Before hit this API, QoinHub will call [Access Token API B2B] Merchant first. Merchant have to use QoinHub a partner id that will be used in request header as X-PARTNER-ID.


Access Token API B2B

Path[merchant_endpoint]/api/v1.0/access-token/b2b
HTTP MethodPOST
Versionv1.0
Service Code73

Request Header

Field NameField TypeMandatoryField Description
Content-typeStringMMedia type of the resource, i.e. application/json
X-TIMESTAMPStringMClient’s current local time in ISO-8601 format
X-SIGNATUREStringMCreated using asymmetric signature SHA256withRSA algorithm. Read here
X-CLIENT-KEYStringMClient’s client_id (given at the completion registration process)
Content-typeapplication/json
X-TIMESTAMP2025-07-06T14:12:50+07:00
X-SIGNATUREneGbHoFVY1d7EtG8Z6VBWwykvyqIkg
X-CLIENT-KEYQoinSnap

Request Body

Field NameField TypeMandatoryField Description
grantTypeStringMclient_credentials: The client can request an access token using only its client credentials
additionalInfoObjectOAdditional Information
{
    "grantType": "client_credentials",
    "additionalInfo": {}
}

Response Body

Field NameField TypeMandatoryField Description
accessTokenStringCA string representing an authorization issued to the client that used to access protected resources.

Will only be returned if API call is successful.
additionalInfoStringCAddtional Info.
expiresInStringCTime duration when the accessToken will expire. (default = 900 second).

Will only be returned if API call is successful.
responseCodeStringMError code to specify the error returned.
responseMessageStringMDebug message to provide more information.
tokenTypeStringCThe access token type provides the client with the information required to successfully utilize the access token to make a protected resource request.

Will only be returned if API call is successful.
{
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJhN2UzMmI3MC1hMWY2LTQyYmUtODM1NS1mZWU2MTAyODk3MjQiLCJjbGllbnRJZCI6IjIwMjAwMDIxNSIsIm5iZiI6MTcxOTQ3NjI3MywiZXhwIjoxNzE5NDc3MTczLCJpYXQiOjE3MTk0NzYyNzN9.uqvcrZaFnY2dmV16K9785xII_fby_uugeimUWJBvSYE",
  "additionalInfo": {},
  "expiresIn": "900",
  "responseCode": "2007300",
  "responseMessage": "Request has been processed successfullyRequest has been processed successfully",
  "tokenType": "Bearer"
}

List of Response Code

Response CodeHTTP Status CodeResponse Message
2007300200Success
4007302400Invalid Signature
5007300500Internal Server Error


Payment Notification QRIS


Path[merchant_endpoint]/api/v1.0/qr/qr-mpm-notify
HTTP MethodPOST
Versionv1.0
Service Code52

Request Header

Field NameField TypeMandatoryField Description
Content-TypeStringMMedia type of the resource, i.e. application/json
AuthorizationStringMRepresents access_token of a request; string starts with keyword “Bearer ” followed by access_token. Can get this from Access Token B2B API response. Read here
X-TIMESTAMPStringMClient’s current local time in ISO-8601 format
X-SIGNATUREStringMCreated using symmetric signature HMAC_SHA512 algorithm. Use Access Token B2B from above.
X-PARTNER-IDStringMUnique identifier for caller
X-EXTERNAL-IDStringMMerchant’s unique ID per transaction request
CHANNEL-IDStringMPJP’s channel id.
Content-Typeapplication/json
AuthorizationBearer gp9HjjEj813Y9JGoqwOeOPWbnt4CupvIJbU1Mmu4a11MNDZ7Sg5u9a
X-TIMESTAMP2023-07-06T14:12:50+07:00
X-SIGNATUREqoda1fa417c72d6b91c257e01e54fac824
X-PARTNER-IDQoinSnap
X-EXTERNAL-ID41807553358950093184162180797837
CHANNEL-ID95221

Request Body

Field NameField TypeMandatoryField Description
additionalInfoObjectOAdditional Information
amountObjectMAmount object
currencyStringMTransaction currency
valueStringMTransaction amount
externalStoreIDStringOUnique identifier from External Store
latestTransactionStatusStringMLatest Transaction Status
originalPartnerReferenceNoStringMOriginal transaction identifier on service consumer system
originalReferenceNoStringMOriginal transaction identifier on service provider system.
transactionStatusDescStringMDescription Transaction Status
  {
    "additionalInfo": {},
    "amount": {
      "currency": "IDR",
      "value": "12346678.00"
    },
    "externalStoreID": "",
    "latestTransactionStatus": "00",
    "originalPartnerReferenceNo": "abcdefgh0017",
    "originalReferenceNo": "T24080000027",
    "transactionStatusDesc": "Success"
  }

Response Body

Field NameField TypeMandatoryField Description
responseCodeString(7)MStatus code of transaction charge result
responseMessageString(150)MDescription of transaction charge result.
{
   "responseCode":"2005200",
   "responseMessage":"Successful"
}

List Response Code

Response CodeHTTP StatusDescription
2005200200Successful
4005201400Invalid format