Generic Token Payment V2

Overview

API, an abbreviation of Application Program Interface, is a set of routines, protocols, and tools for building software applications. The API specifies how software components should interact. Virtually all software has to request other software to do some things for it. To accomplish this, the asking program uses a set of standardized requests, called Application Programming Interface (API). Building an application with no APIs is basically like building a house with no doors. The API for all computing purposes is how we open the blinds and the doors and exchange information. This documentation is about Token based payment in eSewa. This helps to understand and guide those partners which are intended to integrate token based payment. Token based payment implies, a unique token is generated at the merchant end. Customer enters the token at eSewa for payment, and then request is made to the client against the token generated from merchant. Upon getting the necessary information in response, payment is made from eSewa in next step. This documentation will help to accelerate the integration efforts of client application with eSewa.

Fig: System Interaction with partner/client server for token based payment in eSewa.

The scenario visualized in above figure shows an overall communication from partner/client’s Server to eSewa and finally to the partner/client’s Server. Number in bracket specifies the order of process that is carried out between partner client and eSewa. Following lays the explanation:

Inquiry

URL property_key:STATEMENT_URL
Request Id from esewa's inquiry will always only concat at end of Client's Url as path variable. Request Id from inquiry cannot be used anywhere else on like on header or body. There is no need to have {{request_id}} in request url as it will always concat even if it is not present but if request id is to be mentioned in url always must be in snake case like : {{request_id}} Eg1: request_id : customer45 , url: clientUrl.com.np , final result: clientUrl.com.np/customer45 Eg2: request_id : customer45, url: clientUrl.com.np/{{request_id}} final result: clientUrl.com.np/customer45 Note : Request Id cannot be NULL or left blank. This is a mandatory field.

Http Method property_key:HTTP_METHOD Http method can be configured for inquiry API of Client as required. Note:: If not set, will be GET method by default.

Header Parameters property_key:HEADER_PARAMS If parameters are to be sent in header of Client’s inquiry that can be configured as well. Header must always be in JSON format. While header key’s value must be in list format. custom/dynamic field to take from input must always be enclosed by “{{}}“. Below is example format how data in db is stored

{
"client_code": ["{{client123}}"],
"vendor": ["ESEWA"]
}

Value enclosed in “{{}}“ must match to field's name in inquiry request: Eg:Sample Inquiry request: 

{
"separate_integration": "true",
"product_type": "GENERIC_TOKEN_PAYMENT_V2",
"username": "ashish",
"user_id": "user123",
"emp_code": "empCcode123",
"name" : "Ashish Shrestha",
"customer_id": "customer123"
}

Sample Header JSON format:

{
 "username": ["{{username}}"],
 "user_id": ["{{user_id}}}"],
 "emp_code": ["{{emp_code}}"],
 "name" : ["{{name}}"],
 "customer_id": ["{{customer_id}}"],
 "staticField": ["ESEWA"]
}
Inquiry Body:

1. Body must always be in JSON format as well and as mentioned above custom fields must always be enclosed by “{{}}“. Eg:

{
"clientCode": "{{client_code}}",
"dob" : "{{dob}}",
"username": "{{username}}",
"staticField": "ESEWA"
}

Note: Field name either in header, url or in body must always be in snake case i.e if we've field “Customer Id” it must always be as “customer_id”

Inquiry Response:

Field Type Mandatory Description
reponse_code int Yes Success or failure is determined this field, where: 0 : Success 1 : Fail
reponse_message String Yes This message is shown to customer.
amount double Yes(No incase of package.) Amount for payment.Not mandatory incase of amount is fetched from package.
request_id String Yes Same “Customer code” sent in inquiry Url
properties Map No Additional details that is shown to customer.
packages List No

Packages is list of object where Obj comprise following data. { String display; double value; Map <String, String> properties; } display:package name value: amount of package properties: additional info to recognize package + additional details

Reponses from client must be in following format.

Failure Response 
{
 "response_code": 1,
 "response_message": "Authentication Failed."
}
Success Response I 
{
 "amount": 515.15,
 "properties": {
 "Address": "Kathmandu",
 "request_id": "Test-unique-key1",
 "customer_name": "Ashish Shrestha"
 },
 "request_id": "Test-unique-key1",
 "response_code": "0",
 "response_message": "success"
}
Success Response II 
{
 "amount": 315.0,
 "properties": {
 "address": "Kathmandu",
 "request_id": "customer12",
 "customer_name": "Ashish Shrestha"
 },
 "packages": [
 {
 "display": "<Package Name1> <1month> [Rs. 1000]>",
 "value": 100.0,
 "properties": {
 "package_id": "110"
 }
 },
 {
 "display": "<Package Name2> <2months> [Rs. 2000]>",
 "value": 200.0,
 "properties": {
 "package_id": "210"
 }
 },
 {
 "display": "<Package Name3> <3months> [Rs. 3000]>",
 "value": 300.0,
 "properties": {
 "package_id": "310"
 }
 },
{
 "display": "<Package Name4> <4months> [Rs. 4000]>",
 "value": 400.0,
 "properties": {
 "package_id": "410"
 }
 },
 {
 "display": "<Package Name5> <5months> [Rs. 5000]>",
 "value": 500.0,
 "properties": {
 "package_id": "510"
 }
 }
 ],
 "request_id": "customer12",
 "response_code": "0",
 "response_message": "success"
}

Authentication property_key:AUTHENTICATION_URL • Basic Authentication: : If AUTHENTICATION_URL key is not present or has no value then we consider client don't have dedicated authentication and will send Basic Authentication for authorization in every request. and take below mentioned keys for username and password  property_key: HEADER_USER  property_key: HEADER_PASSWORD(base64 encoded) •Client's Authentication:If AUTHENTICATION_URL key is present and has value,then we get access token from client's login. Property key HEADER_USER and HEADER_PASSWORD will be used for username and password. We have a below mentioned format for client for request and response:/n URLhttps://clientUrl.com/access-token Url for login as well as for refreshing token will be same HttpMethod:POST

Sample Request for authentication: 
{
"grant_type": "password",
"client_secret": {{base64 encoded client_secret key}},
"username": {{username}},
"password": {{base64 encoded password}}
}
Name Description
grantType

As for authentication as well as for refresh token URL would be same but would be differentiated by : a)password: For authentication with username and password b) refresh_token : For authentication with refresh token
client_secret base64 Encoded value of key with length from 32 - 64 characters long.
username username provided by client.
password Base64 encoded value of password provided by client
Sample Response: 
{
 "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJqa1ZhNWI2TzZpNTJIeEdHSUN3NFhVTkFyLWpxSUs3
 "expires_in": 250,
 "token_type": "Bearer",
 "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkYTNlYjFjZS0wNGJlLTQ3Y2YtODlkYS02M2M5MDJ
 "refresh_expires_in": 550
}
Name Description
access_token accessToken to sent in each request.
expires_in integer value in sec for how long access_token will be valid.
token_type prefix value of access token.
refresh_token If access token is expired, with this token access token is fetched.

With above response from client. Esewa send’s access Token for Authentication for each request. In Header with key Authorization. Key is constructed as : token_type + “<space>“ + access_token Refresh Token: To refresh the token same authentication url is used with following request format :

Sample Request for authentication: 
{
"grant_type": "refresh_token",
"refresh_token": {{refresh_token from previous login}},
"client_secret": {{base64 encoded client_secret key}}
}
Name Description
grant_type refresh_token for refreshing token.
refresh_token refresh token from previous login
client_secret base64 encoded client_secret key
Sample Response: 
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJqa1ZhNWI2TzZpNTJIeEdHSUN3NFhVTkFyLWpxSUs3S
"expires_in": 200,
"token_type": "Bearer",
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkYTNlYjFjZS0wNGJlLTQ3Y2YtODlkYS02M2M5MDJk
"refresh_expires_in": 400
}

Note : A key is maintained to cache authentication according to Request Id property_key:CACHE_AUTH_ACC_TO_REQ_ID if value is set true, authentication is maintained according to request_id i.e token is, maintained for particular request_id for both inquiry and payment or else (default) separate authentication token is not maintained for each request and will be used same token for all eSewa user's requests for the particular Client. As for this to be maintained Client's Authentication system must also support such implementation where multiple sessions are maintained according to logins.

Payment

property_key:PAYMENT_URL For Payment Url is stored in key PAYMENT_URL.

Sample Request: 
{
 "request_id": "12123122",
 "amount": 1000,
 "transaction_code": "01XV31A",
 "package_id": 401
}
Sample Responses:

Success Response:

{
 "amount": 1000,
 "properties": {
 "document_no": "KTM/010G0000/CPM14/01129",
 "flag": "SUCCESS",
 "expiry_date": "2024-11-28",
 "receipt_no": "KTM/008507",
 "receipt_date": "2023-11-28",
 "effective_date": "2023-11-28",
 "policy_no": "KTM/010G0000/CPM14/01129"
 },
 "request_id": "12123122",
 "response_code": "0",
 "response_message": "success",
 "reference_code": "KTM/010G0000/CPM14/01129"
}
Fail Response: 
{
 "response_code": 1,
 "response_message": "Authentication Failed."
}
Pending Response: 
{
 "response_code": 2,
 "response_message": "Transaction is Pending."
}

Transaction Status

property_key:TRANSACTION_STATUS_URL For Transaction Status, Url is stored in key TRANSACTION_STATUS_URL.

Sample Request: 
{
 "amount": 123,
 "transaction_code": "01XV31A",
 "reference_code": 40111221,
 "request_id": "req123"
}
Sample Response:

Success Response:

{
 "status": "SUCCESS",
 "amount": 1000,
 "properties": {
 "receipt_no": "receipt_81503",
 "expiry_date": "2024-12-28",
 "effective_date": "2023-12-28"
 },
 "request_id": "cus_HpPgb",
 "response_code": "0",
 "response_message": "Transaction is complete.",
 "reference_code": "401",
 "transaction_code": "01XV31A"
}
Fail Response: 
{
 "status": "FAILED",
 "amount": 123,
 "properties": null,
 "request_id": "request002",
 "response_code": "1",
 "response_message": "Transaction is failed.",
 "reference_code": "401",
 "transaction_code": "01XV31A"
}
Pending Response: 
{
 "status": "PENDING",
 "amount": 124,
 "properties": {
 "receipt_no": "receipt_38477",
 "expiry_date": "2024-12-28",
 "effective_date": "2023-12-28"
 },
 "request_id": "request003",
 "response_code": "2",
 "response_message": "Transaction is pending.",
 "reference_code": "401",
 "transaction_code": "01XV31A"
}
ABOUT ESEWA

eSewa is a mobile wallet for online and offline payments with a user base of 8 millions, a vast network of 4 hundred thousand agents, and a comprehensive array of services.
It is a one-stop destination for all of your needs like mobile recharge, electricity bills payment, telephone bills payment, booking bus and airlines tickets, buying movie tickets, transferring money, and many more.

COMPANY
POLICIES
Become a Merchant
DOWNLOAD APP
© 2009- eSewa.All Rights Reserved.
keep in touch----