SNAP – Transfer VA BPD
Standar Nasional Open API Pembayaran – Virtual Account Transfer-In (Bank BPD Bali)
POST
/api/v1.0/access-token/b2b
Get Access Token B2B
Parameters
Response
Try it out
snapTransferIn middlewareRSA SHA-256 signatureJWT token (exp: 15 menit)
Token digunakan untuk semua request SNAP selanjutnya. Expire dalam 15 menit.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| grantType | string | body | required | Harus bernilai client_credentials |
| X-TIMESTAMP | string | header | required | ISO 8601 datetime: 2024-01-15T10:30:00+07:00 |
| X-CLIENT-KEY | string | header | required | Partner ID / Client Key dari konfigurasi SNAP |
| X-SIGNATURE | string | header | required | Tanda tangan RSA SHA-256 dengan private key LPD |
Contoh Response 200 OK
{
"responseCode": "2007300",
"responseMessage": "Successful",
"accessToken": "eyJ0eXAiOiJKV1QiLC...",
"tokenType": "BearerToken",
"expiresIn": "900"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Request Body (JSON)
Request dikirim ke Base URL di atas
POST
/api/v1.0/transfer-va/inquiry
Virtual Account Inquiry
Parameters
Response
Try it out
snapTransferIn middlewareHMAC-SHA512 signature checkIP whitelist BPD (8 IP)Token validation
Middleware memvalidasi: IP sumber, HMAC signature, token JWT, dan field mandatory.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| Authorization | string | header | required | Bearer {accessToken} dari endpoint access-token/b2b |
| X-TIMESTAMP | string | header | required | ISO 8601 datetime |
| X-SIGNATURE | string | header | required | HMAC-SHA512 signature |
| X-PARTNER-ID | string | header | required | Partner ID (BPD Bali) |
| X-EXTERNAL-ID | string | header | required | Unique ID request (max 36 char) |
| CHANNEL-ID | string | header | required | Channel ID sistem |
| partnerServiceId | string | body | required | Kode bank prefix (8 digit, left-padded dengan spasi) |
| customerNo | string | body | required | Nomor nasabah (max 20 char) |
| virtualAccountNo | string | body | required | Nomor Virtual Account lengkap |
| inquiryRequestId | string | body | required | Reference ID unik dari bank pengirim |
| amount | object | body | optional | Object {value: "100000.00", currency: "IDR"} |
| additionalInfo | object | body | required | {terminalType, terminalId} |
Contoh Response 200 OK
{
"responseCode": "2002400",
"responseMessage": "Success",
"virtualAccountData": {
"partnerServiceId": " 881234",
"customerNo": "0123456",
"virtualAccountNo": " 8812340123456",
"inquiryRequestId": "INQ-001",
"virtualAccountName": "I MADE BUDI"
}
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Request Body (JSON)
Request dikirim ke Base URL di atas
POST
/api/v1.0/transfer-va/payment
Virtual Account Payment
Parameters
Response
Try it out
snapTransferIn middlewareDuplicate check (inquiryRequestId)DB insert: gtb_folio, gak_mutasi, gcore_transfer
Melakukan posting ke database: folio tabungan, mutasi kredit, dan core transfer.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| Authorization | string | header | required | Bearer {accessToken} |
| X-TIMESTAMP | string | header | required | ISO 8601 datetime |
| X-SIGNATURE | string | header | required | HMAC-SHA512 signature |
| X-PARTNER-ID | string | header | required | Partner ID |
| X-EXTERNAL-ID | string | header | required | Unique request ID |
| partnerServiceId | string | body | required | Kode bank prefix |
| customerNo | string | body | required | Nomor nasabah |
| virtualAccountNo | string | body | required | Nomor Virtual Account |
| virtualAccountName | string | body | required | Nama nasabah |
| paymentRequestId | string | body | required | Reference ID unik pembayaran |
| amount | object | body | required | {value: "100000.00", currency: "IDR"} |
| trxDateTime | string | body | required | Waktu transaksi ISO 8601 |
| additionalInfo | object | body | optional | {terminalType, terminalId} |
Contoh Response 200 OK
{
"responseCode": "2002500",
"responseMessage": "Success",
"virtualAccountData": {
"partnerServiceId": " 881234",
"customerNo": "0123456",
"virtualAccountNo": " 8812340123456",
"paymentRequestId": "PAY-001",
"paidAmount": {
"value": "100000.00",
"currency": "IDR"
},
"trxDateTime": "2024-01-15T10: 35: 00+07: 00"
}
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Request Body (JSON)
Request dikirim ke Base URL di atas
Mobile Banking – Autentikasi
Token, registrasi, login, logout, dan update credentials
POST
/api/smart/access/token
Get Access Token iOS
Parameters
Response
Try it out
iosCheckAccess middlewareIP whitelist checkPartner validationAccess logging
Token berlaku selama sesi aktif. Gunakan sebagai Authorization header di endpoint lain.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| user_id | string | query | required | Customer ID / IMEI (dienkripsi AES-256) |
| device_id | string | query | required | Device identifier |
| X-Access-Key | string | header | required | Access key dari konfigurasi |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Sukses",
"token": "eyJ0eXAiOiJKV1Qi...",
"expired": "2024-01-15 11: 30: 00"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/access/register
Register Nasabah
Parameters
Response
Try it out
iosCheckAccessiosTokenMdw
Jika nasabah pertama kali (status=SY), akan di-upgrade ke status A dan dikembalikan data lengkap.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| user_name | string | query | required | Username nasabah (dienkripsi) |
| user_pass | string | query | required | Password (dienkripsi AES-256) |
| Authorization | string | header | required | Bearer {token} dari /access/token |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{"status":"00","message":"Sukses","customer_id":"ENC_ID...","customer_name":"I MADE BUDI","pin":"ENC_PIN...","account_list":[{"norek":"1.123456","type":"tabungan"}],"bank_key":"KEY...","bank_list":[...],"ppob_list":[...]}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/access/login
Login Nasabah
Parameters
Response
Try it out
iosCheckAccessiosTokenMdw
Mengembalikan daftar rekening dan saldo (terenkripsi), daftar bank, dan produk PPOB aktif.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| user_name | string | query | required | Username (dienkripsi AES-256) |
| user_pass | string | query | required | Password (dienkripsi AES-256) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{"status":"00","message":"Sukses","customer_id":"ENC_ID...","customer_name":"I MADE BUDI","account_list":[{"norek":"1.123456","type":"tabungan","saldo":"ENC_SALDO"}],"bank_key":"KEY...","bank_list":[...],"ppob_list":[...]}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/access/logout
Logout Nasabah
Parameters
Response
Try it out
iosCheckAccessiosTokenMdw
Menutup token di gmob_token (set status=closed, end_time=now).
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Sukses"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Request dikirim ke Base URL di atas
POST
/api/smart/access/update/pass
Update Password
Parameters
Response
Try it out
iosCheckAccessiosTokenMdw
Verifikasi password lama sebelum update ke gmob_nasabah.pass_crypto.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| old_pass | string | query | required | Password lama (dienkripsi AES-256) |
| new_pass | string | query | required | Password baru (dienkripsi AES-256) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Password berhasil diubah"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/access/update/pin
Update PIN
Parameters
Response
Try it out
iosCheckAccessiosTokenMdw
Verifikasi PIN lama sebelum update ke gmob_nasabah.pin_crypto.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| old_pin | string | query | required | PIN lama (dienkripsi AES-256) |
| new_pin | string | query | required | PIN baru (dienkripsi AES-256) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "PIN berhasil diubah"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
Tabungan
Daftar rekening, histori transaksi, dan mutasi tabungan
POST
/api/smart/tabungan/account-list
Daftar Rekening Nasabah
Parameters
Response
Try it out
iosCheckAccessiosTokenMdw
Mengembalikan semua rekening (tabungan, pinjaman, deposito) dengan saldo terenkripsi.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| customer_id | string | query | required | Customer ID terenkripsi |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Sukses",
"data": [
{
"norek": "ENC...",
"type": "tabungan",
"saldo": "ENC...",
"currency": "IDR"
},
{
"norek": "ENC...",
"type": "pinjaman",
"saldo": "ENC..."
}
]
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/tabungan/transaction-history
Histori Transaksi
Parameters
Response
Try it out
iosCheckAccessiosTokenMdw
Query dari gtb_folio, hasil dienkripsi. Default 30 hari terakhir jika tanggal tidak disertakan.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| account_no | string | query | required | Nomor rekening (dienkripsi) |
| start_date | string | query | optional | Tanggal mulai YYYY-MM-DD |
| end_date | string | query | optional | Tanggal akhir YYYY-MM-DD |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Sukses",
"data": [
{
"tanggal": "2024-01-15",
"keterangan": "Transfer Masuk",
"debet": 0,
"kredit": 100000,
"saldo": 1500000
}
]
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/tabungan/mutasi-history
Histori Mutasi
Parameters
Response
Try it out
iosCheckAccessiosTokenMdw
Mutasi per periode (bulanan). Semua nilai nominal dienkripsi AES-256-CBC.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| account_no | string | query | required | Nomor rekening (dienkripsi) |
| period | string | query | optional | Periode: YYYYMM (default: bulan ini) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Sukses",
"saldo_awal": "ENC...",
"saldo_akhir": "ENC...",
"data": [
{
"tgl": "2024-01-15",
"ket": "PPOB-PLN",
"nominal": "ENC...",
"jenis": "D"
}
]
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
Transfer
Transfer sesama LPD dan transfer ke bank lain (via BPD)
POST
/api/smart/transfer/lpd/check
LPD – Cek Rekening Tujuan
Parameters
Response
Try it out
iosCheckAccessiosTokenMdw
Verifikasi rekening tujuan sesama LPD. Error 01 = rekening tidak aktif.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| account_no | string | query | required | Nomor rekening tujuan (dienkripsi AES-256) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Sukses inquiry",
"product_type": "tabungan",
"customer_name": "I WAYAN SARI"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/transfer/lpd/inquiry
LPD – Inquiry Transfer
Parameters
Response
Try it out
iosCheckAccessiosTokenMdwSHA-256 hash checkSaldo & limit check
Verifikasi: hash SHA-256, saldo cukup (min SALDO_MIN=50.000), limit transfer (10K–1M). Status 81 = bisa dilanjutkan.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| from_acc | string | query | required | Rekening sumber (dienkripsi) |
| to_acc | string | query | required | Rekening tujuan (dienkripsi) |
| amount | string | query | required | Nominal (dienkripsi) |
| from_name | string | query | required | Nama pengirim (dienkripsi) |
| to_name | string | query | required | Nama penerima (dienkripsi) |
| remark | string | query | required | Keterangan + hashCode (dienkripsi, format: ket<>hash) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "81",
"message": "Sukses Inquiry"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/transfer/lpd/post
LPD – Posting Transfer
Parameters
Response
Try it out
iosCheckAccessiosTokenMdwPIN validationDuplicate check (trans_no)DB: gtb_folio + gak_mutasi
Error 40=saldo kurang, 45=duplikat transaksi, 51-53=hash mismatch, 54=PIN salah. Posting ke gtb_folio dan gak_mutasi.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| trans_no | string | query | required | Nomor transaksi unik (dienkripsi) |
| from_acc | string | query | required | Rekening sumber (dienkripsi) |
| to_acc | string | query | required | Rekening tujuan (dienkripsi) |
| amount | string | query | required | Nominal (dienkripsi) |
| pin | string | query | required | PIN nasabah (dienkripsi) |
| remark | string | query | required | Keterangan (dienkripsi) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Transfer Berhasil",
"reference_no": "20240115120001"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/transfer/bank/check
Bank – Cek Rekening Tujuan
Parameters
Response
Try it out
iosCheckAccessiosTokenMdw
Melakukan cURL ke BPD API untuk validasi rekening tujuan di bank lain.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| bank_code | string | query | required | Kode bank tujuan (dienkripsi) |
| account_no | string | query | required | Rekening tujuan di bank (dienkripsi) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Sukses",
"customer_name": "I KETUT DANA",
"bank_name": "BNI"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/transfer/bank/inquiry
Bank – Inquiry Transfer
Parameters
Response
Try it out
iosCheckAccessiosTokenMdwHMAC-SHA256 checkBPD cURL call
Menghitung biaya transfer dari gcore_bankcode. Status 81 = dapat dilanjutkan ke posting.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| bank_code | string | query | required | Kode bank tujuan (dienkripsi) |
| account_no | string | query | required | Rekening tujuan (dienkripsi) |
| from_acc | string | query | required | Rekening sumber (dienkripsi) |
| amount | string | query | required | Nominal transfer (dienkripsi) |
| remark | string | query | required | Keterangan + hash (dienkripsi) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "81",
"message": "Sukses Inquiry",
"fee": "3500",
"total": "103500"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/transfer/bank/post
Bank – Posting Transfer
Parameters
Response
Try it out
iosCheckAccessiosTokenMdwPIN checkBPD API call via cURLDB: gcore_transfer
Mengirim ke BPD API, jika sukses insert ke gcore_transfer. Jika gagal, lakukan rollback gtb_folio.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| bank_code | string | query | required | Kode bank (dienkripsi) |
| account_no | string | query | required | Rekening tujuan (dienkripsi) |
| from_acc | string | query | required | Rekening sumber (dienkripsi) |
| amount | string | query | required | Nominal (dienkripsi) |
| pin | string | query | required | PIN nasabah (dienkripsi) |
| trans_no | string | query | required | Nomor transaksi (dienkripsi) |
| remark | string | query | required | Keterangan (dienkripsi) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Transfer Berhasil",
"reference_no": "BPD20240115001"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
PPOB & IAK
Pembayaran tagihan PLN, PDAM, BPJS, Pulsa (via FastPay & IAK)
POST
/api/smart/ppob/check
PPOB – Cek Tagihan
Parameters
Response
Try it out
iosCheckAccessiosTokenMdw
Cek ke FastPay/IAK. Kembalikan detail tagihan: nama, jumlah, periode, denda, biaya admin.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| product_code | string | query | required | Kode produk PPOB (dienkripsi). Contoh: PLN-POSTPAID |
| customer_id | string | query | required | ID Pelanggan / nomor meter (dienkripsi) |
| account_no | string | query | required | Rekening pembayaran (dienkripsi) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Sukses",
"customer_name": "I MADE SUKERTA",
"tagihan": "150000",
"period": "202401",
"denda": "0",
"total": "150000",
"admin": "2500"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/ppob/request
PPOB – Bayar Tagihan
Parameters
Response
Try it out
iosCheckAccessiosTokenMdwPIN validationSaldo checkFastPay/IAK API call
Cek saldo cukup, kirim ke FastPay/IAK, insert gppob_transaction dan gtb_folio. Jika gagal = rollback.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| product_code | string | query | required | Kode produk PPOB (dienkripsi) |
| customer_id | string | query | required | ID Pelanggan (dienkripsi) |
| account_no | string | query | required | Rekening pembayaran (dienkripsi) |
| amount | string | query | required | Nominal pembayaran (dienkripsi) |
| pin | string | query | required | PIN transaksi (dienkripsi) |
| trans_no | string | query | required | Nomor transaksi unik (dienkripsi) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Pembayaran Berhasil",
"ref_no": "FP20240115001",
"struk": "PLN POSTPAID 150000 OK"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/iak/check
IAK – Cek Produk
Parameters
Response
Try it out
iosCheckAccessiosTokenMdw
Cek ketersediaan dan harga produk IAK (pulsa, paket data, game voucher).
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| product_code | string | query | required | Kode produk IAK (dienkripsi). Contoh: TSEL5 (Telkomsel 5K) |
| customer_id | string | query | required | Nomor HP tujuan (dienkripsi) |
| account_no | string | query | required | Rekening pembayaran (dienkripsi) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Sukses",
"product_name": "Telkomsel 5.000",
"price": "5500",
"admin": "0"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/smart/iak/request
IAK – Beli Produk
Parameters
Response
Try it out
iosCheckAccessiosTokenMdwPIN validationIAK API call
Pembelian pulsa/paket via IAK API. SN = serial number produk dari IAK.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| product_code | string | query | required | Kode produk IAK (dienkripsi) |
| customer_id | string | query | required | Nomor HP tujuan (dienkripsi) |
| account_no | string | query | required | Rekening pembayaran (dienkripsi) |
| pin | string | query | required | PIN transaksi (dienkripsi) |
| trans_no | string | query | required | Nomor transaksi unik (dienkripsi) |
| Authorization | string | header | required | Bearer {token} |
| X-Timestamp | string | header | required | Unix timestamp |
Contoh Response 200 OK
{
"status": "00",
"message": "Transaksi Berhasil",
"ref_no": "IAK20240115001",
"sn": "SN123456789"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
ATM Cardless
Operasi mesin ATM tanpa kartu – token, saldo, setor, tarik, batal
POST
/api/cardless/create-token
ATM – Buat Token Cardless
Parameters
Response
Try it out
machineCheck middlewareIP whitelistHMAC hash validation
Token 6 karakter, berlaku 5 menit. Disimpan di gmob_token. Digunakan untuk transaksi cardless.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| account_no | string | query | required | Nomor rekening lengkap (format: PREFIX+norek, contoh: 8812341.123456) |
| X-Machine-Hash | string | header | required | HMAC-SHA256 hash dari mesin ATM |
| X-Machine-IP | string | header | required | IP address mesin ATM (whitelist) |
Contoh Response 200 OK
{
"status": "00",
"message": "Token Berhasil.",
"data": "A1B2C3"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/cardless/get-token
ATM – Validasi Token dari Mobile
Parameters
Response
Try it out
machineCheck middleware
Mesin ATM memanggil ini untuk mendapatkan token yang dibuat nasabah dari mobile. response_code: 00=OK, 12=kode salah, 14=rekening tidak aktif, 30=token expired.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| account_no | string | query | required | Nomor rekening (format BPD) |
| transaction_code | string | query | required | Kode transaksi ATM (harus "39") |
| transaction_id | string | query | required | ID transaksi ATM |
| transaction_datetime | string | query | required | Datetime transaksi (YYYYMMDDHHmmss) |
| X-Machine-Hash | string | header | required | HMAC hash mesin |
| X-Machine-IP | string | header | required | IP mesin ATM |
Contoh Response 200 OK
{
"transaction_code": "39",
"transaction_id": "TXN001",
"response_code": "00",
"token": "A1B2C3"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/cardless/check-balance
ATM – Cek Saldo
Parameters
Response
Try it out
machineCheck middlewareToken validation
Validasi token aktif, kembalikan saldo dari gtb_folio (sum kredit-debit).
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| account_no | string | query | required | Nomor rekening (format BPD) |
| token | string | query | required | Token cardless 6 digit |
| X-Machine-Hash | string | header | required | HMAC hash mesin |
| X-Machine-IP | string | header | required | IP mesin |
Contoh Response 200 OK
{
"status": "00",
"message": "Sukses",
"saldo": "1500000",
"account_no": "1.123456",
"account_name": "I MADE BUDI"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/cardless/cash-debit
ATM – Penarikan Tunai
Parameters
Response
Try it out
machineCheckToken validationSaldo checkDB: gtb_folio + gak_mutasi
Debet rekening nasabah. Insert folio debet ke gtb_folio dan mutasi ke gak_mutasi. Token dinonaktifkan setelah transaksi.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| account_no | string | query | required | Nomor rekening |
| token | string | query | required | Token cardless aktif |
| amount | string | query | required | Nominal penarikan (numerik) |
| transaction_id | string | query | required | ID transaksi ATM unik |
| transaction_datetime | string | query | required | Datetime (YYYYMMDDHHmmss) |
| X-Machine-Hash | string | header | required | HMAC hash mesin |
| X-Machine-IP | string | header | required | IP mesin |
Contoh Response 200 OK
{
"status": "00",
"message": "Penarikan Berhasil",
"saldo_akhir": "1400000",
"reference": "ATM20240115001"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/cardless/cash-credit
ATM – Penyetoran Tunai
Parameters
Response
Try it out
machineCheckToken validationDB: gtb_folio + gak_mutasi
Kredit rekening nasabah. Insert folio kredit ke gtb_folio. Token dinonaktifkan setelah transaksi.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| account_no | string | query | required | Nomor rekening |
| token | string | query | required | Token cardless aktif |
| amount | string | query | required | Nominal setoran (numerik) |
| transaction_id | string | query | required | ID transaksi ATM unik |
| transaction_datetime | string | query | required | Datetime (YYYYMMDDHHmmss) |
| X-Machine-Hash | string | header | required | HMAC hash mesin |
| X-Machine-IP | string | header | required | IP mesin |
Contoh Response 200 OK
{
"status": "00",
"message": "Setoran Berhasil",
"saldo_akhir": "1600000",
"reference": "ATM20240115002"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/cardless/reversal-debit
ATM – Batal Penarikan
Parameters
Response
Try it out
machineCheckTransaction lookup
Reversal transaksi penarikan. Hapus record dari gtb_folio dan gak_mutasi berdasarkan transaction_id.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| account_no | string | query | required | Nomor rekening |
| transaction_id | string | query | required | ID transaksi yang akan dibatalkan |
| X-Machine-Hash | string | header | required | HMAC hash mesin |
| X-Machine-IP | string | header | required | IP mesin |
Contoh Response 200 OK
{
"status": "00",
"message": "Batal Penarikan Berhasil"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
POST
/api/cardless/reversal-credit
ATM – Batal Setoran
Parameters
Response
Try it out
machineCheckTransaction lookup
Reversal transaksi setoran. Hapus record folio kredit dari database.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| account_no | string | query | required | Nomor rekening |
| transaction_id | string | query | required | ID transaksi yang akan dibatalkan |
| X-Machine-Hash | string | header | required | HMAC hash mesin |
| X-Machine-IP | string | header | required | IP mesin |
Contoh Response 200 OK
{
"status": "00",
"message": "Batal Setoran Berhasil"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Query Parameters
Request dikirim ke Base URL di atas
PPOB Callback
Webhook dari FastPay untuk notifikasi hasil transaksi PPOB
POST
/api/ppob/callback
PPOB – Notifikasi Callback FastPay
Parameters
Response
Try it out
IP whitelist FastPay
Update status transaksi di gppob_transaction. Jika status gagal, rollback folio nasabah.
| Name | Type | In | Required | Description |
|---|---|---|---|---|
| ref_id | string | body | required | Reference ID transaksi dari FastPay |
| product_code | string | body | required | Kode produk |
| customer_id | string | body | required | ID pelanggan |
| status | string | body | required | Status: 00=sukses, lainnya=gagal |
| amount | number | body | required | Nominal transaksi |
| timestamp | string | body | optional | Waktu callback dari FastPay |
| X-FastPay-Signature | string | header | optional | Tanda tangan dari FastPay (opsional tergantung konfigurasi) |
Contoh Response 200 OK
{
"status": "00",
"message": "OK"
}
Response Codes
| Status / Code | Arti |
|---|---|
| 200 / 00 | Sukses |
| 81 | Inquiry sukses, lanjut ke posting |
| 01 | Data tidak ditemukan / rekening tidak aktif |
| 40 | Saldo tidak mencukupi |
| 45 | Transaksi duplikat |
| 51-53 | Hash mismatch (data dimodifikasi) |
| 54 | PIN salah |
| 62 | Transaksi tidak dapat diproses |
| 68 | Timeout / exception |
Headers
Request Body (JSON)
Request dikirim ke Base URL di atas