Manual Integration API (Open API)

If you have developed your own shopping cart and need to do a manual integration by yourself, here are the details.

 

A. Information required

To start, we will need the information as below. These can be retrieved in the senangPay Dashboard.

1. Go to Menu > Settings > Profile

2. Refer to the Shopping Cart Integration Link section. Get your Merchant ID and Secret Key information.

3. Then you will need to fill in the return URL. This is the URL where senangPay will redirect the buyer to after the payment has been processed.

4. Next, you need to fill the Callback URL. Callback URL is used as an alternative notification to the merchant shopping cart in case there is a breakdown in the transaction flow. For more info on the Callback URL, please read here 

 

B. What parameters to send to senangPay

The table below lists the details of each parameter:

ItemDetail
detailThis is the description that will be displayed when making the payment. The maximum length is 500 characters. Any underscore (_) characters will be converted to space. Example Shopping_cart_id_30. Only A to Z, a to z, 1 to 0, dot, comma, dash and underscore allowed.
amountThe amount to charge the buyer. The format must be in 2 decimal places. Example 25.50.
order_idThis is the id used to identify the shopping cart when senangPay redirects the buyer back after the payment was made. The maximum length is 100 characters. Example 3432D4. Only A to Z, a to z, 1 to 0 and dash allowed.
hashThe is the data to ensure the data integrity has passed from the merchant’s shopping cart to senangPay. Refer to How to generate the secure hash section for more info.
nameThis is the name to populate in the payment form so that customers do not have to key in their names. This is optional and does not have to be a part of the hash. Customers may overwrite the value in the payment form.
emailThis is the email address to populate in the payment form so that customers do not have to key in their emails. This is optional and does not have to be a part of the hash. Customers may overwrite the value in the payment form.
phoneThis is the phone to populate in the payment form so that customer do not have to key in their phone. This is optional and not have to be part of the hash. Customer is able to overwrite the value in payment form.

 

C. How to send the parameters to senangPay (Live)

1. The parameters can be sent through either GET or POST.

2. The URL is

https://app.senangpay.my/payment/

followed by your merchant ID.

3. Example:

https://app.senangpay.my/payment/14222653788472

 

D. How to send the parameters to senangPay (Sandbox)

1. The parameters can be sent either using GET or POST method.

2. The URL is

https://sandbox.senangpay.my/payment/

followed by your merchant ID.

3. Example:

https://sandbox.senangpay.my/payment/14222653788472

 

E. What Parameters does the shopping cart receive from senangPay

The table below lists the details of the elements:

ItemDetail
status_idThis is to indicate the status of the payment. It only has 2 values which is 1 for successful and 0 for failed.
order_idThis is the order that is sent to senangPay. This is to identify the shopping cart transaction.
msgThis is the message to describe the payment status. The maximum length is 100 characters. Take note that the message may contain underscores. You can replace the underscore as space when displaying the message to your customers. Example: Payment_was_successful.
transaction_idThis is the transaction ID used by senangPay. You can use this ID to track the transaction in senangPay. The maximum length is 100 characters. Example 14363538840
hashThis is the data to ensure that data integrity has passed from senangPay to the merchant’s shopping cart. Refer to section ‘How to verify if the secure hash is correct’ for more info.

 

F. How parameters are sent from senangPay to the merchant’s shopping cart?

1. The parameters will be send using GET method.

2. The parameters are sent to URL as configured in the return URL. Refer to the ‘Info required’ section.

 

G. How to generate the secure hash

1. The secure hash is generated by using HMAC hashing algorithm with SHA256 or md5 on a string consisting of (according to sequence):

  •  Secret Key
  • Detail
  • Amount
  • Order ID

2. For example if the values for the parameters are as below:

ItemDetail
Secret Key53-784
DetailShopping_cart_id_30
Amount24.50
Order ID56

3. The string to be hashed is $str = 53-784Shopping_cart_id_3024.5056 which will generate the hash value of :

  • md5($str) => 0bde51ff340f110ab7331a902aa969e7
  • hash_hmac(‘SHA256′, $str, ’53-784’) => 74422328b44d30bf150fffbae89bbb42b885f9ac0960e2a3ddccc0cf9aa48e39

 

H. How to verify if the secure hash is correct

1. Merchants will need to generate the secure hash and compare the secure hash that was received from senangPay.

2. For example if the parameters received from senangPay are as below:

ItemDetail
status_id1
order_id56
transaction_id14363538840
msgPayment_was_successful

3. The string to be hashed is $str = 53-78415614363538840Payment_was_successful which will generate the hash value of :

  • md5($str) => 69686562c29ad3f7955b1843a5c275ca
  • hash_hmac(‘SHA256′, $str, ’53-784’) => 4ca7837c6c4ddb5f6ba573ea701235b2d04bc6400d32787539e07aaf319eb70f

4. Now you need to compare the hash value that you have generated with the hash value sent from senangPay. If the value does not match then the data may have been tampered.

 

I. Download sample code

For your reference, please refer to this sample code. Kindly download from here.