Developer Suite
Register Sandbox
Register Sandbox
  1. Credentials on File
  • Overview
  • API Endpoints
  • Ecommerce Checkout
    • Purchase
      POST
    • Get a transaction details
      POST
    • Close transaction
      POST
    • Check transaction
      POST
    • Refund API
      POST
    • Get transaction list
      POST
    • Exchange rate
      POST
  • Plugins
    • Shopify
    • Prestashop
    • Woocommerce
  • Credentials on File
    • Unschedule Payment
    • Schedule Payment
    • Link Account
      POST
    • Link Card
      POST
    • Payment
      POST
    • Renew Token
      POST
    • Get token details
      POST
    • Remove token
      POST
    • Subscription
      POST
  • ABA QR API
    • QR API
      POST
  • Payment Link
    • Create payment link
      POST
    • Get payment link details
      POST
  • Pre-auth
    • Complete pre-auth transactions
    • Complete pre-auh transaction with payout
    • Cancel pre-purchase transaction
  • Payout
    • Payout
    • Update a beneficiary status
    • Add a beneficiary to whitelist
  • KHQR Guideline
    • Get transactions
  • Resources
  1. Credentials on File

Renew Token

POST
api/payment-credential/v3/token-management/renew-expired-account-token
Account tokens linked with the CITI_FLEX or CITO_FLEX flags will expire 90 days after their initial linking, renewal, or the last successful transaction—whichever is most recent. There are several ways for customers to renew the token:
ABA Mobile App: Users can view expired tokens in the ABA Mobile app and initiate the renewal directly from there.
Your Website/Application: Your platform shall provide a feature that allows customers to renew their tokens.
Imporant Note
This API is used to renew account tokens only and does not apply to card tokens.
The token can be renewed even if it is still active. Once the customer approves the request, the validity period will be extended for another 90 days, while all other token details remain unchanged.
Via Your Website/Application
Via ABA Mobile App
Renew token.png
User renew from your website/applicaiton
You should receive the callback result within 3 minutes. If you do not receive the callback, we recommend using the Get token details API to retrieve the token information.
PayWay utilizes the callback_url defined in your Merchant Portal under Outlet Profile > Services > Card on File (CoF). This endpoint acts as the primary listener for asynchronous token info. Below is a sample payload of the callback data received once a user approves the request within the ABA Mobile app.
{
    "payment_credential": {
        "ctid": "SIDARA",
        "amount_limit_per_tran": 0,
        "token_flag": "CITI_FLEX",
        "source_of_fund": "*****1481",
        "subscribed_amount": 0.0,
        "currency": "USD",
        "expired_at": "2026-06-07T15:47:38.8884292+07:00",
        "pwt": "6451397B0BC9...E807",
        "type": "ABA ACCOUNT",
        "status": 1,
        "frequency": ""
    },
    "request_id": "6547709733"
}

Request

Header Params

Body Params application/json

Request Code Samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location 'https://checkout-sandbox.payway.com.kh/api/payment-credential/v3/token-management/renew-expired-account-token' \
--header 'Content-Type: application/json' \
--data '{
    "request_time": "string",
    "merchant_id": "string",
    "request_id": "string",
    "ctid": "string",
    "pwt": "string",
    "hash": "string"
}'

Responses

🟢200OK
application/json
Bodyapplication/json

Examples
{
    "status": {
        "code": "00",
        "tran_id": "175576524786847",
        "message": "Success"
    }
}
đźź 400Bad Request
đźź 403Forbidden
Previous
Payment
Next
Get token details