Send OTP
Submit OTP to complete transaction.
OPay Send OTP
For calling the API using the POST method you can use these endpoint URLs:
In case you are still in the developing phase, use the following staging API endpoint URL
Staging
https://testapi.opaycheckout.com/api/v1/payment/action/resend-otp
Once you are ready for production, you should use the production URL below:
Production
https://liveapi.opaycheckout.com/api/v1/payment/action/resend-otp
Request Parameters:
- Header: Authorization(API Calls Signature), MerchantId
- Json object containing the transaction information:
Authorization : Bearer {signature}
MerchantId : 256612345678901
{
"country":"NG",
"orderNo":"220524147840658471815"
}
HTTP POST parameters
Here is a detailed description for the parameters you need to complete the POST request:
An example call of Input OTP API is as follows :
class SendOtpController
{
private $secretkey;
private $merchantId;
private $url;
public function __construct() {
$this->merchantId = '278421062352020';
$this->secretkey = 'OPAYPRV1641***********926';
$this->url = 'https://testapi.opaycheckout.com/api/v1/payment/action/resend-otp';
}
public function test(){
$data = [
"country" => "NG",
"orderNo" => "220524147840658585383"
];
$data2 = (string) json_encode($data,JSON_UNESCAPED_SLASHES);
$auth = $this->auth($data2);
$header = ['Content-Type:application/json', 'Authorization:Bearer '. $auth, 'MerchantId:'.$this->merchantId];
$response = $this->http_post($this->url, $header, json_encode($data));
$result = $response?$response:null;
return $result;
}
private function http_post ($url, $header, $data) {
if (!function_exists('curl_init')) {
throw new Exception('php not found curl', 500);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
$response = curl_exec($ch);
$httpStatusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$error=curl_error($ch);
curl_close($ch);
if (200 != $httpStatusCode) {
print_r("invalid httpstatus:{$httpStatusCode} ,response:$response,detail_error:" . $error, $httpStatusCode);
}
return $response;
}
public function auth ( $data ) {
$secretKey = $this->secretkey;
$auth = hash_hmac('sha512', $data, $secretKey);
return $auth;
}
}
const request = require('request');
var sha512 = require('js-sha512');
const formData = {
"country":"NG",
"orderNo":"220524147840658585383"
};
var privateKey = "OPAYPRV1641***********926"
var hash = sha512.hmac.create(privateKey);
hash.update(JSON.stringify(formData));
hmacsignature = hash.hex();
console.log(hmacsignature)
request({
url: 'https://testapi.opaycheckout.com/api/v1/payment/action/resend-otp',
method: 'POST',
headers: {
'MerchantId': '278421062352020',
'Authorization': 'Bearer '+hmacsignature
},
json: true,
body: formData
}, function (error, response, body) {
console.log('body: ')
console.log(body)
}
)
curl --location --request POST 'https://testapi.opaycheckout.com/api/v1/payment/action/resend-otp' \
--header 'MerchantId: 278421062352020' \
--header 'Authorization: Bearer c76b6906b728d1adfd0f9bef05758c7b640348b4c734a73b5b83db4fb5f87dec2835e1a974c8d458241ab811707662769ed276b7a809c8413d174fd158b06060' \
--header 'Content-Type: application/json' \
--data-raw '{
"country":"NG",
"orderNo":"220209140595649129"
}'
import com.google.gson.Gson;
import org.apache.commons.codec.binary.Hex;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.TreeMap;
import java.util.UUID;
public class SendOtp {
private static final String privateKey = "OPAYPRV1641***********926";
private static final String endpoint = "https://testapi.opaycheckout.com";
private static final String merchantId = "278421062352020";
public static void main(String[] args) throws Exception {
String addr = endpoint + "/api/v1/payment/action/resend-otp";
Gson gson = new Gson();
TreeMap order = new TreeMap<>();
order.put("country","NG");
order.put("orderNo","220524147840658585383");
String requestBody = gson.toJson(order);
System.out.println("--request:");
System.out.println(requestBody);
String oPaySignature = hmacSHA512(requestBody, privateKey);
System.out.println("--signature:");
System.out.println(oPaySignature);
URL url = new URL(addr);
HttpURLConnection con = (HttpURLConnection)url.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json; utf-8");
con.setRequestProperty("Authorization", "Bearer "+oPaySignature);
con.setRequestProperty("MerchantId", merchantId);
con.setDoOutput(true);
OutputStream os = con.getOutputStream();
byte[] input = requestBody.getBytes(StandardCharsets.UTF_8);
os.write(input, 0, input.length);
BufferedReader br = new BufferedReader(new InputStreamReader(con.getInputStream(), StandardCharsets.UTF_8));
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println("--response:");
System.out.println(response.toString());
//close your stream and connection
}
public static String hmacSHA512(final String data, final String secureKey) throws Exception{
byte[] bytesKey = secureKey.getBytes();
final SecretKeySpec secretKey = new SecretKeySpec(bytesKey, "HmacSHA512");
Mac mac = Mac.getInstance("HmacSHA512");
mac.init(secretKey);
final byte[] macData = mac.doFinal(data.getBytes());
byte[] hex = new Hex().encode(macData);
return new String(hex, StandardCharsets.UTF_8);
}
}
Note
Header must contain the "Signature" , "MerchantId"
Signature is calculated using SHA-512 HMAC signed with your Private Key. See API Calls Signature section for more details.
Input OTP Response
Response Parameters:
The parameters contained in the response received whenever you call the Transaction Create API as a JSON Object.
{
"code": "00000",
"message": "SUCCESSFUL",
"data": {
"reference": "qur-20221653378258586",
"orderNo": "220524147840658471815",
"nextAction": {
"actionType": "INPUT_OTP"
},
"status": "PENDING",
"amount": {
"total": 10000,
"currency": "NGN"
},
"vat": {
"total": 0,
"currency": "NGN"
}
}
}
Here is a detailed description for the parameters received in the response:
| Parameter | type | Description | example | |
|---|---|---|---|---|
| reference | String |
Unique merchant payment order number. | 937102167 | |
| orderNo | String |
Unique Opay payment order number. | 211004140885521681 | |
| status | enum |
[INITIAL, PENDING, SUCCESS, FAIL, CLOSE] | SUCCESS | |
| amount | ||||
| currency | String |
Currency | NGN | |
| total | Long |
amount(cent unit). | 400 | |
| vat | ||||
| currency | String |
Currency | NGN | |
| total | Long |
amount(cent unit). | 10 | |
| nextAction | ||||
| actionType | String |
Next action type | INPUT_OTP,REDIRECT_3DS,INPUT_PIN | |
| failureCode | String |
fail error code. | payment fail error code, not blank when status [FAIL/CLOSE] | |
| failureReason | String |
fail error message. | payment fail error message, not blank when status [FAIL/CLOSE] | |
Error Handling
After submitting an API call to OPay, you receive a response back to inform you that
your request was received and processed. A successful OPay API should return a status code 00,
meanwhile, in a situation where any payment processing error occurred, you will receive an error code with a
message to describe the reason of the error. A sample error response can be found below.
{
"code": "02006",
"message": "payment not found."
}
Depending on the HTTP status code of the response, you should build some logic to handle any errors that a request or the system may return. A list of possible potential error codes that you may receive can be found below.
| Error Code | Error Message |
|---|---|
| 02000 | authentication failed. |
| 02001 | request params not valid. |
| 02003 | payMethod not support. |
| 02004 | the payment reference already exists. |
| 02002 | merchant not configured with this function. |
| 02007 | merchant not available. |
| 50003 | service not available, please try again. |
