# Peru Payment(SOL) API Documentation
# 1. How to get API Key
The user logs in to the cash register -> Developer Center -> API Key -> Create API key. API Key has a separate configuration page and is bound to a fixed IP address ("0.0.0.0" means no IP interception filtering, any IP can be accessed), and different API Keys can be configured to meet different needs. Please do not disclose your Access Key and Secret Key to avoid asset loss. After the Secret Key is generated, it cannot be viewed again. Please save it in time. If you forget the Secret Key, please recycle the key pair in the backstage of the merchant and apply for a new key pair.
# 1.1 How to create API KEY
• Click Developer Center-API Key
• 1Choose whether to enable the debug mode (After debugging mode is enabled, you will have a standard prompt message and log view address for any errors)
• 2Select API Key permission
• 3Enter the whitelist address (0.0.0.0 means any IP address can be accessed)
Note: (When entering the whitelist domain name, you should pay attention to using "," to isolate multiple IPs.)
• 4 click create to generate API KEY
(After the API KEY is generated, you can copy, view, edit, and delete it in the My API KEY list below. Note that the Secret key only appears once when it is generated. Please save it properly. If you forget the Secret Key, Please recycle the key pair and apply for a new one.)
• Click Edit to close or open [Start Debugging] and modify the API Key permission and whitelist address. After the modification is complete, click Save
Note: Please wait patiently for 90 seconds for the API Key to take effect after creating or editing the API Key
# 2. How to use API Key
The current API Key is to add a parameter list in the header of the request
| Parameter name | Parameter description | Type | Required |
|---|---|---|---|
| access_key | Api Key access key (eg: TPhoa7ZQ) | String | Yes |
| timestamp | Millisecond-level timestamp (13 digits, such as: 1679669488472) | String | Yes |
| nonce | UUID (36 bits such as: 02f7a04f-53cc-47d4-bb3f-fae69dab49ac) The five parts are 8 characters, 4 characters, 4 characters, 4 characters, and 12 characters, with "-" in the middle interval | String | yes |
| sign | Parameter signature (eg: GXx2wYUD6UVr+zcmeCSFFPzcBLA=) | String | Yes |
# 3. Technology side parameter access process
# 4. How to sign the interface
# Signature Description
API requests are very likely to be tampered with during transmission over the internet. In order to ensure that the request has not been changed, all private interfaces except public interfaces (basic information, market data, etc.) must use your API Key is used for signature verification to verify whether parameters or parameter values have changed during transmission.
A legitimate request consists of the following parts:
- access_key: API access key;
- secret_key: The key used for signature encryption (only visible once when applying for an API Key in the background, please copy and save it in a safe place, and do not disclose it);
- timestamp: The time (UTC time) when you made the request. Such as: 1632811287325 (13 digits). Including this value in a query request helps prevent third parties from intercepting your request;
- nonce: random UUID string. Such as: 053a1b81-48a0-4bb1-96b2-60f6e509d911 (36 bits);
- sign: The value calculated by the signature, which is used to ensure that the signature is valid and has not been tampered with;
- All interfaces need to pass the above public parameters except secret_key in the http request header (header). The public parameters include (access_key, timestamp, nonce, sign) and other signature parameters are described in the API interface as allow.
# Signature steps
1. Define a Map dictionary type object, and put the parameters in the request into it in the form of key-value
2. Put access_key, timestamp, and nonce into the Map defined in the first step
3. Sort the attributes in the Map in ascending order (lexicographic order) according to the ASCII code and convert the Map to a string in the form of "key1=value1&key2=value2"
4. Encrypt the character string converted in the previous step with secret_key by HMAC_SHA1 and perform Base64 transcoding to obtain the value of the sign parameter. secret_key is the information in the apikey created on the cashier platform
5. Add the sign value and other required parameters to the request header, and send the request to the target interface
# Signature debugging tools
SignUtil: User login to cash register -> Developer Center -> API Documentation -> Signature Tool The Signature tool page is displayed (The access_key in the tool, please use a valid access_key and please set the IP whitelist that allows this access_key access to 0.0.0.0, we strongly recommend the used Access_key is discarded after debugging)
# 5. Interface list
# 5.1 Test interface connectivity
request method
Get
Request URL
/ping
response data
{"version":"1.0.1","timestamp":1688116827306}
Response parameter description
| Param | Type | Desc |
|---|---|---|
| version | String | If this parameter is returned, all interfaces in this document can be requested normally |
| timestamp | int64 | Unix timestamp |
# 5.2 Create a new collection order
request method
post
Request URL
/api/v3/peru/createCollectingOrder
Request type
Header: { 'Content-Type': 'application/json;charset=utf-8'}
request header
| Param | Desc | Sample |
|---|---|---|
| access_key | Acquisition from merchant background | pFqV75X3 |
| timestamp | Unix timestamp 13 digits milliseconds | 1679724896223 |
| nonce | UUID V4 | 794c26b0-d33c-4394-b2bb-c485eca16d9e |
| sign | Calculated signature | kAXyh+eerqrefyaF8dyFB0M4FVo= |
request parameters
{
"amount":"100",
"channelType":"BANK",
"externalOrderId":"12355555555",
"notifyUrl":"https://platform.hambit.co/#/home/dashboard"
}
Description of request parameters
| Param | Desc | Sample | Require |
|---|---|---|---|
| amount | Receipt amount, the decimal point cannot exceed 2 digits and the amount cannot be less than 100 (String) | 100 | required |
| channelType | payment type (String) oneof=BANK GEN | BANK(Choose either option based on actual situation) | required |
| externalOrderId | Merchant order number max=64 (String) | 354997490558818072 | required |
| notifyUrl | notification URL (String, URL) | http://192.168.1.135:30001 | optional |
| remark | remark max=255 (String) | 123 | optional |
| returnUrl | return URL (String, URL) | http://192.168.1.135:30001 | optional |
response type
Header: { 'Content-Type': 'application/json;charset=utf-8'}
response data
{
"code": "200",
"success": true,
"msg": "成功",
"msgEn": "SUCCESS",
"data": {
"cashierUrl": "https://t-cashier-fiat.hambit.co/OCURRPAID202404150720041713165604333DEV001OO0000000200014896?data=eyJjYXNoaWVyQ3VycmVuY3lBbW91bnQiOjEwMC4wMDAsImNhc2hpZXJFeHBpcmVUaW1lIjoxNzEzMTY3NDA0NDQ3LCJjYXNoaWVySWQiOiJPQ1VSUlBBSUQyMDI0MDQxNTA3MjAwNDE3MTMxNjU2MDQzMzNERVYwMDFPTzAwMDAwMDAyMDAwMTQ4OTYiLCJjYXNoaWVyVXJsIjoiaHR0cHM6Ly90LWNhc2hpZXItZmlhdC5oYW1iaXQuY28vT0NVUlJQQUlEMjAyNDA0MTUwNzIwMDQxNzEzMTY1NjA0MzMzREVWMDAxT08wMDAwMDAwMjAwMDE0ODk2IiwiY3VycmVuY3kiOiJTT0wiLCJjdXJyZW5jeU9yZGVyVm8iOnsiYW1vdW50IjoxMDAuMDAwLCJjaGFubmVsSWQiOjE3Nzc5NDc5NzMzMTcxMTU5MDYsImN1cnJlbmN5IjoiU09MIiwiZXh0ZXJuYWxPcmRlcklkIjoiMTIzNTU1NTU1NTUiLCJtZXJjaGFudE5hbWUiOiJjbGFya19hZ2VudF9oYW1iaXQiLCJvcmRlcklkIjoiT0NVUlJQQUlEMjAyNDA0MTUwNzIwMDQxNzEzMTY1NjA0NTk1REVWMDAxT08wMDAwMDAwNDAwMDE0ODk3Iiwib3JkZXJTdGF0dXMiOiJBd2FpdGluZyBQYXltZW50Iiwib3JkZXJTdGF0dXNDb2RlIjoxLCJvcmRlclRpbWUiOjE3MTMxNjU2MDQ2MDYsInBheVBhcmFtIjoiLz9jYXNoaWVyX3ZlcnNpb249MTImc2lnbj0vOUtxL2xYMWFuT0pMVjVmbGlMZ25nPT0mY3VycmVuY3k9U09MJnBheV9pZD0wMjAyNDA0MTUwMTIwMDUwNzQwMDU1NCZyZWRpcmVjdGlvbj1hSFIwY0hNNkx5OXpaV04xY21VdFkyaGxZMnR2ZFhRdWNHRjVkbUZzYVdSaExtTnZiVDkwYjJ0bGJqMWxlVXBvWWtkamFVOXBTa2xWZWtreFRtbEpjMGx1VWpWalEwazJTV3R3V0ZaRFNqa3VaWGxLVGxKV1NrUlRSVVpQVmtZNVJGSlZkMmxQYVVseVRsUkpORTFVU1hsTlZFa3dUbXBuZDBscGQybFVWVlpUVVRCb1FsUnNVbVpSTURsRlVsTkpOazE2VVhkUFZFMXpTV3M1VTFKRlZsTllNRTVRVWtWVmFVOXFTWHBPZWxFMVQwUlplazVEZDJsVVZWWlRVVEJvUWxSc1VtWlNWVEZDVTFWM2FVOXBTbnBrV0VKM1lqTktNRkZITVRSaVdFNXFZVk0xYW1JeU1HbE1RMHBPVWxaS1JGTkZSazlXUmpsTlZEQmtVRWxxYjJsSmFYZHBWRlZXVTFFd2FFSlViRkptVmxaS1RWZ3hTa1pXUmxaVFZHbEpOa2xwU1hOSmF6RkdWV3RPU1ZGVk5WVllNRFZDVkZWVmFVOXBTa2hpUnpscFdWZDNaMVpIVm1waFEwRnZWVVZWY0VscGQybFNWbWhSVTFaS1FsWkZiRkJVYVVrMlNXcEZNMHg2UVRCTWVrbDNUV3BSYVV4RFNsQlZhMUpHVld3NVExVnJiRVpTYVVrMlNXMUtNV1ZUU1hOSmF6bFRVa1ZXVTFnd1RsWlZiRXBHVkd0T1drbHFiMmxWUlZaUFNXbDNhVlF4U2tWU1ZrcG1VVlV4VUZaV1VXbFBhVWw0VFVSQmRVMURTWE5KYXpGR1ZXdE9TVkZWTlZWWU1HeEZTV3B2YVdOSFJqVmlWMVoxWkVkNGFHUkhSblJhTW5oMldXMUdjMGxwZDJsVU1VcEZVbFpLWmxWclZrZFNWa3BHVkd0T1JrbHFiMmxQVkVFMVQwUk5ORTFFUVROTlZGbHBURU5LVUZWclVrWlZiRGxPVWxaU1NWUXdVV2xQYVVscFRFTktWbFV3VmxOWU1GSktTV3B2YVVscGQybFdWazVHVld3NVZWZFdRa1pZTUZKS1NXcHZhVWxwZDJsV1ZrNUdWV3c1VDFGVk1VWkphbTlwU1dsM2FWVnJWa1ZUVmtwR1VURlNabFpGYkU1U1ZUbFdWa05KTmtscFNYTkphekZHVld0T1NWRlZOVlZZTVZKR1ZGWkNUVkZXVWtaSmFtOXBXa2RXYlZsWVZuTmtRMGx6U1cxV05HTkRTVFpOVkdONFRYcFJlRTVxVVhkTlEzZHBZVmhPZWtscWIybFpXRll3WVVSQmFXWlJMa0pRZVc4d2MxcEtXVzlhV0U4MFEyTkJhWFJrYjBWaWRubE9lSFZuU1RFMmEyTlZVazVoTm1rM1h6QT0iLCJwYXlUeXBlIjoxMDIsInBheVR5cGVOYW1lIjoiQkFOSyIsInBheVVybCI6Ii8/Y2FzaGllcl92ZXJzaW9uPTEyJnNpZ249LzlLcS9sWDFhbk9KTFY1ZmxpTGduZz09JmN1cnJlbmN5PVNPTCZwYXlfaWQ9MDIwMjQwNDE1MDEyMDA1MDc0MDA1NTQmcmVkaXJlY3Rpb249YUhSMGNITTZMeTl6WldOMWNtVXRZMmhsWTJ0dmRYUXVjR0Y1ZG1Gc2FXUmhMbU52YlQ5MGIydGxiajFsZVVwb1lrZGphVTlwU2tsVmVra3hUbWxKYzBsdVVqVmpRMGsyU1d0d1dGWkRTamt1WlhsS1RsSldTa1JUUlVaUFZrWTVSRkpWZDJsUGFVbHlUbFJKTkUxVVNYbE5WRWt3VG1wbmQwbHBkMmxVVlZaVFVUQm9RbFJzVW1aUk1EbEZVbE5KTmsxNlVYZFBWRTF6U1dzNVUxSkZWbE5ZTUU1UVVrVlZhVTlxU1hwT2VsRTFUMFJaZWs1RGQybFVWVlpUVVRCb1FsUnNVbVpTVlRGQ1UxVjNhVTlwU25wa1dFSjNZak5LTUZGSE1UUmlXRTVxWVZNMWFtSXlNR2xNUTBwT1VsWktSRk5GUms5V1JqbE5WREJrVUVscWIybEphWGRwVkZWV1UxRXdhRUpVYkZKbVZsWktUVmd4U2taV1JsWlRWR2xKTmtscFNYTkphekZHVld0T1NWRlZOVlZZTURWQ1ZGVlZhVTlwU2toaVJ6bHBXVmQzWjFaSFZtcGhRMEZ2VlVWVmNFbHBkMmxTVm1oUlUxWktRbFpGYkZCVWFVazJTV3BGTTB4NlFUQk1la2wzVFdwUmFVeERTbEJWYTFKR1ZXdzVRMVZyYkVaU2FVazJTVzFLTVdWVFNYTkphemxUVWtWV1UxZ3dUbFpWYkVwR1ZHdE9Xa2xxYjJsVlJWWlBTV2wzYVZReFNrVlNWa3BtVVZVeFVGWldVV2xQYVVsNFRVUkJkVTFEU1hOSmF6RkdWV3RPU1ZGVk5WVllNR3hGU1dwdmFXTkhSalZpVjFaMVpFZDRhR1JIUm5SYU1uaDJXVzFHYzBscGQybFVNVXBGVWxaS1psVnJWa2RTVmtwR1ZHdE9Sa2xxYjJsUFZFRTFUMFJOTkUxRVFUTk5WRmxwVEVOS1VGVnJVa1pWYkRsT1VsWlNTVlF3VVdsUGFVbHBURU5LVmxVd1ZsTllNRkpLU1dwdmFVbHBkMmxXVms1R1ZXdzVWVmRXUWtaWU1GSktTV3B2YVVscGQybFdWazVHVld3NVQxRlZNVVpKYW05cFNXbDNhVlZyVmtWVFZrcEdVVEZTWmxaRmJFNVNWVGxXVmtOSk5rbHBTWE5KYXpGR1ZXdE9TVkZWTlZWWU1WSkdWRlpDVFZGV1VrWkphbTlwV2tkV2JWbFlWbk5rUTBselNXMVdOR05EU1RaTlZHTjRUWHBSZUU1cVVYZE5RM2RwWVZoT2VrbHFiMmxaV0ZZd1lVUkJhV1pSTGtKUWVXOHdjMXBLV1c5YVdFODBRMk5CYVhSa2IwVmlkbmxPZUhWblNURTJhMk5WVWs1aE5tazNYekE9IiwidHJhZGVOb3RlIjoiIn0sImlzQ3JlYXRlT3JkZXIiOnRydWUsIm1lcmNoYW50SWQiOjE3MDcyODU4NDAzMjYxMjc2MTcsInBheVR5cGUiOjEwMiwicmV0dXJuVXJsIjoiIiwidXNlckluZm9OYW1lIjoiIiwidXNlckluZm9ObyI6IiIsInVzZXJJbmZvVHlwZSI6IiIsInZlcnNpb24iOiIifQ==&pm=W3siY3VycmVuY3lUeXBlIjoiU09MIiwicGF5VHlwZXMiOlt7ImNvZGUiOjEwMiwidmFsdWUiOiJCQU5LIn0seyJjb2RlIjoxMTgsInZhbHVlIjoiZ2VuIn1dfSx7ImN1cnJlbmN5VHlwZSI6Ik1YTiIsInBheVR5cGVzIjpbeyJjb2RlIjoxMDIsInZhbHVlIjoiQkFOSyJ9LHsiY29kZSI6MTEwLCJ2YWx1ZSI6Ik9YWE8ifSx7ImNvZGUiOjExMSwidmFsdWUiOiJDYXNoIn1dfSx7ImN1cnJlbmN5VHlwZSI6Ik5HTiIsInBheVR5cGVzIjpbeyJjb2RlIjoxMDIsInZhbHVlIjoiQkFOSyJ9LHsiY29kZSI6MTA3LCJ2YWx1ZSI6IkNoYXJnZSJ9XX0seyJjdXJyZW5jeVR5cGUiOiJJRFIiLCJwYXlUeXBlcyI6W3siY29kZSI6MTAyLCJ2YWx1ZSI6IkJBTksifSx7ImNvZGUiOjEwNCwidmFsdWUiOiJWaXJ0dWFsIEFjY291bnRzIn0seyJjb2RlIjoxMDUsInZhbHVlIjoiUVJJUyJ9LHsiY29kZSI6MTA2LCJ2YWx1ZSI6IkVXYWxsZXQifV19LHsiY3VycmVuY3lUeXBlIjoiS0VTIiwicGF5VHlwZXMiOlt7ImNvZGUiOjEwNywidmFsdWUiOiJDaGFyZ2UifV19LHsiY3VycmVuY3lUeXBlIjoiSU5SIiwicGF5VHlwZXMiOlt7ImNvZGUiOjEwMiwidmFsdWUiOiJCQU5LIn1dfSx7ImN1cnJlbmN5VHlwZSI6IkJSTCIsInBheVR5cGVzIjpbeyJjb2RlIjoxMDEsInZhbHVlIjoiUElYIn0seyJjb2RlIjoxMDMsInZhbHVlIjoiUElYX0RZTkFNSUMifSx7ImNvZGUiOjEwOSwidmFsdWUiOiJCb2xldG8ifV19LHsiY3VycmVuY3lUeXBlIjoiVk5EIiwicGF5VHlwZXMiOlt7ImNvZGUiOjExMywidmFsdWUiOiJCYW5rU2NhbkNvZGUifSx7ImNvZGUiOjExNCwidmFsdWUiOiJCYW5rQ2FyZFRvQ2FyZFRyYW5zZmVyIn0seyJjb2RlIjoxMTUsInZhbHVlIjoiTU9NTyJ9LHsiY29kZSI6MTE2LCJ2YWx1ZSI6IlphbG9QYXkifSx7ImNvZGUiOjExNywidmFsdWUiOiJWaWV0dGVsTW9uZXkifSx7ImNvZGUiOjEwMiwidmFsdWUiOiJCQU5LIn1dfV0=",
"currency": "SOL",
"currencyOrderVo": {
"orderId": "OCURRPAID202404150720041713165604595DEV001OO0000000400014897",
"externalOrderId": "12355555555",
"currency": "SOL",
"amount": "100",
"tradeNote": ""
}
}
}
Response parameter description
| Param | Type | Desc |
|---|---|---|
| cashierUrl | String | cashier link |
| currency | String | currency code |
| amount | String | Receipt amount |
| externalOrderId | String | Merchant order ID |
| orderId | String | System order ID |
| tradeNote | String | Note |
# 5.3 Create a new transfer order
request method
post
Request URL
/api/v3/peru/createTransferOrder
Request type
Header: { 'Content-Type': 'application/json;charset=utf-8'}
request header
| Param | Desc | Sample |
|---|---|---|
| access_key | Acquisition from merchant background | pFqV75X3 |
| timestamp | Unix timestamp 13 digits milliseconds | 1679724896223 |
| nonce | UUID V4 | 794c26b0-d33c-4394-b2bb-c485eca16d9e |
| sign | Calculated signature | kAXyh+eerqrefyaF8dyFB0M4FVo= |
request parameters
{
"currencyAmount":"100",
"channelType":"BANK",
"externalOrderId":"13133133131",
"accountNo":"13123123",
"accountType":"DNI",
"userInfoNo":"1231231",
"userInfoName":"jason",
"userInfoType":"AHORRO",
"accountName":"Interbank",
"notifyUrl":"https://platform.hambit.co/#/home/dashboard",
"remark":"test"
}
Description of request parameters
| Param | Desc | Sample | Require |
|---|---|---|---|
| currencyAmount | Payment amount (String) | 100 | required |
| channelType | Payment type oneof=BANK (String) | BANK | required |
| externalOrderId | Merchant order ID max=64 (String) | 13133133131 | required |
| accountNo | Recipient account (String) | 13133133131 | required |
| accountType | Recipient ID Type (String) DNI RUC CE PA | DNI Choose one of the four parameters based on the actual situation | required |
| userInfoNo | Recipient ID Number (String) | 1231231 | required |
| userInfoName | Name of payee (String) | jason | required |
| userInfoType | Recipient account type (String) AHORRO CORRIENTE | AHORRO Choose one of the two parameters based on the actual situation | required |
| accountName | Recipient's Bank Name (String) | Interbank | required |
| remark | Remark max=255 (String) | test | optional |
| notifyUrl | Notification URL (String) | https://platform.hambit.co/#/home/dashboard | optional |
response type
Header: { 'Content-Type': 'application/json;charset=utf-8'}
response data
{
"code": "200",
"success": true,
"msg": "成功",
"msgEn": "SUCCESS",
"data": {
"orderId": "OCURRDRAW202307180246581689648418963DOCKER020000000200000244",
"orderStatus": "Accepted",
"externalOrderId": "877602573592250180",
"currencyType": "SOL"
}
}
Response parameter description
| Param | Type | Desc |
|---|---|---|
| currencyType | String | Fiat currency type |
| externalOrderId | String | merchant order id |
| orderId | String | System order ID |
| orderStatus | String | order status |
# 5.4 Query Collection Orders
request method
post
Request URL
/api/v3/peru/query/collectingOrder
Request type
Header: { 'Content-Type': 'application/json;charset=utf-8'}
request header
| Param | Desc | Sample |
|---|---|---|
| access_key | Acquisition from merchant background | pFqV75X3 |
| timestamp | Unix timestamp 13 digits milliseconds | 1679724896223 |
| nonce | UUID V4 | 794c26b0-d33c-4394-b2bb-c485eca16d9e |
| sign | Calculated signature | kAXyh+eerqrefyaF8dyFB0M4FVo= |
request parameters
{
"externalOrderId":"12355555555",
"orderId":"OCURRPAID202404150720041713165604595DEV001OO0000000400014897"
}
Description of request parameters
| Param | Desc | Require | | --------------- | --------------------------- | ----- --- | | externalOrderId | Merchant order number max=64 (String) | required | | orderId | system order number (String) | required |
response type
Header: { 'Content-Type': 'application/json;charset=utf-8'}
response data
{
"code": "200",
"success": true,
"msg": "成功",
"msgEn": "SUCCESS",
"data": [
{
"orderId": "OCURRPAID202404150720041713165604595DEV001OO0000000400014897",
"cashierId": "OCURRPAID202404150720041713165604333DEV001OO0000000200014896",
"orderType": 1,
"orderResourceType": 2,
"userId": "1707285840326127617",
"orderStatus": 1,
"orderTime": 1713165605000,
"channelOrderId": "02024041501200507400554",
"externalOrderId": "12355555555",
"orderAmount": "100",
"orderActualAmount": null,
"orderFee": null,
"orderPayTime": null,
"currencyType": "SOL",
"payType": 102,
"tradeNote": "",
"notifyUrl": "https://platform.hambit.co/#/home/dashboard",
"markStatus": 0,
"errorMsg": null,
"errorMsgEn": null,
"accountType": "",
"accountName": "",
"accountNo": "",
"orderTypeCode": "Pay",
"orderResourceTypeCode": "Currency",
"orderStatusCode": "Accepted",
"payTypeCode": "BANK"
}
]
}
Response parameter description
| Param | Type | Desc |
|---|---|---|
| orderId | String | order ID |
| cashierId | String | Cashier ID |
| orderType | int64 | order type 1- pending payment 2- payment successful |
| orderResourceType | int64 | The business type of the order |
| userId | String | user ID |
| orderStatus | int64 | order status |
| orderTime | int64 | order initiation time |
| channelOrderId | String | The order ID of the channel associated with the order |
| externalOrderId | String | Merchant order ID |
| orderAmount | String | order amount |
| orderActualAmount | String | actual order amount |
| orderFee | int64 | order fee |
| orderPayTime | int64 | order payment time |
| currencyType | String | currency type |
| payType | int64 | payment type 102:BANK 202:BANK |
| tradeNote | String | Note |
| notifyUrl | String | callback URL |
| markStatus | int64 | mark status |
| errorMsg | String | error message |
| errorMsgEn | String | error message en |
| accountType | String | account type |
| accountName | String | account name |
| accountNo | String | account number |
| orderTypeCode | String | order type code |
| orderResourceTypeCode | String | The business type code of the order |
| orderStatusCode | String | orderStatusc Description |
| payTypaCode | String | payment type code reference payType |
# 5.5 Query transfer orders
request method
post
Request URL
/api/v3/peru/query/transferOrder
Request type
Header: { 'Content-Type': 'application/json;charset=utf-8'}
request header
| Param | Desc | Sample |
|---|---|---|
| access_key | Acquisition from merchant background | pFqV75X3 |
| timestamp | Unix timestamp 13 digits milliseconds | 1679724896223 |
| nonce | UUID V4 | 794c26b0-d33c-4394-b2bb-c485eca16d9e |
| sign | Calculated signature | kAXyh+eerqrefyaF8dyFB0M4FVo= |
request parameters
{
"externalOrderId":"1313313312331",
"orderId":"OCURRDRAW202404151011491713175909727DEV001OO0000000200014916"
}
Description of request parameters
| Param | Desc | Require | | --------------- | --------------------------- | ----- --- | | externalOrderId | Merchant order number max=64 (String) | required | | orderId | system order number (String) | required |
response type
Header: { 'Content-Type': 'application/json;charset=utf-8'}
response data
{
"code": "200",
"success": true,
"msg": "成功",
"msgEn": "SUCCESS",
"data": [
{
"orderId": "OCURRDRAW202404151011491713175909727DEV001OO0000000200014916",
"cashierId": "",
"orderType": 2,
"orderResourceType": 2,
"userId": "1707285840326127617",
"orderStatus": 1,
"orderTime": 1713175910000,
"channelOrderId": "",
"externalOrderId": "1313313312331",
"orderAmount": "1",
"orderActualAmount": "4.04",
"orderFee": "3.04",
"orderPayTime": null,
"currencyType": "SOL",
"payType": 202,
"tradeNote": "",
"notifyUrl": "https://platform.hambit.co/#/home/dashboard",
"markStatus": 0,
"errorMsg": null,
"errorMsgEn": null,
"accountType": "",
"accountName": "Interbank",
"accountNo": "36503451364073",
"orderTypeCode": "Transfer",
"orderResourceTypeCode": "Currency",
"orderStatusCode": "Accepted",
"payTypeCode": "BANK"
}
]
}
Response parameter description
| Param | Type | Desc |
|---|---|---|
| orderId | String | order ID |
| cashierId | String | Cashier ID |
| orderType | int64 | order type |
| orderResourceType | int64 | The business type of the order |
| userId | String | user ID |
| orderStatus | int64 | order status 1-accepted 2-bank processing 4-Failed(Bank rejection) 8-success 16-Failed |
| orderTime | int64 | order initiation time |
| channelOrderId | String | The order ID of the channel associated with the order |
| externalOrderId | String | Merchant order ID |
| orderAmount | String | order amount |
| orderActualAmount | String | actual order amount |
| orderFee | int64 | order handling fee |
| orderPayTime | int64 | order payment time |
| currencyType | String | currency type |
| payType | int64 | payment type 102:BANK 202:BANK |
| tradeNote | String | Note |
| notifyUrl | String | callback URL |
| markStatus | int64 | mark status |
| errorMsg | String | error message |
| errorMsgEn | String | error message en |
| accountType | String | account type |
| accountName | String | account name |
| accountNo | String | account number |
| orderTypeCode | String | order type code |
| orderResourceTypeCode | String | The business type code of the order |
| orderStatusCode | String | orderStatus description |
| payTypeCode | String | payment type code reference payType |
# 5.6 Query balance
request method
Get
Request URL
/api/v3/peru/query/balance
request type
Header: { 'Content-Type': 'application/json;charset=utf-8'}
request header
| Param | Desc | Sample |
|---|---|---|
| access_key | Merchant background acquisition | pFqV75X3 |
| timestamp | Unix timestamp 13 digit milliseconds | 1679724896223 |
| nonce | UUID V4 | 794c26b0-d33c-4394-b2bb-c485eca16d9e |
| sign | computed signature | kAXyh+eerqrefyaF8dyFB0M4FVo= |
response type
Header: { 'Content-Type': 'application/json;charset=utf-8'}
response data
{
"code": "200",
"success": true,
"msg": "成功",
"msgEn": "SUCCESS",
"data": [
{
"accountBalance": "0",
"accountFreezeAmount": "0",
"accountStatusId": 4,
"accountWaitSettledAmount": "0",
"currencyType": "SOL",
"accountStatus": "InAndOut"
}
]
}
Response parameter description
| Param | type | Desc |
|---|---|---|
| accountBalance | String | Account Available Balance |
| accountFreezeAmount | String | Account frozen amount |
| accountStatusId | int64 | account status id |
| accountWaitSettledAmount | String | Amount to be transferred from the account |
| currencyType | String | Fiat currency type |
| accountStatus | String | Account Status |
# 5.7 Query Bank
request method
POST
Request URL
/api/v3/peru/query/bank
Request type
Header: { 'Content-Type': 'application/json;charset=utf-8'}
request header
| Param | Desc | Sample |
|---|---|---|
| access_key | Acquisition from merchant background | pFqV75X3 |
| timestamp | Unix timestamp 13 digits milliseconds | 1679724896223 |
| nonce | UUID V4 | 794c26b0-d33c-4394-b2bb-c485eca16d9e |
| sign | Calculated signature | kAXyh+eerqrefyaF8dyFB0M4FVo= |
request parameters
{"bankName": "BBVA Continental"}
If you need to query all bank values, pass an empty string, as follows:
{"bankName": ""}
Description of request parameters
| Param | Desc | Require |
|---|---|---|
| bankName | bank name (String) | required |
response type
Header: { 'Content-Type': 'application/json;charset=utf-8'}
response data
{
"code": "200",
"success": true,
"msg": "成功",
"msgEn": "SUCCESS",
"data": [
{
"bankName": "BBVA Continental",
"bankCode": "BBVA",
"currencyType": "SOL"
}
]
}
Response parameter description
| Param | Type | Desc |
|---|---|---|
| bankName | String | bank name |
| bankCode | String | bank code |
| currencyType | String | currency type |
# 5.8 Bank List (Bank List for reference only, please refer to the query bank interface to return the data bill of lading)
| BankName |
|---|
| BBVA Continental |
| Interbank |
| BCP Banco de Credito de Peru |
| Scotiabank |
| Banco Falabella |
| BanBif |
| Banco Santander |
| Mi Banco |
| Banco de Comercio |
| Banco Financiero |
| Banco GNB |
| Citibank |
| Banco de la Nacion |
| CMAC Trujillo |
| CMAC Arequipa |
| CMAC Piura |
| CMAC Sullana |
| CMAC Cusco |
| CMAC Huancayo |
| Caja Metropolitana |
| Banco de Credito |
# 6. Callback information
# 6.1 How to call back the interface for signature verification
# Signature Verification Instructions
API requests are likely to be tampered with during transmission over the internet. In order to ensure that the callback has not been changed, you can set the callback parameter signature authentication. The setting method is: log in to the cashier -> developer center -> callback address -> add.
# Signature Verification Steps
The overall process is roughly the same as the signature, but the data used for signature verification is different. The signature is to construct the data by itself, and the signature is to obtain the data (header, json)
Take out the sign value in the header;
Define a Map dictionary type object, put the json parameters in the request in the form of key-value
Take out the access_key, timestamp, and nonce in the header and put them into the Map defined in the previous step
Sort the keys in the Map according to the ASCII code from small to large (lexicographic order) and convert the Map into a string in the form of "key1=value1&key2=value2";
Use the secret_key to encrypt the character string converted in the previous step with HMAC_SHA1 and perform Base64 transcoding to obtain the signed signature value and the sign extracted from the header in the first step for string verification. If they match, the signature verification will pass, otherwise, the signature verification will fail. . The secret_key here needs to match the access_key when placing an order.
# 6.2 Payment callback
callback data
{
"currencyType": "SOL",
"errorMsg": "",
"errorMsgEn": "",
"externalOrderId": "25334044",
"markStatus": 0,
"orderActualAmount": 100.000000,
"orderAmount": 100.000000,
"orderFee": 10.000000,
"orderId": "OCURRPAID202307140206491689300409258DOCKER020000000400000109",
"orderPayTime": 1689300518000,
"orderStatus": "Payment success",
"orderStatusCode": 2,
"orderTime": 1689300409000,
"payParam": "https://hambitpay.h5.cashfastpay.com/payment/20230714020650887175049479?amount=100¤cy=PEN",
"payType": 102,
"payTypeName": "BANK",
"tradeNote": "wsx12312"
}
Callback data description
| Param | Type | Desc |
|---|---|---|
| currencyType | String | Fiat currency type |
| errorMsg | String | error message |
| errorMsgEn | String | error message en |
| externalOrderId | String | Merchant order ID |
| markStatus | int64 | mark status |
| orderActualAmount | float64 | The actual payment amount of the order |
| orderAmount | float64 | order creation amount |
| orderFee | float64 | handling fee |
| orderId | String | order ID |
| orderPayTime | int64 | order payment time |
| orderStatus | String | orderStatusCode Description |
| orderStatusCode | int64 | order status code 1- pending payment 2- payment successful |
| orderTime | int64 | order creation time |
| payParam | String | payment type |
| pay Ttype | int64 | payment type 101-PIX 201-PIX 102-BANK 202-BANK |
| payTypeName | String | payment type name |
| tradeNote | String | Note |
Merchants can log in to the backstage of the merchant at any time to manually trigger callbacks (manual callbacks are not recommended for non-final orders), and the order status and other related information in the callback information is the real actual status (please pay attention to the order status for manual callbacks, If the status of the manual callback order is not final, the platform will still initiate a notification when the order becomes final, please pay attention to the redundant processing at the business level)
# 6.3 transfer callback
callback data
{
"currencyType": "SOL",
"accountCode": "40012",
"accountName": "BBVA MEXICO",
"orderId": "OCURRDRAW202307171006541689588414537BMS001OO0000000200000694",
"accountType": "3",
"orderFee": "3",
"orderStatus": "In bank processing",
"externalOrderId": "79159948",
"payTypeName": "BANK",
"orderAmount": "40",
"orderTime": 1689588415000,
"payType": 202,
"userInfoName": "Abraham Meza Aragon",
"accountNo": "4152314092856502",
"orderStatusCode": 2,
"markStatus": 0
}
Callback data description
| Param | Type | Desc |
|---|---|---|
| currencyType | String | currency type |
| accountCode | String | account code |
| accountName | String | account name |
| orderId | String | order ID |
| accountType | String | account type |
| orderFee | String | Order Fee |
| orderStatus | String | orderStatusCode description |
| externalOrderId | int64 | Merchant order ID |
| payTypeName | float64 | payment type name |
| orderAmount | float64 | order creation amount |
| orderTime | String | order creation time |
| orderPayTime | int64 | Order payment time |
| orderTime | int64 | order creation time |
| payType | int64 | Payment type |
| userInfoName | String | username |
| accountNo | String | account number |
| orderStatusCode | String | Order Status Code 1-accepted 2-bank processing 4-Failed(Bank rejection) 8-success 16-Failed |
| markStatus | String | User credential type |
Merchants can log in to the backend of the merchant at any time to manually trigger a callback (it is not recommended to initiate a manual callback if the order is not in the final state). The status of the callback order is not final, and the platform will still initiate a notification when the order becomes final, please pay attention to the redundant processing at the business level)
# 6.4 Callback response
Remarks: All callbacks include signature information. It is recommended that merchants do a callback signature verification. After receiving the callback information, the merchant will confirm the final status of the order. Please respond to the website
Regarding the following information (content-type: application/json), if there is no normal response from the server, it will be within 30 minutes, with a total of 2 every three minutes
Notice
{"code":200,"success":true}
# 6.5 Callback Notification URL
*** Log in to the backstage of the merchant to configure the unified callback address (manually specify the callback UR address in the order, which has a higher priority than the uniformly configured callback address. For example, if the notifyUrl parameter is specified in the order, it will be used regardless of whether there is a unified configuration of the callback notification address. notifyUrl address in the order)***
Note that the http response status_code has the highest priority, as long as the response status_code=200 is received, the response data will be ignored
# 7. Public response code
| filed | Type | Default value and comment |
|---|---|---|
| code | String | Success "200" For others, please refer to failure code |
| success | Bool | success true, failure false, and code to keep the meaning of synchronization |
| msg | String | The textual description returned by the first-level code |
| data | Object | Reference interface list chapter |
# 8. Failure code
| Code | Desc |
|---|---|
| 200 | Normal |
| 300 | Parameter exception |
| 301 | IP Unauthorized |
| 307 | Signature error |
| 500 | System Error |