Developer Suite
Register Sandbox
Register Sandbox
  1. Credentials on File
  • Overview
  • API Endpoints
  • Ecommerce Checkout
    • Purchase
      POST
    • Get a transaction details
      POST
    • Close transaction
      POST
    • Check transaction
      POST
    • Refund API
      POST
    • Get transaction list
      POST
    • Exchange rate
      POST
  • Checkout Plugins
    • Prestashop
    • Woocommerce
  • Credentials on File
    • Link Account
      POST
    • Link Card
      POST
    • Purchase using token
      POST
    • Remove account token
      POST
    • Remove card token
      POST
    • Get linked account details
      POST
  • ABA QR API
    • QR API
      POST
  • Payment Link
    • Create payment link
      POST
    • Get payment link details
      POST
  • Pre-auth
    • Complete pre-auth transactions
      POST
    • Complete pre-auh transaction with payout
      POST
    • Cancel pre-purchase transaction
      POST
  • Payout
    • Payout
    • Update a beneficiary status
    • Add a beneficiary to whitelist
  • KHQR Guideline
  • Resources
  1. Credentials on File

Purchase using token

POST
api/payment-gateway/v1/payments/purchase
This API supports both card tokens and account tokens.

Request

Header Params
Content-Type
string 
required
Example:
application/json
Body Params application/json
req_time
string 
required
Request date and time in UTC format as YYYYMMDDHHmmss.
merchant_id
string 
required
A unique merchant key provided by ABA Bank.
<= 20 characters
tran_id
string 
required
A unique transaction ID for the payment.
<= 20 characters
ctid
string  | null 
required
Your consumer token
<= 255 characters
pwt
string  | null 
required
PayWay-issued token.
<= 255 characters
firstname
string 
optional
Buyer's first name.
<= 20 characters
lastname
string 
optional
Buyer's last name.
<= 20 characters
email
string 
optional
Buyer's email.
<= 50 characters
phone
string 
optional
Buyer's phone.
<= 20 characters
type
string 
optional
The type of transaction. The default value is 'purchase'. Supported values:
pre-auth : Pre-authorization (for pre-purchase).
purchase : Full purchase transaction.
<= 20 characters
items
string 
optional
A base64-encoded JSON array listing the items included in the transaction.
PHP Sample Code
Note: This is for description purposes only. The price or quantity in this information will not be used for calculations or validation
<= 500 characters
shipping
number 
optional
Shipping fee.
amount
number 
required
Total purchase amount (exclude shipping fee)
return_url
string 
optional
The URL where PayWay will send the payment notification upon success.
custom_fields
string 
optional
Additional information you want to attach to the transaction.
This information appears in transaction details, lists, and export reports.
Must be base64-encoded JSON.
return_params
string 
optional
Information to include when PayWay call your return URL after payment completed.
payout
string 
optional
Base64-encoded JSON string representing payout details
PHP Sample Code
hash
string 
required
Base64-encoded HMAC-SHA512 hash of concatenated values req_time, merchant_id, tran_id, amount, items, shipping, ctid, pwt, firstname, lastname, email, phone, type, return_url, currency, custom_fields, return_params, and payout, using public_key.
PHP Sample Code
Example
{
  "req_time": "20250312075529",
  "merchant_id": "xxxxx",
  "type": "pre-auth",
  "items": "Nlx1MTc5NFx1MTdiY...MDAwLjAwIn1d",
  "amount": 60000,
  "tran_id": "17417661239",
  "continue_success_url": "demo-payway-uat.ababank.com",
  "return_url": "aHR0cHM6Ly9kZW1vLXBheXdhe..NzY2MTIzOQ==",
  "return_param": "OTg0OQ==",
  "hash": "QRzyIlknvaVA..jXvkA==",
  "custom_fields": "eyJteV9jdXN0bMSI6I..lfY3VzdG9tX2ZpZWDE3NjYxMjl9",
  "firstname": "QA",
  "lastname": "Sakada",
  "phone": "017582717",
  "email": "sakadaqa@gmail.com"
}

Request samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'api/payment-gateway/v1/payments/purchase' \
--header 'Content-Type: application/json' \
--data-raw '{
    "req_time": "20250312075529",
    "merchant_id": "xxxxx",
    "type": "pre-auth",
    "items": "Nlx1MTc5NFx1MTdiY...MDAwLjAwIn1d",
    "amount": 60000,
    "tran_id": "17417661239",
    "continue_success_url": "demo-payway-uat.ababank.com",
    "return_url": "aHR0cHM6Ly9kZW1vLXBheXdhe..NzY2MTIzOQ==",
    "return_param": "OTg0OQ==",
    "hash": "QRzyIlknvaVA..jXvkA==",
    "custom_fields": "eyJteV9jdXN0bMSI6I..lfY3VzdG9tX2ZpZWDE3NjYxMjl9",
    "firstname": "QA",
    "lastname": "Sakada",
    "phone": "017582717",
    "email": "sakadaqa@gmail.com"
}'

Responses

🟢200Success
application/json
Body
tran_id
string 
required
Your unique transaction id.
payment_status
object 
required
status
string 
required
0 represent success payment
code
string 
required
Code CDA00 for success payment, other case pelase check response 403.
description
string 
required
Please see the property reponse code for the details.
pw_tran_id
string 
required
Your unique transaction id.
Examples
{
  "tran_id": "trx-20201019130949",
  "payment_status": {
    "status": "0",
    "code": "CDA00",
    "description": "OK",
    "pw_tran_id": "trx-20201019130949"
  }
}
🟠403Forbidden
Previous
Link Card
Next
Remove account token