PayGate Pro

API Documentation

Integrasi pembayaran multi-channel dengan PayGate Pro. Terima pembayaran QRIS, Virtual Account, GoPay, ShopeePay dari semua bank dan e-wallet Indonesia. Customer memilih metode langsung di halaman checkout branded Anda.

Cepat

Integrasi dalam 5 menit

Aman

HMAC-SHA256 webhook

QRIS

Semua bank & e-wallet

Authentication

Semua request API memerlukan header Authorization dengan Bearer token.

Header
Authorization: Bearer YOUR_API_KEY

Penting: API Key bisa ditemukan di Dashboard Merchant setelah akun diaktifkan oleh admin. Jaga kerahasiaan API Key Anda.

Base URL

Base URL
https://pay.clipku.com/api/index.php

Error Handling

API menggunakan HTTP status code standar. Response error selalu dalam format JSON.

CodeMeaningDescription
200OKRequest berhasil
201CreatedResource berhasil dibuat
400Bad RequestRequest tidak valid (parameter salah/kurang)
401UnauthorizedAPI key tidak valid atau tidak ada
403ForbiddenMerchant tidak aktif
404Not FoundResource tidak ditemukan
429Too Many RequestsRate limit terlampaui
500Server ErrorKesalahan internal server
Error Response Format
{
  "success": false,
  "error": "Pesan error detail"
}
POST

Create Transaction

Buat transaksi pembayaran baru. Customer akan diarahkan ke halaman checkout branded Anda untuk memilih metode pembayaran (QRIS, VA Bank, GoPay, ShopeePay).

Endpoint
POST https://pay.clipku.com/api/index.php?action=create_transaction

Request Body (JSON)

ParameterTypeRequiredDescription
amountintegerYesJumlah pembayaran (Rupiah)
order_idstringNoOrder ID unik (auto-generate jika kosong)
payment_channelstringNoChannel: qris (default) atau midtrans
payment_methodstringNoMetode: QRIS-A, BCAVA, BNIVA, GOPAY, dll
link_namestringNoNama/deskripsi pembayaran
customer_namestringNoNama customer
customer_emailstringNoEmail customer
customer_wastringNoNomor WhatsApp (08xxxx)
webhook_urlstringNoURL callback notifikasi
redirect_urlstringNoURL redirect setelah bayar

Payment Channels:

qris — Scan QR dari semua bank & e-wallet
bank_transfer — VA Bank, GoPay, ShopeePay

Atau kosongkan payment_channel → customer pilih sendiri di halaman checkout.

Payment Method Codes

CodeMetodeTampilan di Checkout
QRIS-AQRISQR Code scan semua bank & e-wallet
BCAVAVA BCANomor VA + Copy
BNIVAVA BNINomor VA + Copy
BRIVAVA BRINomor VA + Copy
PERMATAVAVA PermataNomor VA + Copy
CIMBVAVA CIMB NiagaNomor VA + Copy
MANDIRIMandiri Bill PaymentBill Key + Biller Code
MTQRISQRIS (Multi-Bank)QR Code
GOPAYGoPayQR + Deeplink
SHOPEEPAYShopeePayDeeplink ke app

Alur Pembayaran:

  1. Create transaction via API (tanpa payment_channel = customer pilih sendiri)
  2. Redirect/arahkan customer ke payment_url yang dikembalikan
  3. Customer melihat daftar metode pembayaran dan memilih salah satu
  4. Sistem memanggil provider (system) dan menampilkan detail (VA/QR/deeplink)
  5. Customer bayar → webhook masuk → status otomatis berubah ke PAID

Request Example

cURL
curl -X POST "https://pay.clipku.com/api/index.php?action=create_transaction" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "amount": 50000,
    "order_id": "INV-001",
    "payment_channel": "midtrans",
    "payment_method": "BCAVA",
    "customer_name": "John Doe"
  }'

Response (201)

JSON
{
  "success": true,
  "data": {
    "id": "a1b2c3d4-...",
    "order_id": "INV-001",
    "amount": 50000,
    "fee": 350,
    "net_amount": 49650,
    "status": "PENDING",
    "payment_channel": "midtrans",
    "payment_method": "BCAVA",
    "payment_url": "https://pay.../pay.php?order_id=INV-001",
    "qr_url": null,
    "created_at": "2026-07-08 10:00:00"
  }
}
GET

Get Transaction

Cek status dan detail transaksi berdasarkan order_id.

Endpoint
GET https://pay.clipku.com/api/index.php?action=get_transaction&order_id=INV-001
Response (200)
{
  "success": true,
  "data": {
    "id": "a1b2c3d4-...",
    "order_id": "INV-001",
    "amount": 50000,
    "fee": 350,
    "net_amount": 49650,
    "status": "PAID",
    "payment_url": "https://...",
    "qr_url": "https://...",
    "paid_at": "2026-07-08 10:05:00",
    "created_at": "2026-07-08 10:00:00"
  }
}
GET

Get Wallet

Lihat saldo wallet merchant (available, pending, hold).

Endpoint
GET https://pay.clipku.com/api/index.php?action=wallet
Response (200)
{
  "success": true,
  "data": {
    "available_balance": 500000,
    "pending_balance": 50000,
    "hold_balance": 0,
    "withdrawn_balance": 200000,
    "total_received": 750000,
    "total_fee": 5250
  }
}
GET

Get Withdrawals

Lihat riwayat penarikan dana (withdrawal).

Endpoint
GET https://pay.clipku.com/api/index.php?action=withdrawals
Response (200)
{
  "success": true,
  "data": [
    {
      "id": "wd-uuid-...",
      "amount": 100000,
      "bank_name": "BCA",
      "account_number": "123****890",
      "status": "SUCCESS",
      "created_at": "2026-07-07 09:00:00"
    }
  ]
}

Webhook Events

Saat status pembayaran berubah, sistem akan mengirim HTTP POST ke webhook URL yang dikonfigurasi. Pastikan endpoint Anda merespon dengan HTTP 200.

Webhook Payload
{
  "order_id": "INV-001",
  "transaction_status": "settlement",
  "status_code": "200",
  "gross_amount": "50000.00",
  "transaction_time": "2026-07-08 10:05:00"
}

Headers yang dikirim:

  • Content-Type: application/json
  • X-Signature: HMAC-SHA256 hash

Signature Validation

Setiap webhook memiliki header X-Signature. Validasi signature untuk memastikan webhook asli dari kami.

PHP Example
// Ambil raw body dan signature
$payload = file_get_contents('php://input');
$signature = $_SERVER['HTTP_X_SIGNATURE'] ?? '';

// Hitung signature dengan API key Anda
$expected = hash_hmac('sha256', $payload, $yourApiKey);

// Bandingkan (timing-safe)
if (!hash_equals($expected, $signature)) {
    http_response_code(403);
    die('Invalid signature');
}

// Proses webhook...
$data = json_decode($payload, true);
$orderId = $data['order_id'];
$status = $data['transaction_status'];
Node.js Example
const crypto = require('crypto');

app.post('/webhook', (req, res) => {
  const payload = JSON.stringify(req.body);
  const signature = req.headers['x-signature'];
  
  const expected = crypto
    .createHmac('sha256', YOUR_API_KEY)
    .update(payload)
    .digest('hex');
  
  if (signature !== expected) {
    return res.status(403).send('Invalid');
  }
  
  // Process webhook...
  res.status(200).send('OK');
});

Transaction Status

Status yang mungkin diterima di webhook atau saat cek transaksi:

PAID

Pembayaran berhasil

PENDING

Menunggu pembayaran

FAILED

Pembayaran gagal

EXPIRED

Waktu habis

Status Mapping dari Webhook

Webhook ValueInternal Status
paid, success, settlement, completedPAID
pending, unpaid, waitingPENDING
failed, cancel, canceled, cancelled, errorFAILED
expired, expireEXPIRED

PayGate Pro API v1.0 — Payment Gateway Multi Merchant

© 2026 All rights reserved.