fbpx
← back

Manual Integration API (Open API)

Please take note that :

  • Duplicate Order IDsTo ensure the uniqueness of your order IDs and prevent any potential issues with duplicate entries, merchants can request assistance through our customer support at [email protected]

If you have developed your own shopping cart and need to do a manual integration by yourself, here are the details.

 

A. Information required

To start, we will need the information as below. These can be retrieved in the senangPay Dashboard.

1. Go to Menu > Settings > Profile

2. Refer to the Shopping Cart Integration Link section. Get your Merchant ID and Secret Key information.

3. Then you will need to fill in the return URL. This is the URL where senangPay will redirect the buyer to after the payment has been processed.

4. Next, you need to fill the Callback URL. Callback URL is used as an alternative notification to the merchant shopping cart in case there is a breakdown in the transaction flow. For more info on the Callback URL, please read here 

 

B. What parameters to send to senangPay

The table below lists the details of each parameter:

Item Detail

detail

*required*

This is the description that will be displayed when making the payment. The maximum length is 500 characters. Any underscore (_) characters will be converted to space. Example Shopping_cart_id_30. Only A to Z, a to z, 1 to 0, dot, comma, dash and underscore allowed.

amount

*required*

The amount to charge the buyer. The format must be in 2 decimal places. Example 25.50.

order_id

*required*

This is the id used to identify the shopping cart when senangPay redirects the buyer back after the payment was made. The maximum length is 100 characters. Only A to Z, a to z, 0 to 9, and dash allowed. Example 3432D4.

hash

*required*

The is the data to ensure the data integrity has passed from the merchant’s shopping cart to senangPay. Refer to How to generate the secure hash section for more info.

name

*required*

This is the name to populate in the payment form so that customers do not have to key in their names. This is optional and does not have to be a part of the hash. Customers may overwrite the value in the payment form.

email

*required*

This is the email address to populate in the payment form so that customers do not have to key in their emails. This is optional and does not have to be a part of the hash. Customers may overwrite the value in the payment form.

phone

*required*

This is the phone to populate in the payment form so that customer do not have to key in their phone. This is optional and not have to be part of the hash. Customer is able to overwrite the value in payment form.
timeout This parameter specifies the timeout for the payment process in seconds. It is a numeric or integer value. For example, 8 minutes equal to 480 seconds. If provided, the payment process will automatically expire if not completed within the specific timeout period and user will be redirected to the merchant return URL. If omitted, there is no timeout applied. Minimum timeout would be 60 seconds, therefore value below than 60 seconds will be defaulted to minimum timeout.

 

C. How to send the parameters to senangPay (Live)

1. The parameters can be sent through either GET or POST.

2. The URL is

https://app.senangpay.my/payment/

followed by your merchant ID.

3. Example:

https://app.senangpay.my/payment/14222653788472

 

D. How to send the parameters to senangPay (Sandbox)

1. The parameters can be sent either using GET or POST method.

2. The URL is

https://sandbox.senangpay.my/payment/

followed by your merchant ID.

3. Example:

https://sandbox.senangpay.my/payment/14222653788472

 

E. What Parameters does the shopping cart receive from senangPay

The table below lists the details of the elements:

Item Detail
status_id This is to indicate the status of the payment. It only has 3 values which is ; 2 for pending authorization, 1 for successful and 0 for failed.
order_id This is the order that is sent to senangPay. This is to identify the shopping cart transaction.
msg This is the message to describe the payment status. The maximum length is 100 characters. Take note that the message may contain underscores. You can replace the underscore as space when displaying the message to your customers. Example: Payment_was_successful.
transaction_id This is the transaction ID used by senangPay. You can use this ID to track the transaction in senangPay. The maximum length is 100 characters. Example 14363538840
hash This is the data to ensure that data integrity has passed from senangPay to the merchant’s shopping cart. Refer to section ‘How to verify if the secure hash is correct’ for more info.

 

F. How parameters are sent from senangPay to the merchant’s shopping cart?

1. The parameters will be send using GET method.

2. The parameters are sent to URL as configured in the return URL. Refer to the ‘Info required’ section.

 

G. How to generate the secure hash

1. The secure hash is generated by using HMAC hashing algorithm with SHA256 or md5 on a string consisting of (according to sequence):

  • Secret Key
  • Detail
  • Amount
  • Order ID

2. For example if the values for the parameters are as below:

Item Detail

Secret Key

53-784

Detail

Shopping_cart_id_30

Amount

24.50

Order ID

56

3. The string to be hashed is $str = 53-784Shopping_cart_id_3024.5056 which will generate the hash value of :

  • md5($str) => 0bde51ff340f110ab7331a902aa969e7
  • hash_hmac(‘SHA256′, $str, ’53-784’) => 74422328b44d30bf150fffbae89bbb42b885f9ac0960e2a3ddccc0cf9aa48e39

 

H. How to verify if the secure hash is correct

1. Merchants will need to generate the secure hash and compare the secure hash that was received from senangPay.

2. For example if the parameters received from senangPay are as below:

Item Detail

secret key

53-784

status_id

1

order_id

56

transaction_id

14363538840

msg

Payment_was_successful

3. The string to be hashed is $str = 53-78415614363538840Payment_was_successful which will generate the hash value of :

  • md5($str) => 69686562c29ad3f7955b1843a5c275ca
  • hash_hmac(‘SHA256′, $str, ’53-784’) => 4ca7837c6c4ddb5f6ba573ea701235b2d04bc6400d32787539e07aaf319eb70f

4. Now you need to compare the hash value that you have generated with the hash value sent from senangPay. If the value does not match then the data may have been tampered.

 

I. Download sample code

For your reference, please refer to this sample code. Kindly download from here.