OPay Query Refund Status

Stay informed with the status of the requested and processed refunds by using OPay Query Refund Status API.

Query Refund Status

You can get the status of a requested refund by using the Query Refund Status API.

For calling the API using the POST method you can use this endpoint URL:

In case you are still in the developing phase, use the following staging API endpoint URL




Once you have a fully tested payment flow and you are ready for production, Use the following production API endpoint URL instead




Request Parameters:

  1. Header: Authorization(API Calls Signature), MerchantId
                            Authorization    : Bearer {signature}
                            MerchantId   : 256612345678901

  3. Json object containing the transaction information:
                                    "reference": "12312321324",
                                    "country": "NG"

HTTP POST Parameters

Here is a detailed description for the parameters you need to complete the POST request:

Parameter type required Description
reference String required Merchant refund order number.
country String required Country Code.

An example call of Query Refund Status API is as follows :

                            class PaymentRefundStatusController
                                private $secretkey;
                                private $merchantId;
                                private $url;

                                public function __construct() {
                                    $this->merchantId = '281821110129700';
                                    $this->secretkey = 'OPAYPRV*******0187828';
                                    $this->url = 'https://testapi.opaycheckout.com/api/v1/international/payment/refund/query';

                                public function test(){
                                    $data = [
                                        'country' =>  'NG',
                                        'reference' =>  '04123398910033621'
                                    $data2 = (string) json_encode($data,JSON_UNESCAPED_SLASHES);
                                    $auth = $this->auth($data2);
                                    $header = ['Content-Type:application/json', 'Authorization:Bearer '. $auth, 'MerchantId:'.$this->merchantId];
                                    $response = $this->http_post($this->url, $header, json_encode($data));
                                    $result = $response?$response:null;
                                    return $result;

                                private function http_post ($url, $header, $data) {
                                    if (!function_exists('curl_init')) {
                                        throw new Exception('php not found curl', 500);
                                    $ch = curl_init();
                                    curl_setopt($ch, CURLOPT_TIMEOUT, 60);
                                    curl_setopt($ch, CURLOPT_URL, $url);
                                    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
                                    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
                                    curl_setopt($ch, CURLOPT_HEADER, false);
                                    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                                    curl_setopt($ch, CURLOPT_POST, true);
                                    curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
                                    curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
                                    $response = curl_exec($ch);
                                    $httpStatusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
                                    if (200 != $httpStatusCode) {
                                        print_r("invalid httpstatus:{$httpStatusCode} ,response:$response,detail_error:" . $error, $httpStatusCode);
                                    return $response;
                                public function auth ( $data ) {
                                    $secretKey = $this->secretkey;
                                    $auth = hash_hmac('sha512', $data, $secretKey);
                                    return $auth;


                                # importing the requests library
                                import requests
                                # CashierAPI Endpoint
                                URL = "https://testapi.opaycheckout.com/api/v1/international/payment/refund/query"

                                # defining a params dict for the parameters to be sent to the API
                                PaymentData = {
                                    'reference': '12312321324',
                                    'country': 'NG'
                                # Prepare Headers
                                headers = {
                                    'Content-Type' : 'application/json',
                                    'Accept'       : 'application/json',
                                    'Authorization': 'Bearer {signature}',
                                    'MerchantId'   : '256612345678901'
                                # sending post request and saving the response as response object
                                status_request = requests.post(url = URL, params = json.dumps(PaymentData))

                                # extracting data in json format
                                status_response = status_request.json()
                                const request = require('request');
                                var sha512 = require('js-sha512');
                                const formData = {
                                  "country": "NG",
                                  "reference": "04123398911111"

                                var privateKey = "OPAYPRV*******0187828"

                                var hash = sha512.hmac.create(privateKey);
                                hmacsignature = hash.hex();
                                    url: 'https://testapi.opaycheckout.com/api/v1/international/payment/refund/query',
                                    method: 'POST',
                                    headers: {
                                      'MerchantId': '256621051120756',
                                      'Authorization': 'Bearer '+hmacsignature
                                    json: true,
                                    body: formData
                                  }, function (error, response, body) {
                                    console.log('body: ')

                                curl --location --request POST 'https://testapi.opaycheckout.com/api/v1/international/payment/refund/query' \
                                --header 'MerchantId: 256621051120756' \
                                --header 'Authorization: Bearer 38017496e*******2ab0297d1de8905cb7d85a043d9084254e61a8da6093b6f155550ff51891dca9f9889a' \
                                --header 'Content-Type: application/json' \
                                --data-raw '{
                                    "reference": "04123398911111",
                                    "country": "NG"
                            import com.google.gson.Gson;
                            import org.apache.commons.codec.binary.Hex;
                            import javax.crypto.Mac;
                            import javax.crypto.spec.SecretKeySpec;
                            import java.io.BufferedReader;
                            import java.io.InputStreamReader;
                            import java.io.OutputStream;
                            import java.net.HttpURLConnection;
                            import java.net.URL;
                            import java.nio.charset.StandardCharsets;
                            import java.util.TreeMap;

                            public class PaymentRefundStatus {

                                private static final String privateKey = "OPAYPRV*******0187828";

                                private static final String endpoint = "https://testapi.opaycheckout.com";

                                private static final String merchantId = "256621051120756";

                                public static void main(String[] args) throws Exception {
                                    String addr = endpoint + "/api/v1/international/payment/refund/query";
                                    Gson gson = new Gson();
                                    TreeMap order = new TreeMap<>();
                                    order.put("reference", "56ed8ea1-ea00-48bf-8a71-a9cd5700b345");
                                    order.put("country", "NG");

                                    String requestBody = gson.toJson(order);
                                    String oPaySignature = hmacSHA512(requestBody, privateKey);

                                    URL url = new URL(addr);
                                    HttpURLConnection con = (HttpURLConnection)url.openConnection();
                                    con.setRequestProperty("Content-Type", "application/json; utf-8");
                                    con.setRequestProperty("Authorization", "Bearer "+oPaySignature);
                                    con.setRequestProperty("MerchantId", merchantId);
                                    OutputStream os = con.getOutputStream();
                                    byte[] input = requestBody.getBytes(StandardCharsets.UTF_8);
                                    os.write(input, 0, input.length);
                                    BufferedReader br = new BufferedReader(new InputStreamReader(con.getInputStream(), StandardCharsets.UTF_8));
                                    StringBuilder response = new StringBuilder();
                                    String responseLine = null;
                                    while ((responseLine = br.readLine()) != null) {

                                    //close your stream and connection

                                public static String hmacSHA512(final String data, final String secureKey) throws Exception{
                                    byte[] bytesKey = secureKey.getBytes();
                                    final SecretKeySpec secretKey = new SecretKeySpec(bytesKey, "HmacSHA512");
                                    Mac mac = Mac.getInstance("HmacSHA512");
                                    final byte[] macData = mac.doFinal(data.getBytes());
                                    byte[] hex = new Hex().encode(macData);
                                    return new String(hex, StandardCharsets.UTF_8);

                            using System;
                            using System.IO;
                            using System.Linq;
                            using System.Net;
                            using System.Text;
                            using Newtonsoft.Json;
                            namespace OPayRequest
                                public class Program
                                    static void Main(string[] args)
                                        PostJson("https://testapi.opaycheckout.com/api/v1/international/transaction/refund/status ", new opay_request
                                            reference    = '12312321324',
                                            refundNo  = '10343543543532432',

                                    private static void PostJson(string uri, opay_request postParameters)
                                        string postData = JsonConvert.SerializeObject(postParameters);
                                        byte[] bytes = Encoding.UTF8.GetBytes(postData);
                                        var httpWebRequest = (HttpWebRequest) WebRequest.Create(uri);
                                        httpWebRequest.Method = "POST";
                                        httpWebRequest.ContentLength = bytes.Length;
                                        httpWebRequest.ContentType = "text/json";
                                        using (Stream requestStream = httpWebRequest.GetRequestStream())
                                            requestStream.Write(bytes, 0, bytes.Count());
                                        var httpWebResponse = (HttpWebResponse) httpWebRequest.GetResponse();
                                        if (httpWebResponse.StatusCode != HttpStatusCode.OK)
                                            string message = String.Format("GET failed. Received HTTP {0}", httpWebResponse.StatusCode);
                                            throw new ApplicationException(message);

                                public class opay_request
                                    public string reference { get; set; }
                                    public string refundNo { get; set; }



Header must contain the "Signature" , "MerchantId"

Signature is calculated using SHA-512 HMAC signed with your Private Key. See API Calls Signature section for more details.

Transaction Status Response

Response Parameters:

The parameters contained in the response received whenever you call the Transaction Create API as a JSON Object.

                      "code": "00000",
                      "message": "SUCCESSFUL",
                      "data": {
                        "reference": "03948512001",
                        "originalReference": "03948512",
                        "orderNo": "211003140885499643",
                        "originalOrderNo": "211003140885503763",
                        "country": "NG",
                        "orderStatus": "SUCCESS"

Here is a detailed description for the parameters received in the response:

Parameter type Description example
reference String Merchant's refund order number. 03948512001
originalReference String Merchant's original order number. 03948512
orderNo String OPay refund order number. 211003140885499643
originalOrderNo String OPay original order number. 10212100000034000
total Integer amount(cent unit). 400
currency String Currency type.See full list here NGN
country String Country Code.See full list here NG
errorCode String errorCode. NG
errorMsg String errorMsg. NG


Error Handling

After submitting an API call to OPay, you receive a response back to inform you that your request was received and processed. A successful OPay API should return a status code 00, meanwhile, in a situation where any payment processing error occurred, you will receive an error code with a message to describe the reason of the error. A sample error response can be found below.

                            "code": "02006",
                            "message": "payment not found."

Depending on the HTTP status code of the response, you should build some logic to handle any errors that a request or the system may return. A list of possible potential error codes that you may receive can be found below.

Error Code Error Message
02000 authentication failed.
02001 request params not valid.
02006 not found.
02002 merchant not configured with this function.
02007 merchant not available.
50003 service not available, please try again.

What's Next?

User Profile 12 messages

James Jones
Application Developer
Recent Notifications
Another purpose persuade Due in 2 Days
Would be to people Due in 2 Days
The best product Due in 2 Days