> ## Documentation Index
> Fetch the complete documentation index at: https://docs.singapay.id/llms.txt
> Use this file to discover all available pages before exploring further.

# Inquiry Merchant

> Decodes the provided MPM `qr_data`. If merchant information (tag 26) is absent, the endpoint will query the configured issuer vendor (for example ALTO) to resolve merchant/payment criteria. See `Response Code` for the full SP000–SP020 reference.



## OpenAPI

````yaml https://payment-b2b.singapay.id/api/docs/merchant-api.json post /api/v2.0/qris/issuer/mpm/inquiry-merchant
openapi: 3.1.0
info:
  title: Singa Merchant API
  description: >-
    OpenAPI specification for the merchant/partner HTTP API. All routes below
    are additionally protected by `ip.whitelisted.merchant` — the caller IP must
    be registered for the credential or merchant. Obtain a JWT using `POST
    /api/v1.0/access-token/b2b` (Basic auth) or `POST
    /api/v1.1/access-token/b2b` (X-Signature) before calling secured endpoints.
  version: 1.0.0
servers:
  - url: https://sandbox-payment-b2b.singapay.id
    description: >-
      API host. Paths include `/api` prefix (see `RouteServiceProvider`).
      Replace scheme/host with your environment.
security: []
tags:
  - name: Security
    description: >-
      Merchant authentication (`OauthMerchantTokenController`). **v1.1** B2B
      token uses `X-CLIENT-ID`, `X-PARTNER-ID`, and `X-Signature` (no Basic
      auth). Secured routes also require the issued Bearer JWT plus
      `X-PARTNER-ID`.
  - name: Accounts
    description: >-
      Account management (`routes/merchantApiRoute.php`, `v1.0`). Path parameter
      `{id}` is always the account ULID.
  - name: Balance Inquiry
    description: >-
      Merchant and per-account balance inquiry (`BalanceController`, `v1.0`).
      Path `account_id` is the account ULID.
  - name: Statements
    description: >-
      Per-account statement list and detail
      (`AccountController::accountStatements`, `accountStatementDetail`, prefix
      `v1.0/statements`). Flugger responses; detail path param `{statement_id}`
      maps to `statements.transaction_id`.
  - name: Payment Link
    description: >-
      Payment link CRUD and payment-method catalog (`PaymentLinkApiController`,
      prefix `v1.0/payment-link-manage`). `account_id` is ULID;
      `payment_link_id` is numeric `payment_links.id`.
  - name: Payment Link History
    description: >-
      Payment link transaction/history listing and detail
      (`PaymentLinkApiController`, prefix `v1.0/payment-link-histories`).
      `history_id` is numeric `payment_link_histories.id`.
  - name: Virtual Account
    description: >-
      Native VA CRUD (`VirtualAccountController`, prefix
      `v1.0/virtual-accounts`). `account_id` and `virtual_account_id` are ULIDs.
  - name: VA Transaction
    description: >-
      VA money-in transaction listing and detail (`VirtualAccountController`,
      prefix `v1.0/va-transactions`).
  - name: QRIS (Money In)
    description: >-
      MPM dynamic QRIS list, show, and generate (`QrisMpmDynamicApiController`,
      prefix `v1.0/qris-dynamic`).
  - name: QRIS (Money Out)
    description: >-
      Issuer MPM decode/inquiry, payment credit (money out), and transaction
      status (`QrisIssuerMpmController`, `QrisApiV2Controller::checkStatus`,
      prefix `v2.0/qris`). Related list/detail: `GET
      /api/v2.0/qris/transaction/...`.
  - name: E-Wallet (Money In)
    description: >-
      E-Wallet Native checkout and transactions (`EwalletNativeApiController`,
      `EwalletNativeTransactionApiController`, `EwalletNativeV2ApiController`).
      Paths include `v1.0/ewallet-native`, `v1.0/ewallet-native-transactions`,
      and `v2.0/ewallet-native`.
  - name: E-Wallet (Money Out)
    description: >-
      E-wallet disbursement / top-up to beneficiary wallets
      (`EWalletTopUpController`, prefix `v2.0/ewallet`). Responses use the
      custom **`MerchantV2ApiEnvelope`** with **`MerchantV2ResponseCode`**
      (SP000–SP020).
  - name: Card (Money In)
    description: >-
      One-time card payment, cancel, and inquiry
      (`CardPaymentMerchantApiController`, prefix `v2.0/card`).
  - name: Subscription (Recurring)
    description: >-
      Credit-card recurring subscription plans (`SubscriptionPlanApiController`,
      prefix `v2.0/recurring`). Plan `{id}` is UUID (`sub_plans.id`).
  - name: Direct Debit
    description: >-
      Direct Debit — bind a customer bank account once via hosted webview, then
      charge it host-to-host (`DirectDebitMerchantController`, prefix
      `v2.0/direct-debit`). Binding `{binding_id}` and transaction
      `{transaction_id}` are UUIDs. Responses use the
      **`MerchantV2ApiEnvelope`** with both standard SP000–SP020 codes and
      Direct-Debit-specific codes (`SP_DD_*`). The `/charge` endpoint is
      additionally protected by **`X-Signature`** + **`X-Timestamp`**
      (`verify.signature-internal`); see operation parameters for the signing
      scheme.
  - name: Account Transfer
    description: >-
      Move funds between sub-accounts within the same merchant
      (`AnotherAccountApiController`, prefix `v1.0/account-transfer`). The
      transfer endpoint requires request signature headers
      (`verify.signature-internal`). Both accounts must belong to the
      authenticated merchant and be accessible to the credential.
  - name: Disbursement (Money Out)
    description: >-
      Bank disbursement (`DisbursementController` **v1.0**,
      `DisbursementV2Controller` **v2.0**). **v1.0**
      list/show/fee/beneficiary/transfer use Flugg envelopes; v1 inquiry-status
      uses the **custom v2 envelope** (`MerchantV2ApiEnvelope`, codes
      **SP000–SP020**). **v2.0** check-beneficiary, transfer, and inquiry-status
      use the same custom envelope — see component schema
      **`MerchantV2ResponseCode`** for the full response code table.
  - name: Cardless Withdrawal
    description: >-
      Cardless withdrawal API for initiating ATM cash withdrawals without a
      physical card. Supports creating withdrawals with OTP generation, listing
      transaction history, viewing transaction details, canceling pending
      withdrawals, and deleting canceled records. All endpoints use the
      `v1.0/cardless-withdrawals` route prefix and the standard success/error
      response envelope. Path parameter `{id}` refers to the `transaction_id`
      (platform-assigned business identifier).
paths:
  /api/v2.0/qris/issuer/mpm/inquiry-merchant:
    post:
      tags:
        - QRIS (Money Out)
      summary: Inquiry Merchant
      description: >-
        Decodes the provided MPM `qr_data`. If merchant information (tag 26) is
        absent, the endpoint will query the configured issuer vendor (for
        example ALTO) to resolve merchant/payment criteria. See `Response Code`
        for the full SP000–SP020 reference.
      operationId: qrisIssuerMpmInquiryMerchant
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/QrisIssuerMpmInquiryMerchantRequest'
      responses:
        '200':
          description: >-
            Success — `data` contains the decoded QRIS payload or
            vendor-resolved merchant metadata
            (`QrisIssuerMpmDecodedMerchantData`).
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/QrisMoneyOutSuccessInquiryMerchantEnvelope
        '500':
          description: Internal server or vendor integration error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QrisMoneyOutInternalServerErrorEnvelope'
        '504':
          description: >-
            Gateway timeout — issuer vendor did not respond within the expected
            timeframe. `data` may be null or contain partial information if
            available.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QrisMoneyOutTimeoutEnvelope'
      security:
        - BearerAuth: []
          PartnerId: []
components:
  schemas:
    QrisIssuerMpmInquiryMerchantRequest:
      required:
        - qr_data
      properties:
        qr_data:
          description: Raw QRIS MPM payload string to decode.
          type: string
          maxLength: 500
          example: 00020101021226620015ID.SINGAPAY.WWW0118936012070412260002...
      type: object
    QrisMoneyOutSuccessInquiryMerchantEnvelope:
      description: >-
        API response envelope for successful QRIS money-out status inquiries.
        Conforms to the standard `MerchantV2ApiEnvelope` structure, with `data`
        containing a `QrisMoneyOutTransactionData` object representing the
        current state of the transaction.
      properties:
        response_code:
          description: >-
            Response code (see Response Code appendix) indicating the result of
            the inquiry. For successful inquiries, this is typically a code such
            as "00" or "SP000".
          type: string
          example: SP000
        response_message:
          description: >-
            Human-readable message providing additional context about the
            response.
          type: string
          example: Successful
        data:
          $ref: '#/components/schemas/QrisMoneyOutInquiryMerchantData'
      type: object
    QrisMoneyOutInternalServerErrorEnvelope:
      description: >-
        API response envelope for failed QRIS money-out status inquiries.
        Conforms to the standard `MerchantV2ApiEnvelope` structure, with `data`
        optionally containing a `QrisMoneyOutTransactionData` object if
        transaction information is available, or null if not.
      properties:
        response_code:
          description: >-
            Response code (see Response Code appendix) indicating the reason for
            the failure. Common codes include "SP001" for transaction not found,
            "SP002" for access denied, etc.
          type: string
          example: SP002
        response_message:
          description: >-
            Human-readable message providing additional context about the
            failure.
          type: string
          example: Internal Server Error
        data:
          description: >-
            Transaction data if available, or null if the transaction could not
            be found or accessed.
          properties:
            reference_number:
              description: The reference number of the transaction.
              type: string
              example: INV-20231130-001
            type:
              description: The type of the transaction (e.g. mpm-static, mpm-dynamic).
              type: string
              example: mpm-dynamic
            scope:
              description: The scope of the transaction (e.g. issuer, acquirer).
              type: string
              example: issuer
          type:
            - object
            - 'null'
      type: object
    QrisMoneyOutTimeoutEnvelope:
      description: >-
        API response envelope for failed QRIS money-out status inquiries.
        Conforms to the standard `MerchantV2ApiEnvelope` structure, with `data`
        optionally containing a `QrisMoneyOutTransactionData` object if
        transaction information is available, or null if not.
      properties:
        response_code:
          description: >-
            Response code (see Response Code appendix) indicating the reason for
            the failure. Common codes include "SP001" for transaction not found,
            "SP002" for access denied, etc.
          type: string
          example: SP005
        response_message:
          description: >-
            Human-readable message providing additional context about the
            failure.
          type: string
          example: Timeout
        data:
          description: >-
            Transaction data if available, or null if the transaction could not
            be found or accessed.
          properties:
            reference_number:
              description: The reference number of the transaction.
              type: string
              example: INV-20231130-001
            type:
              description: The type of the transaction (e.g. mpm-static, mpm-dynamic).
              type: string
              example: mpm-dynamic
            scope:
              description: The scope of the transaction (e.g. issuer, acquirer).
              type: string
              example: issuer
          type:
            - object
            - 'null'
      type: object
    QrisMoneyOutInquiryMerchantData:
      description: >-
        Decoded merchant information from MPM QR data or vendor resolution.
        Contains fields commonly found in tag 26 of QRIS payloads, as well as
        any additional metadata resolved from the issuer vendor.
      properties:
        payload_format_indicator:
          description: Format version of payload indicator.
          type: string
          example: '01'
        point_of_initiation_method:
          description: >-
            Indicates whether the QR code is static (not for single use) or
            dynamic (one-time use).
          type: string
          example: DYNAMIC
        merchant_information_26:
          description: Merchant information block (tag 26) if present in the QR data.
          properties:
            global_unique_identifier:
              description: Global unique identifier for the merchant.
              type: string
              example: ID.SINGAPAY.WWW
            merchant_pan:
              description: Primary account number (PAN) of the merchant.
              type: string
              example: '1234567890123456'
            merchant_id:
              description: >-
                Merchant identifier within the global unique identifier
                namespace.
              type: string
              example: '1234567890'
            merchant_criteria:
              description: Additional criteria or sub-identifiers for the merchant.
              type: string
              example: UMI
          type: object
        merchant_information_51:
          description: Merchant information block (tag 51) if present in the QR data.
          properties:
            global_unique_identifier:
              description: Global unique identifier for the merchant.
              type: string
              example: ID.SINGAPAY.WWW
            merchant_id:
              description: >-
                Merchant identifier within the global unique identifier
                namespace.
              type: string
              example: '1234567890'
            merchant_criteria:
              description: Additional criteria or sub-identifiers for the merchant.
              type: string
              example: UMI
          type: object
        mcc:
          description: Merchant category code (MCC) if present.
          type: string
          example: '5812'
        transaction_currency:
          description: Currency code for the transaction if specified in the QR data.
          type: string
          example: RUPIAH
        transaction_amount:
          description: Transaction amount specified in the QR data, as a decimal string.
          type: string
          example: '100000.00'
        country_code:
          description: ISO 3166-1 alpha-2 country code if specified in the QR data.
          type: string
          example: ID
        merchant_name:
          description: Merchant name if specified in the QR data.
          type: string
          example: Toko ABC
        merchant_city:
          description: Merchant city if specified in the QR data.
          type: string
          example: Jakarta
        merchant_postal_code:
          description: Merchant postal code if specified in the QR data.
          type: string
          example: '12345'
        additional_data:
          description: >-
            Any additional merchant metadata resolved from the issuer vendor or
            decoded from the QR data that is not part of the standard tags. This
            can include vendor-specific fields or enriched data.
          properties:
            reference_label:
              description: Additional reference label or identifier provided by the vendor.
              type: string
              example: REF1234567890
            terminal_label:
              description: Terminal identifier or label provided by the vendor.
              type: string
              example: C01
            purpose_of_transaction:
              description: >-
                Description of the purpose of the transaction if provided by the
                vendor.
              type: string
              example: B4U5bV
          type: object
        crc:
          description: CRC or checksum value from the QR data if present.
          type: string
          example: '4535'
      type: object
  securitySchemes:
    BearerAuth:
      type: http
      description: >-
        JWT issued by `POST /api/v1.1/access-token/b2b`. Send `Authorization:
        Bearer <token>`.
      bearerFormat: JWT
      scheme: bearer
    PartnerId:
      type: apiKey
      description: Merchant API key (`Credential.api_key`). Required on every request.
      name: X-PARTNER-ID
      in: header

````