What is senangPay tokenization?

Tokenization allows merchant to charge customer’s credit card without the need to enter the credit card details (name, card number, expiry and cvv).

How does it works?

Merchant’s customers will enter their credit card details one time only. During this one time process, senangPay will validate the card to make sure the card is valid by charging an amount of ​RM1​ to the card. Not to worry that this amount will be voided later. Meaning that the transaction will never appeared on the customer’s credit card statement.

If senangPay failed to charge the card, meaning that the card is not valid. Once validated, the card’s info will be stored in senangPay’s server (PCI-DSS certified).

API list

Get token

We have developed a new secure way of generating token for our tokenization payment. In this new feature, card holder is required to pass the OTP (3D secure) check before able to get the payment token. Also, there are few extra layers been added to ensure no non authorised card being used for this tokenization payment feature.

The old (current) way of getting the payment token will be discontinued and no more access will be granted.

Get token (3D Get Token)

Get token (Will be deprecated on 31st December 2019)


Item Detail
URL endpoint (POST) https://app.senangpay.my/apiv1/get_payment_token

Authorization Header (Basic Auth)


Type Basic
Username < your-merchant-id >
As listed in the profile settings page.
Password None, leave empty.

Request Parameter (all is mandatory)


Parameter Name Parameter value/description
name Your customer name. Maximum length is 100.
Eg. Abu Bin Ali
email Your customer email.
Eg. ahmad@google.com
phone Your customer phone number.
Eg. 0109876543
cc_number Your customer credit card number.
cc_exp Your customer credit card expiration date in MMYY format.
Eg. if the card expires on January 2017, you need to send 0117
cc_cvv Your customer credit card CVV number.
Eg. 123

Response Parameter


Parameter Name Parameter value / description
status Your transaction status. 1 if success. 0 if failed.
token If card validation succeed, token will be generated. The token will be used for future payment on the card.
msg Card validation status message. If it was successful you will receive ‘Card successfully verified, the generated token can be used for future payment.’. If the validation failed, you will receive the error message in this parameter for further checking.

Pay credit card using token

Item Detail
URL endpoint (POST) https://app.senangpay.my/apiv1/pay_cc

Authorization Header (Basic Auth)

Type Basic
Username < your-merchant-id >
As listed in the profile settings page.
Password None, leave empty.

Request Parameter (All Mandatory)

Parameter Name Parameter value/description
name Your customer name. Maximum length is 100.
Eg. Abu Bin Ali
email Your customer email.
Eg. ahmad@google.com
detail Your order detail. Maximum length is 100. Eg. Order for product id #4
phone Your customer phone number.
Eg. 0109876543
order id Your order id. Can be number or string. Other character is invalid. Eg. 123 
amount Your order amount in integer format. Convert from decimals as necessary.
Eg. if the amount is RM 2.00, you need to send 200.
token Generated token from Get Token API 
hash A string hashed with your secret key (from your profile setting page) in HMAC hashing algorithm with SHA256 in the following format:
< your merchant id >< name >< email >< phone >< detail >< order_id >< amount >
*without the < > character

Response Parameter

The same response as our MOTO API http://guide.senangpay.my/senangpay-api-endpoint-for-moto-transaction-2/

Enable/disable credit card

Item Detail
URL endpoint (POST) https://app.senangpay.my/apiv1/update_token_status

Authorization header (Basic Auth)

Type Basic
Username < your-merchant-id >
As listed in the profile settings page.
Password None, leave empty.

Request Parameter (All Mandatory)


Parameter NameParameter value / description
token Generated token from Get Token API

Response Parameter

Parameter Name Parameter value/description
msg Message for the token is successfully disabled or enabled.
token Generated token from Get Token API that has been disabled or enabled.

Validate payment token

Item Detail
URL endpoint (POST) https://app.senangpay.my/apiv1/validate_token

Authorization header (Basic Auth)

Type Basic
Username < your-merchant-id >
As listed in the profile settings page.
Password None, leave empty.

Request Parameter (All Mandatory)


Parameter NameParameter value / description
token Generated token from Get Token API

Response Parameter

Parameter Name Parameter value/description
status Token validation status. 1 if success. 0 if failed.
msg Token validation status message. If it was successful you will receive ‘Card has been successfully verified.’. If the validation failed, you will receive the error message in this parameter for further checking.
token Generated token from Get Token API that has been disabled or enabled. The token will still be the same, nothing changed. We just return the same token here.

Leave a Reply