Skip to main content
POST
/
api
/
v2.0
/
qris
/
issuer
/
mpm
/
payment-credit
Trigger Payment Credit
curl --request POST \
  --url https://sandbox-payment-b2b.singapay.id/api/v2.0/qris/issuer/mpm/payment-credit \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'X-PARTNER-ID: <api-key>' \
  --header 'X-Signature: <x-signature>' \
  --header 'X-Timestamp: <x-timestamp>' \
  --data '
{
  "reference_number": "INV-20231130-001",
  "account_id": "01K946KF851RK7FX075GJHBVKF",
  "amount": 100000,
  "qr_data": "00020101021226620015ID.SINGAPAY.WWW0118936012070412260002...",
  "customer_name": "John Doe",
  "customer_email": "john.doe@example.com",
  "customer_phone": "081234567890",
  "customer_location": "Jakarta"
}
'
{
  "response_code": "SP000",
  "response_message": "Successful",
  "data": {
    "transaction_id": "112220251111135424691",
    "transaction_status": {
      "code": "03",
      "desc": "Pending"
    },
    "qr_data": "00020101021226620015ID.SINGAPAY.WWW0118936012070412260002021035224094080303UME51440014ID.CO.QRIS.WWW02153559174130477690303UME5204601153033605405110005802ID5903eos6005DEPOK6105746786221051017730486640703C0163044D76",
    "type": "mpm-dynamic",
    "scope": "issuer",
    "reference_number": "INV-20231130-001",
    "post_timestamp": "2023-11-30T12:34:56Z",
    "processed_timestamp": "2023-11-30T12:45:00Z",
    "balance_after": {
      "value": "100000.00",
      "currency": "IDR"
    },
    "net_amount": {
      "value": "95000.00",
      "currency": "IDR"
    },
    "fee": {
      "value": "5000.00",
      "currency": "IDR"
    },
    "gross_amount": {
      "value": "100000.00",
      "currency": "IDR"
    }
  }
}

Authorizations

Authorization
string
header
required

JWT issued by POST /api/v1.1/access-token/b2b. Send Authorization: Bearer <token>.

X-PARTNER-ID
string
header
required

Merchant API key (Credential.api_key). Required on every request.

Headers

X-Signature
string
required

HMAC-SHA512 hex signature, computed as HMAC_SHA512(clientSecret, "{HTTP_METHOD}:{REQUEST_URI}:{ACCESS_TOKEN}:{SHA256_HEX(MINIFIED_BODY)}:{X_TIMESTAMP}"). MINIFIED_BODY is the request body with object keys recursively sorted alphabetically and re-serialised with no whitespace (an empty/missing body hashes the empty string). ACCESS_TOKEN is the bearer token without the Bearer prefix. Missing header returns 422 (response_code=SP018); signature mismatch or unknown X-PARTNER-ID returns 401 (response_code=SP016).

X-Timestamp
string<date-time>
required

ISO-8601 timestamp of the request; used as part of the signed string. Missing header returns 422 (response_code=SP018).

Body

application/json
reference_number
string
required

Merchant idempotency key per account.

Maximum string length: 64
Example:

"INV-20231130-001"

account_id
string
required

Account ULID.

Maximum string length: 99
Example:

"01K946KF851RK7FX075GJHBVKF"

amount
number
required

Net amount to beneficiary side (IDR).

Required range: 1000 <= x <= 10000000
Example:

100000

qr_data
string
required
Maximum string length: 500
Example:

"00020101021226620015ID.SINGAPAY.WWW0118936012070412260002..."

customer_name
string
required
Maximum string length: 100
Example:

"John Doe"

customer_email
string | null
Maximum string length: 100
Example:

"john.doe@example.com"

customer_phone
string | null
Maximum string length: 50
Example:

"081234567890"

customer_location
string | null
Maximum string length: 100
Example:

"Jakarta"

Response

Request accepted. Transaction created and processing started asynchronously. data contains a QrisMoneyOutTransactionData snapshot (commonly status 03 — Pending).

API response envelope for successful QRIS money-out status inquiries. Conforms to the standard MerchantV2ApiEnvelope structure, with data containing a QrisMoneyOutTransactionData object representing the current state of the transaction.

response_code
string

Response code (see Response Code appendix) indicating the result of the inquiry. For successful inquiries, this is typically a code such as "00" or "SP000".

Example:

"SP000"

response_message
string

Human-readable message providing additional context about the response.

Example:

"Successful"

data
object

Inquiry status response data structure. Similar to QrisMoneyOutTransactionData but may be extended with additional fields relevant to status checks.