Bank Account Payment


Initialize a transaction.

OPay Bank Account Payment


For calling the API using the POST method you can use these endpoints URL:

In case you are still in the developing phase, use the following staging API endpoint URL

Note

Staging

https://testapi.opaycheckout.com/api/v1/international/payment/create


Once you are ready for production, you should use the following production API endpoint URL instead

Note

Production

https://liveapi.opaycheckout.com/api/v1/international/payment/create


Request Parameters:

  1. Header: Authorization(API Calls Signature), MerchantId
  2.                         
                                Authorization    : Bearer {signature}
                                MerchantId       : 256612345678901
                            
                        

  3. Json object containing the transaction information:
  4.     
                        {
                            "amount":{
                                "currency":"NGN",
                                "total":400
                            },
                            "bankAccountNumber":"2215381176",
                            "bankCode":"033",
                            "bvn":"01234567899",
                            "callbackUrl":"https://testapi.opaycheckout.com/api/v1/international/print",
                            "country":"NG",
                            "customerName":"customerName",
                            "dobDay":"12",
                            "dobMonth":"12",
                            "dobYear":"2000",
                            "payMethod":"BankAccount",
                            "product":{
                                "description":"dd",
                                "name":"name"
                            },
                            "reference":"12345",
                            "returnUrl":"https://testapi.opaycheckout.com/api/v1/international/print",
                            "userPhone":"+1234567879"
                        }
        
    

HTTP POST parameters

Here is a detailed description for the parameters you need to complete the POST request:

Parameter type required Description
reference String required the unique merchant payment order number.
amount
currency String required Currency type.See full list here
total Integer required Amount(cent unit).
callbackUrl String optional If you have sent callbackUrl through API, OPay will send callback notification to this callbackUrl. If you didn't send callbackUrl through API, you need to configure webhook url on the merchant dashboard, and OPay will send callback notification to this webhook url. See callback here
payMethod String required Value must be [BankAccount].
bankAccountNumber String required Bank Account number, needed when payType is bankAccount
bankCode String required Bank Code
returnUrl String required The URL to which OPay cashier should return the payment processing response.
dobDay String required dobDay
dobMonth String required dobMonth
dobYear String required dobYear
product
name String required product name.
description String optional Product description.
expireAt Integer optional Payment expiration time in minutes. Default 30.
country String optional Country Code.See full list here
customerName String optional Customer name in merchant system.
userClientIP String optional user ip.
userPhone String optional Customer phone number in merchant system.

An example call of Bank Account Payment API is as follows :

                            
                                class BankAccountController
                                {
                                    private $secretkey;
                                    private $merchantId;
                                    private $url;

                                    public function __construct() {
                                        $this->merchantId = '256622011275597';
                                        $this->secretkey = 'OPAYPRV1641***********926';
                                        $this->url = 'https://testapi.opaycheckout.com/api/v1/international/payment/create';
                                    }

                                    public function test(){
                                        $data = [
                                            'amount'=>
                                                [
                                                'currency'=>'NGN',
                                                'total'=>400
                                                ],
                                            'bankAccountNumber'=>'2215381176',
                                            'bankCode'=>'033',
                                            'bvn'=>'01234567899',
                                            'callbackUrl'=>'https://testapi.opaycheckout.com/api/v1/international/print',
                                            'country'=>'NG',
                                            'customerName'=>'customerName',
                                            'dobDay'=>'12',
                                            'dobMonth'=>'12',
                                            'dobYear'=>'2000',
                                            'payMethod'=>'BankAccount',
                                            'product'=>['description'=>'dd','name'=>'name'],
                                            'reference'=>"12345c",
                                            'returnUrl'=>'https://testapi.opaycheckout.com/api/v1/international/print',
                                            'userPhone'=>'+1234567879'
                                            ];

                                        $data2 = (string) json_encode($data,JSON_UNESCAPED_SLASHES);
                                        $auth = $this->auth($data2);
                                        $header = ['Content-Type:application/json', 'Authorization:Bearer '. $auth, 'MerchantId:'.$this->merchantId];
                                        $response = $this->http_post($this->url, $header, json_encode($data));
                                        $result = $response?$response:null;
                                        return $result;
                                    }

                                    private function http_post ($url, $header, $data) {
                                        if (!function_exists('curl_init')) {
                                            throw new Exception('php not found curl', 500);
                                        }
                                        $ch = curl_init();
                                        curl_setopt($ch, CURLOPT_TIMEOUT, 60);
                                        curl_setopt($ch, CURLOPT_URL, $url);
                                        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
                                        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
                                        curl_setopt($ch, CURLOPT_HEADER, false);
                                        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                                        curl_setopt($ch, CURLOPT_POST, true);
                                        curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
                                        curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
                                        $response = curl_exec($ch);
                                        $httpStatusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
                                        $error=curl_error($ch);
                                        curl_close($ch);
                                        if (200 != $httpStatusCode) {
                                            print_r("invalid httpstatus:{$httpStatusCode} ,response:$response,detail_error:" . $error, $httpStatusCode);
                                        }
                                        return $response;
                                    }
                                    public function auth ( $data ) {
                                        $secretKey = $this->secretkey;
                                        $auth = hash_hmac('sha512', $data, $secretKey);
                                        return $auth;
                                    }

                                }
                            
                        
                                
                                    const request = require('request');
                                    var sha512 = require('js-sha512');
                                    const formData = {
                                        "amount":{
                                            "currency":"NGN",
                                            "total":400
                                        },
                                        "bankAccountNumber":"2215381176",
                                        "bankCode":"033",
                                        "bvn":"01234567899",
                                        "callbackUrl":"https://testapi.opaycheckout.com/api/v1/international/print",
                                        "country":"NG",
                                        "customerName":"customerName",
                                        "dobDay":"12",
                                        "dobMonth":"12",
                                        "dobYear":"2000",
                                        "payMethod":"BankAccount",
                                        "product":{
                                            "description":"dd",
                                            "name":"name"
                                        },
                                        "reference":"12348",
                                        "returnUrl":"https://testapi.opaycheckout.com/api/v1/international/print",
                                        "userPhone":"+1234567879"
                                    };

                                    var privateKey = "OPAYPRV1641***********926"

                                    var hash = sha512.hmac.create(privateKey);
                                    hash.update(JSON.stringify(formData));
                                    hmacsignature = hash.hex();
                                    console.log(hmacsignature)
                                    request({
                                        url: 'https://testapi.opaycheckout.com/api/v1/international/payment/create',
                                        method: 'POST',
                                        headers: {
                                          'MerchantId': '256622011275597',
                                          'Authorization': 'Bearer '+hmacsignature
                                        },
                                        json: true,
                                        body: formData
                                      }, function (error, response, body) {
                                        console.log('body: ')
                                        console.log(body)
                                      }
                                    )
                                
                            
                                
                                    curl --location --request POST 'https://testapi.opaycheckout.com/api/v1/international/payment/create' \
                                    --header 'MerchantId: 256622011275597' \
                                    --header 'Authorization: Bearer 61bea01d6c07f2c21466addd9d3d558918998830c7f7d5784a9724992e31104d12b5aab0b8b4c6b8ce9181d8cd8189fb8838b434b4feebaa7bc68e744a7d19e1' \
                                    --header 'Content-Type: application/json' \
                                    --data-raw '{
                                        "country": "NG",
                                        "orderNo": "220207140591969743",
                                        "otp": "000000"
                                    }'
                                
                            
                            
                                import com.google.gson.Gson;
                                import org.apache.commons.codec.binary.Hex;
                                import javax.crypto.Mac;
                                import javax.crypto.spec.SecretKeySpec;
                                import java.io.BufferedReader;
                                import java.io.InputStreamReader;
                                import java.io.OutputStream;
                                import java.net.HttpURLConnection;
                                import java.net.URL;
                                import java.nio.charset.StandardCharsets;
                                import java.util.TreeMap;
                                import java.util.UUID;

                                public class BankAccount {

                                    private static final String privateKey = "OPAYPRV1641***********926";

                                    private static final String endpoint = "https://testapi.opaycheckout.com";

                                    private static final String merchantId = "256622011275597";

                                    public static void main(String[] args) throws Exception {
                                        String addr = endpoint + "/api/v1/international/payment/create";
                                        Gson gson = new Gson();
                                        TreeMap order = new TreeMap<>();
                                        TreeMap amount = new TreeMap<>();
                                        order.put("amount",amount);
                                        amount.put("currency","NGN");
                                        amount.put("total",400);
                                        order.put("bankAccountNumber","2215381176");
                                        order.put("bankCode","033");
                                        order.put("bvn","01234567899");
                                        order.put("callbackUrl","https://testapi.opaycheckout.com/api/v1/international/print");
                                        order.put("country","NG");
                                        order.put("customerName","customerName");
                                        order.put("dobDay","12");
                                        order.put("dobMonth","12");
                                        order.put("dobYear","2000");
                                        order.put("payMethod","BankAccount");
                                        TreeMap product = new TreeMap<>();
                                        product.put("description","dd");
                                        product.put("name","name");
                                        order.put("product",product);
                                        order.put("reference", UUID.randomUUID().toString());
                                        order.put("returnUrl","https://testapi.opaycheckout.com/api/v1/international/print");
                                        order.put("userPhone","+1234567879");

                                        String requestBody = gson.toJson(order);
                                        System.out.println("--request:");
                                        System.out.println(requestBody);
                                        String oPaySignature = hmacSHA512(requestBody, privateKey);
                                        System.out.println("--signature:");
                                        System.out.println(oPaySignature);

                                        URL url = new URL(addr);
                                        HttpURLConnection con = (HttpURLConnection)url.openConnection();
                                        con.setRequestMethod("POST");
                                        con.setRequestProperty("Content-Type", "application/json; utf-8");
                                        con.setRequestProperty("Authorization", "Bearer "+oPaySignature);
                                        con.setRequestProperty("MerchantId", merchantId);
                                        con.setDoOutput(true);
                                        OutputStream os = con.getOutputStream();
                                        byte[] input = requestBody.getBytes(StandardCharsets.UTF_8);
                                        os.write(input, 0, input.length);
                                        BufferedReader br = new BufferedReader(new InputStreamReader(con.getInputStream(), StandardCharsets.UTF_8));
                                        StringBuilder response = new StringBuilder();
                                        String responseLine = null;
                                        while ((responseLine = br.readLine()) != null) {
                                            response.append(responseLine.trim());
                                        }

                                        System.out.println("--response:");
                                        System.out.println(response.toString());
                                        //close your stream and connection
                                    }

                                    public static String hmacSHA512(final String data, final String secureKey) throws Exception{
                                        byte[] bytesKey = secureKey.getBytes();
                                        final SecretKeySpec secretKey = new SecretKeySpec(bytesKey, "HmacSHA512");
                                        Mac mac = Mac.getInstance("HmacSHA512");
                                        mac.init(secretKey);
                                        final byte[] macData = mac.doFinal(data.getBytes());
                                        byte[] hex = new Hex().encode(macData);
                                        return new String(hex, StandardCharsets.UTF_8);
                                    }
                                }
                            
                        
Note

Note

Header must contain the "Signature" , "MerchantId"

Signature is calculated using SHA-512 HMAC signed with your Private Key. See API Calls Signature section for more details.

Bank Account Payment Response


Response Parameters:

the parameters contained in the response received whenever you call the Transaction Create API as a JSON Object.

                    
                        {
                            "code": "00000",
                            "message": "SUCCESSFUL",
                            "data": {
                                "reference": "testbyqur1641803625000",
                                "orderNo": "220110144664579546",
                                "nextAction": {
                                    "actionType": "INPUT_OPT"
                                },
                                "status": "PENDING",
                                "amount": {
                                    "total": 400,
                                    "currency": "NGN"
                                },
                                "vat": {
                                    "total": 0,
                                    "currency": "NGN"
                                }
                            }
                        }
                    
                

Here is a detailed description for the parameters received in the response:

Parameter type Description example
reference String Unique merchant payment order number. 937102167
orderNo String Unique Opay payment order number. 211004140885521681
status enum [INITIAL, PENDING, SUCCESS, FAIL, CLOSE] SUCCESS
amount
currency String Currency NGN
total Long amount(cent unit). 400
vat
currency String Currency NGN
total Long amount(cent unit). 10
nextAction
actionType String Next action type INPUT_OTP,REDIRECT_3DS,INPUT_PIN
failureCode String fail error code. payment fail error code, not blank when status [FAIL/CLOSE]
failureReason String fail error message. payment fail error message, not blank when status [FAIL/CLOSE]

Error Handling


After submitting an API call to OPay, you receive a response back to inform you that your request was received and processed. A successful OPay API should return a status code 00, meanwhile, in a situation where any payment processing error occurred, you will receive an error code with a message to describe the reason of the error. A sample error response can be found below.

                    
                        {
                            "code": "02006",
                            "message": "payment not found."
                        }
                    
                

Depending on the HTTP status code of the response, you should build some logic to handle any errors that a request or the system may return. A list of possible potential error codes that you may receive can be found below.

Error Code Error Message
02000 authentication failed.
02001 request params not valid.
02003 payMethod not support.
02004 the payment reference already exists.
02002 merchant not configured with this function.
02007 merchant not available.
50003 service not available, please try again.

What's Next?


User Profile 12 messages

James Jones
Application Developer
Recent Notifications
Another purpose persuade Due in 2 Days
+28%
Would be to people Due in 2 Days
+50%
-27%
The best product Due in 2 Days
+8%