Your customer’s email. E.g., ahmad@google.com | |
detail | Your order details. Maximum length is 100. E.g., Order for product id #4 |
amount | Your order amount in integer format. Convert from decimals as necessary. E.g., if the amount is RM 2.00, you need to send 200. |
cc_number | Your customer credit card number. |
cc_exp | Your customer credit card expiration date in MMYY format. E.g., if the card expires on January 2017, you need to send 0117 |
cc_cvv | Your customer credit card CVV number. E.g., 123 |
hash | A string hashed with your secret key (from your profile setting page) in HMAC hashing algorithm with SHA256 in the following format: < your merchant id >< name >< email >< phone >< detail >< order_id >< amount > *without the < > character |
3. Example Request
curl https://app.senangpay.my/apiv1/pay_cc -u 123456789012345: \ -d 'name= Abu Bin Ali' \ -d email=abu@google.com \ -d phone=0109876543 \ -d order_id=1234 \ -d 'detail=Order for product id #4' \ -d amount=1000 \ -d cc_number=5105105105105100 \ -d cc_exp =0117 \ -d cc_cvv=123 \ -d hash=89f98937fb86cc1fb6d4a12c82df0041738c2cdb99513567b76c61d1ea983f18
4. Response Parameter
Parameter Name | Parameter value / description |
---|---|
status | Your transaction status. 1 if successful. 0 if failed. |
transaction_id | Your transaction ID number. |
order_id | Your original order ID. |
amount_paid | Amount transacted from the credit card in integer format. E.g., if the amount transacted is RM 2.00, it will output 200. |
msg | Transaction status message. If it was successful you will receive ‘Payment was successful’. If the transaction failed, you will receive the error message in this parameter for further checking. |
hash | A string hashed with your secret key (from your profile setting page) in HMAC hashing algorithm with SHA256 in the following format: < your merchant id >< status_id >< order_id >< transaction_id >< amount_paid >< msg > *without the < > character |
5. Sample Response
{ "status":1, "transaction_id":"14951544812820", "order_id":"1234", "amount_paid":1000, "msg":"Payment was successful", "hash":"99b6e99bb0aa663101b1e4f6f8d69c2efb41ef81a5a7aa030bf76a098a03d233" }
B. Get MOTO Payment Details By Order ID
This endpoint is helpful for determining order status before attempting another payment. If the previous payment creation failed, return a server error.
Item | Detail |
---|---|
API endpoint | http://app.senangpay.my/apiv1/order/ |
1. Authorization Header
Type | Basic |
---|---|
Username | < your-merchant-id > As listed in the profile settings page. |
Password | None, leave empty. |
2. URL Parameter
Parameter Name | Parameter value/description |
---|---|
order_id | Your order id. Can be numbers or a string. Other characters are is invalid. Eg. 1234 |
3. Example Request
curl https://app.senangpay.my/apiv1/order/1234 -u 123456789012345:
4. Response Parameter
Parameter Name | Parameter value / description |
---|---|
status | Your transaction status. 1 if successful. 0 if failed. |
msg | Query status message. If it was successful you will receive ‘Query was successful’. If the query failed in any way, you will receive the error message in this parameter for further checking. |
data | An array of MOTO transactions that matches the given order ID are sorted by newest transactions first. Please refer to MOTO Data Transaction Response section for the types of data returned. |
hash | A string hashed with your secret key (from your profile setting page) in HMAC hashing algorithm with SHA256 for validity of data returned by us in the following format: < your merchant id >< order-id > *without the < > character |
5. Sample Response
{ "status":1 "msg":"Query was successful", "data":[{ "transaction_reference": "14951839358320", "buyer_contact": { "name": "Abu Bin Ali ", "email": "abu@gmail.com", "phone": "0109876543" }, "order_detail": { "grand_total": 1000 }, "payment_info": { "transaction_date": "16:52 19 April 2017", "payment_mode": "Credit Card", "status": "paid" }, "date_created": "16:52 19 April 2017" }, { "transaction_reference": "14951839358319", "buyer_contact": { "name": "Abu Bin Ali ", "email": "abu@gmail.com", "phone": "0109876543" }, "order_detail": { "grand_total": 1000 }, "payment_info": { "transaction_date": "16:50 19 April 2017", "payment_mode": "Credit Card", "status": "failed" }, "date_created": "16:50 19 April 2017" }], "hash":"cb13f0a935274af4bd74c25c4087b81c6b05b8637255502ce1011477d552d0d2" }
C. Get MOTO Payment Details By Transaction Reference
Item | Detail |
---|---|
API endpoint | http://app.senangpay.my/apiv1/order/ |
1. Authorization header
Type | Basic |
---|---|
Username | < your-merchant-id > As listed in the profile settings page. |
Password | None, leave empty. |
2. URL Parameter
Parameter Name | Parameter value / description |
---|---|
transaction_reference | The transaction reference number to check. |
3. Example Request
curl https://app.senangpay.my/apiv1/transaction/1234 -u 123456789012345:
4. Response Parameter
Parameter Name | Parameter value/description |
---|---|
status | Your transaction status. 1 if successful. 0 if failed. |
msg | Query status message. If it was successful you will receive ‘Query was successful’. If the query failed in any way, you will receive the error message in this parameter for further checking. |
data | A detail of the MOTO transaction that matches the given transaction reference. Please refer to MOTO Data Transaction Response section for the types of data returned. |
hash | A string hashed with your secret key (from your profile setting page) in HMAC hashing algorithm with SHA256 for validity of data returned by us in the following format: < your merchant id >< transaction reference > *without the < > character |
5. Sample Response
{ "status":1 "msg":"Query was successful", "data":{ "transaction_reference": "14951839358320", "buyer_contact": { "name": "Abu Bin Ali ", "email": "abu@gmail.com", "phone": "0109876543" }, "order_detail": { "grand_total": 1000 }, "payment_info": { "transaction_date": "16:52 19 April 2017", "payment_mode": "Credit Card", "status": "paid" }, "date_created": "16:52 19 April 2017" }, "hash":"cb13f0a935274af4bd74c25c4087b81c6b05b8637255502ce1011477d552d0d2" }
D. MOTO Data Transaction Response
This is the MOTO transaction data, structured for response for any given endpoint querying for MOTO transaction details.
1. Response Parameter
Key | Value details / description |
---|---|
transaction_reference | The transaction reference number |
buyer_contact | Buyer contact details object as sent when creating the original payment. Consist of the following key values:
|
order_detail | Transaction details object of the MOTO transaction. Consist of the following key values:
|
payment_info | Payment info details object. Consist of the following key values:
|
date_created | Transaction date in hh:mm day month year ie. 08:07 19 May 2017 |
2. Sample Response
{ "status":1 "msg":"Query was successful", "data":{ "transaction_reference": "14951839358320", "buyer_contact": { "name": "Abu Bin Ali ", "email": "abu@gmail.com", "phone": "0109876543" }, "order_detail": { "grand_total": 1000 }, "payment_info": { "transaction_date": "16:52 19 April 2017", "payment_mode": "Credit Card", "status": "paid" }, "date_created": "16:52 19 April 2017" }, "hash":"cb13f0a935274af4bd74c25c4087b81c6b05b8637255502ce1011477d552d0d2" }
Please take note that :
- We expect this is to be used in a secure server to server environment and is not meant to be used in mobile app / client side application where people can harvest your secret key and perform man-in-the-middle attack / to craft fake response to your app / client-side app.