Developer Suite
Register Sandbox
Register Sandbox
  1. Credentials on File
  • Overview
  • Ecommerce Checkout
    • Purchase
      POST
    • Get a transaction details
      POST
    • Close transaction
      POST
    • Check transaction
      POST
    • Refund API
      POST
    • Get transaction list
      POST
    • Exchange rate
      POST
  • Checkout Plugins
    • Prestashop
    • Woocommerce
  • Credentials on File
    • Link Account
      POST
    • Link Card
      POST
    • Purchase using token
      POST
    • Remove account token
      POST
    • Remove card token
      POST
    • Get linked account details
      POST
  • ABA QR API
    • QR API
      POST
  • Payment Link
    • Create payment link
      POST
    • Get payment link details
      POST
  • Pre-auth
    • Complete pre-auth transactions
      POST
    • Complete pre-auh transaction with payout
      POST
    • Cancel pre-purchase transaction
      POST
  • Payout
    • Payout
      POST
    • Update a beneficiary status
      POST
    • Add a beneficiary to whitelist
      POST
  • KHQR Guideline
  • Resources
  1. Credentials on File

Link Card

POST
/api/payment-gateway/v1/cof/initial
The API returns HTML, allowing users to enter their credit/debit card details (Visa, Mastercard, JCB, and UPI) to link their card to your platform. Once the user has completed the linking process, PayWay will send the account details and token to the merchant via the return_url.

💡

Before using this API, please ensure that your profile has the Card on File feature enabled.
If your merchant profile has not enabled this feature yet, please contact our merchant digital support at digitalsupport@ababank.com for a sandbox profile.
For a production merchant profile, please contact our merchant acquisition team at paywaysales@ababank.com.

Place this code snippet to your project and point action of the form to the correct url environment.

Request

Header Params
Content-Type
string 
required
Example:
multipart/form-data
Body Params multipart/form-data
merchant_id
string 
required
A unique merchant key which provided by ABA Bank.
ctid
string 
required
Your consumer identification number.
return_param
string 
required
Extra information that you want to include when payment gateway call your return_url.
firstname
string 
optional
Your consumer first name.
lastname
string 
optional
Your consumer last name.
email
string 
optional
Your consumer name.
phone
string 
optional
Your consumer phone.
return_url
string 
optional
Once the user has linked their card, the details of the token and other important information will be sent via this URL.
This is an optional field. If left empty, it will default to the merchant profile’s pushback_url.
If you provide a value, ensure that your domain is whitelisted in your merchant profile.
continue_add_card_success_url
string 
optional
After linking their card, the user will see a success screen with a Done button.
Your continue_add_card_success_url will be embedded in this button. When the user taps Done, they will be redirected to your platform.
hash
string 
required
The hash is a Base64-encoded HMAC-SHA512 hash of the concatenated values: merchant_id, ctid, and return_param with public_key.
PHP Sample Code

Request samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST '/api/payment-gateway/v1/cof/initial' \
--header 'Content-Type: multipart/form-data' \
--form 'merchant_id=""' \
--form 'ctid=""' \
--form 'return_param=""' \
--form 'firstname=""' \
--form 'lastname=""' \
--form 'email=""' \
--form 'phone=""' \
--form 'return_url=""' \
--form 'continue_add_card_success_url=""' \
--form 'hash=""'

Responses

🟢200OK
text/html
Body
object {0}
Example
<!DOCTYPE html>
<html data-capo="">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalab
<title>PayWay - Checkout</title>
...
</head>
<body>
...
</body>
</html>
Previous
Link Account
Next
Purchase using token