Payment to Merchant
Method and URL
POST [BASE_URL]/wallet-backend/snap/v1.0/debit/payment-host-to-host
Purpose: Initiate a debit/payment transaction using the customer’s Pivot Pay balance via host-to-host integration. The API returns a web redirect URL for the payment authorization page.
Authorization:
B2B Token
B2B2C Token
Request
Request Header
Content-Type
Mandatory
application/json
Authorization
Mandatory
Bearer {B2B_access_token}
Authorization-Customer
Mandatory
Bearer {B2B2C_access_token}
X-SIGNATURE
Mandatory
HMAC signature generated as per SNAP specification
HMAC_SHA512 (clientSecret, stringToSign)
stringToSign = HTTPMethod +”:“+ EndpointUrl +":"+ AccessToken +":“+ Lowercase(HexEncode(SHA-256(minify(RequestBody))))+ ":“ + TimeStamp
X-TIMESTAMP
Mandatory
Request timestamp in yyyy-MM-dd'T'HH:mm:ssXXX (ISO 8601 with offset)
X-PARTNER-ID
Mandatory
Partner ID assigned by Pivot
X-EXTERNAL-ID
Mandatory
Unique ID per request for idempotency / tracing
CHANNEL-ID
Mandatory
Channel identifier (e.g., 12345)
Request Body
{
"additionalInfo": {},
"subMerchantId": "88042168-bfa6-4e5c-bcca-5abf1d40a181",
"partnerReferenceNo": "ref04080002",
"amount": {
"value": "10000.00",
"currency": "IDR"
},
"urlParams": [
{
"url": "https://test.com",
"type": "PAY_RETURN",
"isDeeplink": false
}
]
}Request Parameter Detail
additionalInfo
Object
-
Optional
Container for additional fields
subMerchantId
String
36
Mandatory
Merchant ID.
partnerReferenceNo
String
64
Mandatory
Unique reference number from the merchant for this payment request.
amount
Object
-
Mandatory
Payment amount object.
amount.value
String
20
Mandatory
Payment amount in decimal string (e.g., "10000.00").
amount.currency
String
3
Mandatory
Currency code of the transaction, e.g., IDR.
urlParams
Array
-
Mandatory
List of URL parameter objects used for redirect handling.
urlParams[].url
String
255
Mandatory
URL for redirecting the user after payment (e.g., payment result page).
urlParams[].type
String
20
Mandatory
URL type. In this example: PAY_RETURN.
urlParams[].isDeeplink
Boolean
-
Mandatory
Indicates whether the URL is a deeplink (true) or a standard HTTP/HTTPS URL (false).
Response
Response Body
{
"additionalInfo": {
"urlExpiredAt": "2025-08-04T17:24:42+07:00"
},
"referenceNo": "0198748e-f3ff-7eaf-a8fa-9b4532d2a6f8",
"responseCode": "2005400",
"responseMessage": "Successful",
"webRedirectUrl": "https://wallet-stg.harsya.com/whitelabel/payment?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ3YWxsZXQtYmFja2VuZCIsInN1YiI6IjE0NzFlNGFjLTI3N2ItNGJiNi04MmQ4LWFlZTY4ODNhNTg2ZCIsImV4cCI6MTc1NDMwMzA4MiwiaWRlbnRpZmllclZhbHVlIjoiMTQ3MWU0YWMtMjc3Yi00YmI2LTgyZDgtYWVlNjg4M2E1ODZkIiwibWVyY2hhbnRJZCI6Ijg4MDQyMTY4LWJmYTYtNGU1Yy1iY2NhLTVhYmYxZDQwYTE4MSIsInNlc3Npb25JZCI6IjAxOTg3NDhlLWYzZmYtN2VhZi1hOGZhLTliNDUzMmQyYTZmOCJ9.YRcwtvEXguqL_ugmoMbRtfzYyL-jb6CZwava8mXdOwk"
}Response Parameter Detail
additionalInfo
Object
-
Optional
Additional response information.
additionalInfo.urlExpiredAt
String
30
Mandatory
Expiration timestamp for the webRedirectUrl in ISO 8601 format with timezone.
referenceNo
String
64
Mandatory
System-generated reference number for this payment transaction.
responseCode
String
7
Mandatory
Response status code. 2005400 indicates the payment request was created successfully.
responseMessage
String
100
Mandatory
Description of the result, e.g., Successful.
webRedirectUrl
String (URL)
2048
Mandatory
URL to which the user should be redirected to authorize/complete the payment.
Last updated