Overview
With this service, the calling apps can KYC a customer's account number or other authorization details like cards or wallets. This service will only return minimal KYC information. Apps will collect the account number they will like to obtain information on and forward it to OnePipe. If authorization details are required by a provider, apps will have to provide this. OnePipe will in turn forward to the provider’s dedicated implementation.
Before you proceed: Please read this.
Commercial model
At agreed settlement cycles, the host will debit the configured beneficiary account of the app for the use of this API and share that fee with all participants. Fees will be determined by the provider. Parties that share the fees are:
OnePipe
Host client
Provider
ISO
Special configuration notes
OTP override: All providers of this service should implement OTP, but support the configuration of otp_override such that based on this configuration, they could be instructed to bypass the OTP requirement for an app.
Settlement & fees model
Model | How it works |
|---|---|
Invoice | The host client will invoice the calling app periodically for all calls to the endpoint. |
Process flows
Sequence of calls
App calls
/transactwith the right auth detailsProvider responds with
WaitingForOTPorPendingValidationas may be requiredApp calls
/transact/validateto supply OTP if neededProvider responds with any of the completion codes
SuccessfulorFailed.To query the status of a transaction, the app can call
/transact/queryWhere the provider supports it, the app can call
/transact/reverseto request a reversal
INTERFACE SPECIFICATION (APP → ONEPIPE)
For details on encryption using the Triple DES Algorithm, read this.
Request (Transact)
{
"request_ref":"{{request_ref}}",
"request_type":"lookup_account_min",
"auth": {
"type": "bank.account | card",
"secure": "{{encrypted_secure}}",
"auth_provider": "Beeceptor",
"route_mode": null
},
"transaction": {
"mock_mode": "live",
"transaction_ref": "{{transaction_ref}}",
"transaction_desc": "A random transaction",
"transaction_ref_parent": null,
"amount": 0,
"customer":{
"customer_ref": "{{customer_id}}",
"firstname": "Uju",
"surname": "Usmanu",
"email": "ujuusmanu@gmail.com",
"mobile_no": "234802343132"
},
"meta":{
"a_key":"a_meta_value_1",
"b_key":"a_meta_value_2"
},
"details": null
}
}
Response (when otp_override = false)
{
"status": "WaitingForOTP",
"message": "Please enter the OTP sent to 2348022****08",
"data": {
"provider_response_code": "900T0",
"provider": "Beeceptor",
"errors": null,
"error": null,
"provider_response": null
}
}
Response (when otp_override = true)
{
"status": "Successful",
"message": "Transaction processed successfully",
"data": {
"provider_response_code": "00",
"provider": "Beeceptor",
"errors": null,
"error": null,
"provider_response": {
"customer_id": "007935125",
"account_name": "BOLA SALAMI",
"account_number": "1780161243",
"last_name": "SALAMI",
"first_name": "BOLA",
"middle_name": "-",
"gender": "Female",
"account_currency": "NGN",
"dob": "yyyy-MM-dd-HH-mm-ss"
}
}
}
Request (validate with otp)
{
"request_ref":"{{request_ref}}",
"request_type":"lookup_account_min",
"auth": {
"secure": "{{encrypted_otp}}",
"auth_provider": "Beeceptor"
},
"transaction": {
"transaction_ref": "70713093460718"
}
}
Request Payload Description
Field | Type | Requirement | Description |
|---|---|---|---|
request_ref | string | compulsory | Takes unique value for every request made to OnePipe |
request_type | string | compulsory | This should be set to the service |
auth.type | string | compulsory | This can be set to |
auth.secure | string | compulsory | This is the encrypted value of the source of fund. Depending on the auth type, this can be either bank account, card details, token or wallet details. See details on how to encrypt the secure field. |
auth.provider | string | compulsory | This should be set to the name of the Provider |
auth.route_mode | string | N/A | This can be set to |
transaction.mock_mode | string | optional | This can be set to either |
transaction.transaction_desc | string | optional | Description of your transaction |
transaction.transaction_ref_parent | string | optional | Takes the value of a (parent) transaction reference |
transaction.customer.customer_ref | string | compulsory | Identifier for customer |
transaction.customer.firstname | string | optional | First name of customer |
transaction.customer.surname | string | optional | Surname of customer |
transaction.customer.email | string | optional | The email address of the customer |
transaction.customer.mobile_no | string | optional | Phone number of customer |
transaction.amount | big int | compulsory | This can be set to |
transaction.transaction_ref | string | compulsory | Takes unique value for every transaction call to OnePipe. |
transaction.meta | object | optional | JSON object of your arbitrary transaction parameters |
transaction.details | object | compulsory | Holds defined fields peculiar to this service |
Breakdown of the details object
For this service, the details object will have the following:
Field | Type | Requirement | Description |
|---|---|---|---|
otp_override | boolean | optional | Defaults to |
Possible status response codes
For this service, these are the possible responses a client can receive
Status | Meaning |
|---|---|
Successful | Standard success code |
Failed | Standard failure code |
WaitingForOTP | To signify that this provider has requested an OTP from the customer and it should be supplied. |
PendingValidation | To signify that this provider needs some extra information to be provided. The |
INTERFACE SPECIFICATION (ONEPIPE → PROVIDER MICRO SERVICE)
Request payload from OnePipe to the provider microservice comes encrypted, using the Triple DES Algorithm. See details.
Request (Transact)
{
"request_mode":"transact",
"request_ref":"{{request_ref}}",
"request_type":"lookup_account_min",
"auth": {
"type": "bank.account | card",
"secure": "{{decrypted_secure}}",
"auth_provider": "Beeceptor",
"route_mode": null
},
"transaction": {
"mock_mode": "live",
"transaction_ref": "{{transaction_ref}}",
"transaction_desc": "A random transaction",
"transaction_ref_parent": null,
"amount": 0,
"customer":{
"customer_ref": "{{customer_id}}",
"firstname": "Uju",
"surname": "Usmanu",
"email": "ujuusmanu@gmail.com",
"mobile_no": "234802343132"
},
"meta":{
"a_key":"a_meta_value_1",
"b_key":"a_meta_value_2"
},
"details": {
"otp_override": true
},
"client_info": {
"name": "TrustPay",
"id": null,
"bank_cbn_code": null,
"bank_name": null,
"console_url": null,
"js_background_image": null,
"css_url": null,
"logo_url": "https://trustpay.onepipe.io/img/trustpay_logo_console.png",
"footer_text": "Brought to you by <strong>SunTrust Bank</strong>",
"options": [
"BANK.ACCOUNT",
"CARD"
],
"primary_color": "#b37038",
"secondary_color": "#b37038",
"primary_button_color": "#b37038",
"modal_background_color": "linear-gradient(147.44deg, #d8903c 26.99%, #e69921 74.1%)",
"payment_option_color": "rgba(76, 61, 47, 0.08)",
"payment_option_active_color": "rgba(31, 31, 31, 0.25)",
"app_color": "#b37038"
},
"app_info": {
"name": "Victor Motors",
"id": "5cdab3332b7d4100015f0db4",
"beneficiary_account_no": "0001137069",
"extras": {/*this will contain an array of provider override settings*/}
}
}
}
Response (when otp_override = false)
Set provider_response_code to 900T0
{
"status": "WaitingForOTP",
"message": "Please enter the OTP sent to 2348022****08",
"data": {
"provider_response_code": "900T0",
"provider": "Beeceptor",
"errors": null,
"error": null,
"provider_response": null
}
}
Response (when otp_override = true)
{
"status": "Successful",
"message": "Transaction processed successfully",
"data": {
"provider_response_code": "00",
"provider": "Beeceptor",
"errors": null,
"error": null,
"provider_response": {
"customer_id": "007935125",
"account_name": "BOLA SALAMI",
"account_number": "1780161243",
"last_name": "SALAMI",
"first_name": "BOLA",
"middle_name": "-",
"gender": "Female",
"account_currency": "NGN",
"dob": "yyyy-MM-dd-HH-mm-ss"
}
}
}
Failed Response
In the case of failure or error, the provider should return failure message in this format (encrypted).
{
"status": "Failed",
"message": "Operation was not successful",
"data": {
"provider_responde_code":"91",
"provider": "Beeceptor",
"errors": [
{
"code" : "91",
"message : "Reason why it failed"
}
],
"error": {
"code" : "91",
"message : "Reason why it failed"
},
"provider_response": {
"response_code": "91",
"response_message":"Reason why it failed"
}
}
}
Special notes for OTP override
Whenever a request is to be validated by OTP, the provider microservice should first call the provider, store response info in the database, then respond with WaitingForOTP or PendingValidation. On the OTP validation leg, if user OTP is valid, the provider should retrieve info from the database, then respond with a Successful response.
NB: Data should be erased from the DB upon response.
Dependencies
This service may use the send_otp and validate_otp services behind the scenes to handle the OTP authentication process. Alternatively, it may use the send_sms or send_email services. These services should be invoked by the provider using the API key of the calling app. As such, these services need to be enabled for the calling app as well, otherwise this request would fail.
Add Comment