Overview
With this service, the calling apps can take customer ref and return a masked list of accounts linked to it. Apps will forward the customer ref they will like to obtain information on and forward to OnePipe. If authorisation details are required by a provider, apps will have to provide this. OnePipe will in turn forward to the provider’s dedicated implementation.
Before you proceed: Please read this.
Commercial model
At agreed settlement cycles, the host will debit the configured beneficiary account of the app for the use of this API and share that fee with all participants. Fees will be determined by the provider. Parties that share the fees are:
OnePipe
Host client
Provider
ISO
Settlement & fees model
Model | How it works |
|---|---|
Invoice | The host client will invoice the calling app periodically for all calls to the endpoint, debit the beneficiary account of the app for service used and share with OnePipe, host, provider and ISO |
Special configuration notes
OTP override: All providers of this service should implement OTP, but support the configuration of
otp_overridesuch that based on this configuration, they could be instructed to bypass the OTP requirement for an app.SMS handler: All providers that need to do OTP validation can use the Send SMS and Send Email services on OnePipe to send their OTP.
Process flows
Sequence of calls
App calls
/transactwith the right auth detailsProvider responds with
WaitingForOTPorPendingValidationas may be requiredApp calls
/transact/validateto supply OTP if neededProvider responds with any of the completion codes
SuccessfulorFailed.To query the status of a transaction, the app can call
/transact/queryWhere the provider supports it, the app can call
/transact/reverseto request a reversal
INTERFACE SPECIFICATION (APP → ONEPIPE)
Request (Transact)
{
"request_ref":"{{request_ref}}",
"request_type":"get_accounts_min",
"auth": {
"type": "card | wallet | token", //This only applies if the source is sensitive
"secure": "{{encrypted_secure}}", //This only applies if the source is sensitive
"auth_provider": "Beeceptor",
"route_mode": null
},
"transaction": {
"mock_mode": "live",
"transaction_ref": "{{transaction_ref}}",
"transaction_desc": "A random transaction",
"transaction_ref_parent": null,
"amount": 0,
"customer":{
"customer_ref": "{{customer_id}}", //This is the main source (customer ref)
"firstname": "Uju",
"surname": "Usmanu",
"email": "ujuusmanu@gmail.com",
"mobile_no": "234802343132"
},
"meta":{
"a_key":"a_meta_value_1",
"another_key":"a_meta_value_2"
},
"details": {
"otp_override": true
}
}
}
Response (when otp_override = false)
{
"status": "WaitingForOTP",
"message": "Please enter the OTP sent to 2348022****08",
"data": {
"provider_response_code": "900T0",
"provider": "Beeceptor",
"errors": null,
"error": null,
"provider_response": null
}
}
Response (when otp_override = true)
{
"status": "Successful",
"message": "Transaction processed successfully",
"data": {
"provider_response_code": "00",
"provider": "Beeceptor",
"errors": null,
"error": null,
"provider_response": {
"accounts": [
{
"account_number": "009****000",
"account_name": "Ola Waheed",
"bank_name": "FBN",
"bank_code": "011"
},
{
"account_number": "009****000",
"account_name": "Ola Waheed",
"bank_name": "FBN",
"bank_code": "011"
}
]
}
}
}
Request (validate with otp)
{
"request_ref":"{{request_ref}}",
"request_type":"get_accounts",
"auth": {
"secure": "{{encrypted_otp}}",
"auth_provider": "Beeceptor"
},
"transaction": {
"transaction_ref": "70713093460718"
}
}
Request Payload Description
Field | Type | Requirement | Description |
|---|---|---|---|
request_ref | string | compulsory | Takes unique value for every request made to OnePipe |
request_type | string | compulsory | This should be set to the service |
auth.type | string | compulsory | This can be set to |
auth.secure | string | compulsory | optional | Depending on the provider & sensitivity of data. This is the encrypted value of the source. It can be either card details, token or wallet details. See details on how to encrypt the secure field. |
auth.provider | string | compulsory | This should be set to the name of the Provider |
auth.route_mode | string | N/A | This can be set to |
transaction.mock_mode | string | optional | This can be set to either |
transaction.transaction_desc | string | optional | Description of your transaction |
transaction.transaction_ref_parent | string | optional | Takes value of a (parent) transaction reference |
transaction.customer.customer_ref | string | compulsory | Identifier for customer. This is the actual key field that is meant to be used for the Lookup call by the provider (if not sensitive). It can be a phone number or any other customer id. |
transaction.customer.firstname | string | optional | First name of customer |
transaction.customer.surname | string | optional | Surname of customer |
transaction.customer.email | string | optional | Email address of customer |
transaction.customer.mobile_no | string | optional | Phone number of customer |
transaction.amount | big int | compulsory | This can be set to |
transaction.transaction_ref | string | compulsory | Takes unique value for every transaction call to OnePipe. |
transaction.meta | object | optional | Json object of your arbitrary transaction parameters |
transaction.details | object | compulsory | Holds defined fields peculiar to this service |
Breakdown of the details object
For this service, the details object will have the following:
Field | Type | Requirement | Description |
|---|---|---|---|
otp_override | boolean | optional | Defaults to |
Possible status response codes
For this service, these are the possible responses a client can receive
Status | Meaning |
|---|---|
Successful | Standard success code |
Failed | Standard failure code |
WaitingForOTP | To signify that this provider has requested an OTP from the customer and it should be supplied. |
PendingValidation | To signify that this provider needs some extra information to be provided. The |
INTERFACE SPECIFICATION (ONEPIPE → PROVIDER MICRO SERVICE)
Request payload from OnePipe to the provider microservice comes encrypted, using the Triple DES Algorithm. See details.
Request (Transact)
{
"request_mode":"transact",
"request_ref":"{{request_ref}}",
"request_type":"get_accounts_min",
"auth": {
"type": "bank.account | card",
"secure": "{{decrypted_secure}}",
"auth_provider": "Beeceptor",
"route_mode": null
},
"transaction": {
"mock_mode": "live",
"transaction_ref": "{{transaction_ref}}",
"transaction_desc": "A random transaction",
"transaction_ref_parent": null,
"amount": 0,
"customer":{
"customer_ref": "{{customer_id}}",
"firstname": "Uju",
"surname": "Usmanu",
"email": "ujuusmanu@gmail.com",
"mobile_no": "234802343132"
},
"meta":{
"a_key":"a_meta_value_1",
"b_key":"a_meta_value_2"
},
"details": {
"otp_override": true
},
"client_info": {
"name": "TrustPay",
"id": null,
"bank_cbn_code": null,
"bank_name": null,
"console_url": null,
"js_background_image": null,
"css_url": null,
"logo_url": "https://trustpay.onepipe.io/img/trustpay_logo_console.png",
"footer_text": "Brought to you by <strong>SunTrust Bank</strong>",
"options": [
"BANK.TRANSFER",
"CARD"
],
"primary_color": "#b37038",
"secondary_color": "#b37038",
"primary_button_color": "#b37038",
"modal_background_color": "linear-gradient(147.44deg, #d8903c 26.99%, #e69921 74.1%)",
"payment_option_color": "rgba(76, 61, 47, 0.08)",
"payment_option_active_color": "rgba(31, 31, 31, 0.25)",
"app_color": "#b37038"
},
"app_info": {
"name": "Victor Motors",
"id": "5cdab3332b7d4100015f0db4",
"beneficiary_account_no": "0001137069",
"extras": {/*this will contain an array of provider override settings*/}
}
}
}
Response (when otp_override = false)
Set provider_response_code to 900T0
{
"status": "WaitingForOTP",
"message": "Please enter the OTP sent to 2348022****08",
"data": {
"provider_response_code": "10",
"provider": "Beeceptor",
"errors": null,
"error": null,
"provider_response": null
}
}
Response (when otp_override = true)
{
"status": "Successful",
"message": "Transaction processed successfully",
"data": {
"provider_response_code": "00",
"provider": "Beeceptor",
"errors": null,
"error": null,
"provider_response": {
"accounts": [
{
"account_number": "009****000",
"account_name": "Ola Waheed",
"bank_name": "FBN",
"bank_code": "011"
},
{
"account_number": "009****000",
"account_name": "Ola Waheed",
"bank_name": "FBN",
"bank_code": "011"
}
]
}
}
}
Request (validate with otp)
{
"request_mode":"validate",
"request_ref":"{{request_ref}}",
"request_type":"lookup_bvn_max",
"auth": {
"type": null,
"secure": "{{otp}}",
"auth_provider": "Beeceptor"
},
"transaction": {
"mock_mode": null,
"transaction_ref": "{{transaction_ref}}",
"transaction_desc": null,
"transaction_ref_parent": null,
"amount": 0,
"customer":null,
"meta":null,
"details": null
}
}
Failed Response
In the case of failure or error, the provider should return failure message in this format (encrypted).
{
"status": "Failed",
"message": "Operation was not successful",
"data": {
"provider_responde_code":"91",
"provider": "Beeceptor",
"errors": [
{
"code" : "91",
"message : "Reason why it failed"
}
],
"error": {
"code" : "01",
"message : "Reason why it failed"
},
"provider_response": {
"response_code": "91",
"response_message":"Failed"
}
}
}
Special notes for OTP override
Whenever a request is to be validated by OTP, the provider microservice should first call the provider, store response info in the database, send an OTP to the corresponding phone number, then respond with WaitingForOTP.
On the OTP validation phase, if user OTP is valid, provider should retrieve info from the database, then respond with a Successful response.
NB: Data should be erased from the DB.
0 Comments