# FPX Payment ## Endpoint URL | Environment | URL | Method | | ----------- | ---------------------------------------------- | ------ | | Sandbox | | Post | | Production | | Post | ## Credentials Using authentication parameter below: | | | | ---------------------------------------- | ---------------------------------------------------------------- | | uid (Merchant API UID) | 2aaa1633-e63f-4371-9b85-91d936aa56a1 | | token (Merchant API Auth Token) | ZyUfF8EmyabcMWPcaocX | | Checksum Token (Merchant Checksum Token) | 159026b3b7348e2390e5a2e7a1c8466073db239c1e6800b8c27e36946b1f8713 | ## API Credentials ![](https://1585239032-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MHFsN346MN-4Eibh12Q%2F-MKStHpYipOFmmU843tY%2F-MKSwjrme80ReF3XzCbw%2FScreenshot%202020-10-25%20at%2011.59.36%20AM.png?alt=media\&token=d9016ca5-ad12-4eaa-8b42-d490e6fb39e1) ## Request Parameters | Parameter | Description | Condition | Example | | -------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | ---------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | order\_number | Unique order number generated by your end for reference. | compulsory | 20200425132755 | | buyer\_name | Valid buyer full name in one line. | compulsory | AHMAD AMSYAR MOHD ALI | | buyer\_email | Valid buyer email address for status update | compulsory | | | buyer\_phone | Valid buyer phone number. | compulsory | +60123121678 | | transaction\_amount | Amount format: 100.20 , 1000.00, 7000.30 | compulsory | 1540.40 | | product\_description |

Meaningful Product Description e.g.

● Payment for order number 123

● Payment for vintage table part #89782

| compulsory | Payment for order no. 20200425132755 | | callback\_url | Server to server. Securepay platform will post the payment status. | optional | | | redirect\_url | Browser to browser, Securepay platform will post to the endpoint browser. | optional | | | checksum | Signed strings for verification. | compulsory | 2cb338beae0859.... | | token | API Token. | compulsory | ZyUfF8Emy.... | | params | Send up to 18 values or parameters e.g: reference1\_label and reference1 .. reference18\_label and reference18 | optional | "params": {"reference1\_label" : "Size", "reference1" : "XL", "reference2\_label" : "IC No" , reference2 : "890323035586" } | | redirect\_post | Auto redirect to endpoint page. | optional | true | | shipping\_address | Shipping address | optional | "shipping\_address": {"contact\_name":"John Doe John Kay", "contact\_phone\_number":"0133121999", "line1":"JLN UNGGUL 14/12","line2":"Bukit Harimau Belang", "postcode":"46000", "city":"Shah Alam","state":"Selangor"} | | billing\_address | Billing address | optional | "billing\_address": {"contact\_name":"John Doe John Kay", "contact\_phone\_number":"0133121999", "line1":"JLN UNGGUL 14/12","line2":"Bukit Harimau Belang", "postcode":"46000", "city":"Shah Alam","state":"Selangor"} | | buyer\_bank\_code | Bank code generated from the banks list | Optional | MBB0228 | | model | If not specify the platform will use B2C as default model. If using B2B1, set the model to B2B1. The FPX bank list also need to match with the model | optional | B2C or B2B1 | | fpx\_bank\_selection | If using securepay page for bank selection page. The bank selection can be displayed as dropdown or grid | optional | dropdown or grid | | cancel\_url | SecurePay page for bank selection. If set the cancel URL. Button cancel will appear. | optional |

e.g:

\_cancel?order\_number=123123

| | timeout\_url | SecurePay page for bank selection. if set the timeout URL. The page will timeout within 3 minutes | optional |

e.g:

?order\_number=123123

| B2C or B2B1 please set on the API settings inside SecurePay Apps. Other settings also can be set at the settings page. #### API settings page ![](https://1585239032-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MHFsN346MN-4Eibh12Q%2F-Mchr_KTwOsgrYaqzwFd%2F-Mchs7s3X1q46UdDQM3H%2FScreenshot%202021-06-21%20at%205.21.09%20PM.png?alt=media\&token=853c7d44-8fa7-4bbe-ad45-b0d06cf204b3) #### SecurePay bank selection page ![](https://1585239032-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MHFsN346MN-4Eibh12Q%2F-Mchr_KTwOsgrYaqzwFd%2F-MchsQKy6hn5Nx4AB69-%2FScreenshot%202021-06-21%20at%205.12.56%20PM.png?alt=media\&token=9a07480d-1028-40d8-95ce-9319ccc4d298) #### Grid bank selection ![](https://1585239032-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MHFsN346MN-4Eibh12Q%2F-Mchr_KTwOsgrYaqzwFd%2F-MchszsU87Tq9FLJlByQ%2FScreenshot%202021-06-21%20at%205.24.05%20PM.png?alt=media\&token=74196b2f-c115-4a48-b13b-23db4c946514) ## Generate Checksum Only these parameters are needed to generate checksum:\ \ buyer\_email|buyer\_name|buyer\_phone|callback\_url|order\_number|product\_description|redirect\_url|transaction\_amount|uid
* [ ] Arrange the parameter variables in ascending order as below (including API uid) ``` buyer_email|buyer_name|buyer_phone|callback_url|order_number|product_description|redirect_url|transaction_amount|uid ``` * [ ] Construct the parameter values string based on the position above. ``` amsyar@gmail.com|AHMAD AMSYAR MOHD ALI|+60123121678||20200425132755|Payment for order no 20200425132755||1540.40|2aaa1633-e63f-4371-9b85-91d936aa56a1 ``` * [ ] Sign the string with checksum token using HMAC SHA256 {% tabs %} {% tab title="Ruby" %} ```ruby string = "amsyar@gmail.com|AHMAD AMSYAR MOHD ALI|+60123121678||20200425132755|Payment for order no 20200425132755||1540.40|2aaa1633-e63f-4371-9b85-91d936aa56a1​" checksum_token = "​159026b3b7348e2390e5a2e7a1c8466073db239c1e6800b8c27e36946b1f8713​" OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), checksum_token, string) ``` {% endtab %} {% tab title="PHP" %} ```php $string = ​"​amsyar@gmail.com|AHMAD AMSYAR MOHD ALI|+60123121678||20200425132755|Payment for order no 20200425132755||1540.40|2aaa1633-e63f-4371-9b85-91d936aa56a1​" $checksum_token = ​"159026b3b7348e2390e5a2e7a1c8466073db239c1e6800b8c27e36946b1f8713​" $sign = hash_hmac('sha256', $string, $checksum_token) ``` {% endtab %} {% endtabs %} * [ ] Generated checksum **75b54e403151b1e9b413df8ce5c426ef0dbbc9adcec58b8f5dd5c9c5c6b78844** ## Post the parameters Sending all parameters in request parameter table to the payment URL by using post method ## Sample Codes {% tabs %} {% tab title="PHP" %} ```php access_token; //$obj->fpx_bankList //print_r($obj['fpx_bankList']); $options = ""; foreach ($obj['fpx_bankList'] as $value) { if($value['status_format2']) { $options .= ""; } else { $options .= ""; } //echo $value['code']; } //print_r($obj->fpx_bankList); ?>

SecurePay sample code for PHP

Form without bank list


















Form with bank list




















``` {% endtab %} {% tab title="Rails" %} ``` ``` {% endtab %} {% endtabs %} ## --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.securepay.my/api/merchant/payment.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.