Our RESTful API enables simple integration to send requests and get responses for all activities. Xendit provides many ways to shoot API requests. You can decide what to use by reading about our integrations here.
Our API Reference contains all the information you need for API integration, such as Requests to post us, and Responses and Callbacks you get. We use HTTPS to ensure all communication is secured and encrypted. Furthermore, this way, response codes can easily indicate API errors.
Below is how Xendit API integration works:
Authentication is the first step you need to do before using the API. Please make sure that you have authenticated your account or else the requests will fail. Include your Secret API Key in the requests to authenticate your account.
Go to Dashboard > Settings > API Keys to find the keys for both Development and Production Environments. Your API Keys should be kept private to ensure your security.
The Get Balance request lets you retrieve the balance of your cash account. This is an alternative way to check the balance of your Dashboard through using API.
Xendit maximizes card acceptance rate for Indonesian and foreign cards by supporting credit and debit cards from around the world
The request of tokenization converts your customer's card number and expiry date into a token to save sensitive credit card numbers. You need to use your public API Key to tokenize. There are two types of token: single use and multiple use token. You are welcome to use the request according to what you need.
By default, authentication (3DS) is required, do contact us if you would like to skip this step. This authentication request is used to verify the identity of a card holder and is useful to protect you from chargebacks. This request is used to create an authentication_id to authenticate a charge.
This request will create a charge on a card using the created token. You can choose whether to charge a card immediately or to hold funds by creating authorization. By default, the charge type is set to true to capture funds immediately. If you set it to false, it will create authorization.
If you have set charge type to false when creating a charge, funds will be hold and you need to use this request to capture the charge.
This request is available to query the status of your charge of which the result will be in the response. This request will tell you whether your charge is captured or failed.
Use this request to create a refund for the charged transaction. You can request partial refunds as long as the total amount does not exceed the total charged amount. The response will always give PENDING status.
Callback is given when the refund process has been finished.
Use this request to charge recurring credit card payment. Configure the interval of charge and Xendit will charge according to what you configure.
Subscription callback is given every time a charge is created at the interval you have configured.
This request is used to query the status of your subscription. The response will give whether the status is ACTIVE, CANCELED, or FAILED.
Use this request when you want to cancel a subscription you have made.
Fraud detection lets you calculate the risk of your charge. You will need a fraudData object used when you Create Token. The response will tell you the fraud risk, and the parameter is on the scale of 0-100.
Please note that these requests are applied to Fixed Virtual Accounts, as Non-Fixed Virtual accounts are automatically created when you create an Invoice.
We need to set the range of Fixed Virtual Account before you can create one (even in Development Mode), so please do contact us to help you with assigning this range.
Get Banks for Virtual Accounts
This request is used to query the available banks to make your Fixed Virtual Accounts. We support Virtual Accounts for BCA, Mandiri, BRI, and BNI. Do inform us to enable or disable specific banks based on your needs.
Create Fixed Virtual Account
Use this request to create Fixed Virtual Accounts using the range that we have set for you. In this request, you could configure the types of Fixed Virtual Account you would like to create, whether it is opened or closed, single or multiple use. You can also give a name to the Fixed Virtual Accounts you create.
Learn more about the types of Fixed Virtual Accounts here.
Update Fixed Virtual Accounts
Our Fixed Virtual Account is adaptable, and you can use this request to adjust changes to your Fixed Virtual Accounts that you have created based on your needs. You can change the suggested, expected amount, and the expiration date of your Fixed Virtual Accounts. You can also change whether it is single or multiple use. Please note that you cannot change Fixed Virtual Account type to be opened or closed once you have created it.
Fixed Virtual Accounts Callback
Once a payment has been made to your Fixed Virtual Account, Xendit will send you a callback by hitting your callback URL that you have configured in your dashboard for Fixed Virtual Account.
Get Fixed Virtual Account Payment
When you receive a callback for Fixed Virtual Account, you can check if the callback was really sent by Xendit through this request.
Get Fixed Virtual Account
You can use this request to query the latest status of your Fixed Virtual Account. The response will tell you whether a Fixed Virtual Account it active or inactive. Inactive means that a single use Fixed Virtual Account is paid OR it is expired, while active means that your Fixed Virtual Account has not expired and can be paid.
This request is used to create an invoice. You can configure the amount and description of the invoice you are charging.Also, you can link a Fixed Virtual Account that you have created with an invoice and set whether you want an email sent to your customer. You will receive a response instantly when your request hits our server.
Get an Invoice
Get an invoice request is used to know the status of the invoice you have created, and the response tells you whether an invoice is pending or completed.
Our system sends your callback to the Callback URL you have configured on your dashboard after an invoice has been paid. You can test this callback, later in Production Mode. It’s your choice what to do with our callback.
This request is used to create a direct disbursement. You can configure the amount and recipient of your transfer. We will return a response when your request hits our server.
Using this request, you get to know the status of your disbursement: pending, in progress, completed, or failed.
We will send you callback upon successful disbursement. This section is to give you overview of the callback scheme we do.
Get Available Disbursement Banks
This request is used to query the available banks we support for your disbursements. We support 140+ banks, including BPDs and BPRs (Bank Prekreditan Daerah and Bank Prekreditan Rakyat). Find the full list of banks that we support here.
Create Batch Disbursement
This request is an alternative way of making batch disbursements via CSV upload in your dashboard. Generally, it works the same way as uploading the CSV file.
Batch Disbursement Callback
After batch disbursement is created via API, go to your Dashboard to approve the batch disbursement and validate the name mismatches if there are any. After these steps have been taken, we will send you callback upon successful, failed, or deleted batch disbursement.
Get Available Disbursement Banks
This request is used to query the available banks we support for your disbursements. We support 140+ banks, including BPDs and BPRs (Bank Prekreditan Daerah and Bank Prekreditan Rakyat). Find the full list of banks we support here.
Name validator is used to verify the name of a bank account holder before you do disbursements. This requests would need to look up data from banks and it may take a few seconds. If it is not cached directly in the response, we will return the result in a callback.
Use this request to verify NPWP.It is used to look up the account holder name of a NPWP in Indonesia. You may find this request helpful to verify the legality and identity of their customers.
Error codes are given when your requests fail. Below are some of the most common ones:
|404||Page or data not found|
Upon successful transactions, we will send callbacks to your webhook (callback server). In order to receive callbacks from Xendit, you will need to set your callback URL.
Setting Up Callback URL
You can configure the callback URL in your Dashboard > Settings > Configuration. We provide different URLs for different transactions, and you are given flexibility in the set up.
Below is an example of where to set up callback URL for Invoice:
Callback URL Requirements:
Callback URL needs to be a HTTPS with SSL ( Standard Socket Layer), which is our standard security protocol Test callback will work if the callback URL you put is in the right format