Skip to main content
Money In Operation — Funds are transferred from the customer’s card to your SingaPay Payment Gateway account.

API Overview

API Version

v2.0

Base Path

/api/v2.0/card

Authentication

Bearer Token (JWT, OAuth 2.0 client credentials)

Content-Type

application/json

Authentication

Merchants must obtain a JWT access token before calling Card endpoints. See Authentication for token requests, required headers, and IP whitelist setup.

Base URL

EnvironmentBase URL
Productionhttps://{your-domain}/api/v2.0/card
Staging / Localhttps://{your-domain}/api/v2.0/card

Card Payment Flow


Transaction Status Lifecycle

1

pending

Awaiting 3DS (includes internal pre-submission state).
2

processing

Payment submitted, awaiting final result.
3

success

Payment completed successfully.
4

failed

Payment failed (issuer declined or error).
5

cancelled

Voided — transaction was not captured.
6

refunded

Refunded after capture.

Path Parameters

ParameterDescription
{account_id}Merchant Account ULID — e.g. 01K5G4FZZ18DMK0M5QTR8Y9QY9
{id}Transaction ID (format: 99 + ULID, 28 chars) — e.g. 9901JAB3CD4E5F6G7H8J9K0

Available Endpoints

Payment (One-Time)

Process a one-time card payment (full or installment) in a single request with amount, customer info, and card data.

Cancel Transaction

Void or refund a transaction depending on its current status.

Inquiry Status

Check the latest transaction status and optionally update the local record.

Error Responses

HTTP Status Codes

CodeDescription
200Success
400Bad Request (validation or business rule error)
401Unauthorized (invalid or missing token)
404Account or resource not found
422Validation error
500Internal server error

Standard Error Format

All API responses follow the v2 format with response_code and response_message:
{
  "response_code": "SP001",
  "response_message": "Human-readable error message",
  "data": {
    "transaction_id": "9901JAB3CD4E5F6G7H8J9K0M1N2"
  }
}

Response Codes

CodeDescriptionHTTP Status
SP000Success200
SP001Transaction Failure (issuer declined)400
SP002General Failure (internal error)500
SP009Transaction Not Found404
SP012Bad Request (invalid status, validation)400
SP020Merchant Account Not Found404

Appendix

Installment Type Reference

ValueDescription
1Full payment
2Installment

Installment Month Options

ValueDescription
11 month
33 months
66 months
1212 months

Transaction ID Format

ChannelFormatExample
Card99 + ULID (28 chars)9901JAB3CD4E5F6G7H8J9K0M1N2
E-Wallet88 + ULID8801JAB3CD4E5F6G7H8J9K0M1N2
QRIS66 + ULID6601JAB3CD4E5F6G7H8J9K0M1N2

Important Notes

Card payments are processed in a single API call that includes amount, customer info, and card data together — no pre-registration step required.
When the issuing bank requires 3DS, the payment response includes a payment_url or html_form field. Render this for the customer to complete authentication before the transaction finalises.
Transactions can be voided (before capture) or refunded (after capture) using the Cancel endpoint. Both return status: "success" — use the cancel_type field to distinguish which occurred.
Merchant API routes require IP whitelisting. Ensure your server IP is registered under the merchant account before going live.
Supports full payment and installment options (1, 3, 6, or 12 months) via the installment and installment_month request parameters.

Changelog

DateDescription
2026-02-25Initial documentation
2026-02-25Transaction reference kept internal; removed from API responses
2026-02-25transaction_id format aligned with VA/E-Wallet (TransactionCode + ULID)
2026-02-26Migrated to v2 response format (response_code/response_message), added error logging
2026-02-26Refactored to single-step one-time payment; removed register-transaction; request uses card_number, card_expiry, card_cvv, card_holder_name