Input PIN
Submit pin when requested to complete transaction.
OPay Input PIN
For calling the API using the POST method, you can use these endpoint URLs
In case you are still in the developing phase, use the following staging API endpoint URL
Staging
https://testapi.opaycheckout.com/api/v1/payment/action/input-pin
Once you are ready for production, you should use the following production API endpoint URL
Production
https://liveapi.opaycheckout.com/api/v1/payment/action/input-pin
Request Parameters:
- Header: Authorization(API Calls Signature), MerchantId
- Json object containing the transaction information:
Authorization : Bearer {signature}
MerchantId : 256612345678901
{
"country":"NG",
"orderNo":"220106144664358274",
"pin":"000000"
}
HTTP POST parameters
Here is a detailed description for the parameters you need to complete the POST request:
An example call of Input PIN API is as follows :
class InputPinController
{
private $secretkey;
private $merchantId;
private $url;
public function __construct() {
$this->merchantId = '256622011275597';
$this->secretkey = 'OPAYPRV1641***********926';
$this->url = 'https://testapi.opaycheckout.com/api/v1/payment/action/input-pin';
}
public function test(){
$data = [
'country'=>'NG',
'orderNo'=>'220209140595640115',
'pin'=>'1109'
];
$data2 = (string) json_encode($data,JSON_UNESCAPED_SLASHES);
$auth = $this->auth($data2);
$header = ['Content-Type:application/json', 'Authorization:Bearer '. $auth, 'MerchantId:'.$this->merchantId];
$response = $this->http_post($this->url, $header, json_encode($data));
$result = $response?$response:null;
return $result;
}
private function http_post ($url, $header, $data) {
if (!function_exists('curl_init')) {
throw new Exception('php not found curl', 500);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
$response = curl_exec($ch);
$httpStatusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$error=curl_error($ch);
curl_close($ch);
if (200 != $httpStatusCode) {
print_r("invalid httpstatus:{$httpStatusCode} ,response:$response,detail_error:" . $error, $httpStatusCode);
}
return $response;
}
public function auth ( $data ) {
$secretKey = $this->secretkey;
$auth = hash_hmac('sha512', $data, $secretKey);
return $auth;
}
}
const request = require('request');
var sha512 = require('js-sha512');
const formData = {
"country":"NG",
"orderNo":"220209140595656300",
"pin":"1109"
};
var privateKey = "OPAYPRV1641***********926"
var hash = sha512.hmac.create(privateKey);
hash.update(JSON.stringify(formData));
hmacsignature = hash.hex();
console.log(hmacsignature)
request({
url: 'https://testapi.opaycheckout.com/api/v1/payment/action/input-pin',
method: 'POST',
headers: {
'MerchantId': '256622011275597',
'Authorization': 'Bearer '+hmacsignature
},
json: true,
body: formData
}, function (error, response, body) {
console.log('body: ')
console.log(body)
}
)
curl --location --request POST 'https://testapi.opaycheckout.com/api/v1/payment/action/input-pin' \
--header 'MerchantId: 256622011275597' \
--header 'Authorization: Bearer c5b5f86cd1d3a0965671df08101ef521cd2a87a9593f4a46e6631bc7305959ad5ec9f452605b1f7b0516d349ced0686e8d179dc49dd4a2ae2ab509cedb016b20' \
--header 'Content-Type: application/json' \
--data-raw '{
"country":"NG",
"orderNo":"220209140595656300",
"pin":"1109"
}'
import com.google.gson.Gson;
import org.apache.commons.codec.binary.Hex;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.TreeMap;
public class InputPin {
private static final String privateKey = "OPAYPRV1641***********926";
private static final String endpoint = "https://testapi.opaycheckout.com";
private static final String merchantId = "256622011275597";
public static void main(String[] args) throws Exception {
String addr = endpoint + "/api/v1/payment/action/input-pin";
Gson gson = new Gson();
TreeMap order = new TreeMap<>();
order.put("country","NG");
order.put("orderNo","220209140595621505");
order.put("pin","1109");
String requestBody = gson.toJson(order);
System.out.println("--request:");
System.out.println(requestBody);
String oPaySignature = hmacSHA512(requestBody, privateKey);
System.out.println("--signature:");
System.out.println(oPaySignature);
URL url = new URL(addr);
HttpURLConnection con = (HttpURLConnection)url.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json; utf-8");
con.setRequestProperty("Authorization", "Bearer "+oPaySignature);
con.setRequestProperty("MerchantId", merchantId);
con.setDoOutput(true);
OutputStream os = con.getOutputStream();
byte[] input = requestBody.getBytes(StandardCharsets.UTF_8);
os.write(input, 0, input.length);
BufferedReader br = new BufferedReader(new InputStreamReader(con.getInputStream(), StandardCharsets.UTF_8));
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println("--response:");
System.out.println(response.toString());
//close your stream and connection
}
public static String hmacSHA512(final String data, final String secureKey) throws Exception{
byte[] bytesKey = secureKey.getBytes();
final SecretKeySpec secretKey = new SecretKeySpec(bytesKey, "HmacSHA512");
Mac mac = Mac.getInstance("HmacSHA512");
mac.init(secretKey);
final byte[] macData = mac.doFinal(data.getBytes());
byte[] hex = new Hex().encode(macData);
return new String(hex, StandardCharsets.UTF_8);
}
}
Note
Header must contain the "Signature" , "MerchantId"
Signature is calculated using SHA-512 HMAC signed with your Private Key. See API Calls Signature section for more details.
Input PIN Response
Response Parameters:
The parameters contained in the response received whenever you call the Transaction Create API as a JSON Object.
{
"code": "00000",
"message": "SUCCESSFUL",
"data": {
"reference": "qur-20221653374801790",
"orderNo": "220524147840658445594",
"nextAction": {
"actionType": "INPUT_OTP"
},
"status": "PENDING",
"amount": {
"total": 10000,
"currency": "NGN"
},
"vat": {
"total": 0,
"currency": "NGN"
}
}
}
Here is a detailed description for the parameters received in the response:
| Parameter | type | Description | example | |
|---|---|---|---|---|
| reference | String |
Unique merchant payment order number. | 937102167 | |
| orderNo | String |
Unique Opay payment order number. | 211004140885521681 | |
| status | enum |
[INITIAL, PENDING, SUCCESS, FAIL, CLOSE] | SUCCESS | |
| amount | ||||
| currency | String |
Currency | NGN | |
| total | Long |
amount(cent unit). | 400 | |
| vat | ||||
| currency | String |
Currency | NGN | |
| total | Long |
amount(cent unit). | 10 | |
| nextAction | ||||
| actionType | String |
Next action type | INPUT_OTP,REDIRECT_3DS,INPUT_PIN | |
| failureCode | String |
fail error code. | payment fail error code, not blank when status [FAIL/CLOSE] | |
| failureReason | String |
fail error message. | payment fail error message, not blank when status [FAIL/CLOSE] | |
Error Handling
After submitting an API call to OPay, you receive a response back to inform you that
your request was received and processed. A successful OPay API should return a status code 00,
meanwhile, in a situation where any payment processing error occurred, you will receive an error code with a
message to describe the reason of the error. A sample error response can be found below.
{
"code": "02006",
"message": "payment not found."
}
Depending on the HTTP status code of the response, you should build some logic to handle any errors that a request or the system may return. A list of possible potential error codes that you may receive can be found below.
| Error Code | Error Message |
|---|---|
| 02000 | authentication failed. |
| 02001 | request params not valid. |
| 02003 | payMethod not support. |
| 02004 | the payment reference already exists. |
| 02002 | merchant not configured with this function. |
| 02007 | merchant not available. |
| 50003 | service not available, please try again. |
