BRIVA Push Notification

 

API Information

Title

API Docs BRIVA Push Notification

Version

v1.0

URL Sandbox

-

URL Production

-

Version Control

API Version

Date

Link to document

Description

v1.0 22 Februari 2022 this pages Baseline version.

Product Description

Product Overview

This feature will notify partners when there is virtual account payment.

There will be a case of which the time in “transactionDateTime” field in notification endpoint and “paymentDate” field in get report endpoint is different, this happened because transactionDateTime in notification endpoint is the time when notification was sent, while paymentDate in get report endpoint is the time when the transaction was being booked.

Flow API

push notif flow api

Notification

Endpoint Description

This feature will notify partners when there is a virtual accounts payment. This notification does not contain a process to retry when it fails to flag, so we recommend that you continue to validate get reports for transactions that have been completed

paid but not getting notifications To use this feature, partners must provide an endpoint url to receive notifications from BRI, with the following specifications: following:

General Information

HTTP Method POST
Path Provided by Partner
Tipe Format JSON
Authentication  

Header Structure

Key

Value

Mandatory

Length

Description

Example

BRI-Signature

alphanum

M (Mandatory)

 

Signature

https://developers.bri.co.id
/docs/dokumentasi#signature

 

BRI-Timestamp

alphanum

M (Mandatory)

 

Timestamp

 

Request Structure

Field

Data Type

Mandatory

Length

Description

Example

brivaNo

String

M

14

VA Number : [CorporateCode]*+[CustomerCode]** *[Corporate Code] : corporate code created by BRI (numeric[5]) **[Customer Code] : customer code created by 3rd parties (Numeric [Max 13])

 

billAmount

String

M

18

The amount of the bill

 

transactionDateTime

String

M

10

Inquiry request time (Format:yyyyMMddHHmmss)

 

journalSeq

String

M

30

Unique ID for each transaction

 

terminalId

String

M

2

Channel ID

1 : Teller
2 : ATM
3 : IB
4 : SMSB
5 : CMS
6 : EDC
7 : RTGS
8 : OTHER
9 : API
 

Response Structure

Field

Data Type

Mandatory

Length

Description

Example

responseCode

String

M

 

0000 = Success

0102 = Invalid Signature

 

responseDescription

String

M

     

Request & Response Payload Sample

Request

{
   "brivaNo":"8888001256798654",
   "billAmount":"22000",
   "transactionDateTime":"20201005102753",
   "journalSeq":"2027912345671234567",
   “terminalId”:”1”
}
curl --location -g --request POST '{url}/api/v1.0/notification' \
--header 'BRI-Signature: VaJc6t6Bqjewhgia+QvNoTAEBgX9eEhaBYxPAhSulEM=' \
--header 'BRI-Timestamp: 2021-08-26T09:40:48.818Z' \
--header 'Content-Type: application/json' \
--data-raw '{
 "brivaNo": "8888001256798654",
 "billAmount": "22000",
 "transactionDateTime": "20201005102753",
 "journalSeq": "2027912345671234567",
“terminalId”:”1”
}

Normal Response

{   
    "responseCode": "0000",
    "responseDescription": "Success"
}

Error Response

{
  "responseCode": "0102",
  "responseDescription": "Invalid Signature"
}

Briva WS Notif is a service provided by BRI to provide notifications to customers partner when there is a virtual account payment.

In order for partners to receive notifications from BRI, there are several specifications that must be met: adjusted by partner are as follows:

  1. Header Structure Parameters that partners must provide in the header is as follows:
    • BRI-Signature To ensure that the data sent is genuine and can't be denied, from our side we will send a signature and must verified by partners. How to make a signature, partners can refer to web page https://developers.bri.co.id/docs/documentation#signature.
    • BRI-Timestamp Time when sending API request. The time format must be follows the ISO8601 format (yyyy-MM-ddTHH:mm:ss.SSSZ).
    • Content-Type Type JSON on Content-Type is equipped with application/json.

 

Signature

Signature ensures that the data sent is genuine and cannot be refuted. The signature is generated by the service user and verified by the service recipient.

The signature is formed from a predetermined payload, by implementing the SHA256-HMAC algorithm with the Consumer Key as the key. Then, encryption of this signature will be carried out using Base64. The final result will be put in the X-BRI-Signature attribute in the Header.

Payload

The payload is composed of path, verb, token, timestamp, and body. Example payloads:

path=https://service-vendor.tcd-dev.id/api/briapi/request-inquiry&verb=GET&token=Bearer R04XSUbnm1GXNmDiXx9ysWMpFWBr ×tamp=2019-01-02T13:14:15.678Z&body=

 

The details will be explained below:

1. Path

The value of the path is obtained from the partner URL that was hit by BRI

Example:

https://service-vendor.tcd-dev.id/api/briapi/request-inquiry

2. Verb

HTTP methods must be capital letters, i.e. GET, POST, PUT, PATCH, and DELETE.

3. Token

The token used is taken from the Authorization header. This token will be sent by the BRIAPI team, after registering the URL partner

Example:

Bearer R04XSUbnm1GXNmDiXx9ysWMpFWBr

4. Timestamp

Time when sending API request. The time format must follow the ISO8601 format (yyyy-MM-ddTHH:mm:ss.SSSZ).

Example:

2019-01-02T13:14:15.678Z

Timestamp must be in UTC or GMT +0 timezone

5. Body

Body when sending API requests. Example:

&body={"hello":"world"}

If there is no body of the request, for example using the GET method, leave it blank. Example:

&body=

The parameters that must be provided by the partner in the body of the request are as follows :

  • brivaNo, is the virtual account number, String with a maximum of 14 characters. Provisions for VA Number:
    [CorporateCode]*+[CustomerCode]** *
    [CorporateCode]
    : company code created by BRI (numeric [5])
    [CustomerCode] : customer code generated by 3rd party (numeric [Max 13 character])
  • billAmount, is the number of bills, String with a maximum of 18 characters
  • transactionDateTime, is the time when the inquiry request, with the format: yyyyMMddHHmmss
  • journalSeq, is the unique ID that each transaction has, String with Maximum character is 30.
  • terminalId, is a payment channel at BRI, String with a maximum character is 1.

List of Error/Response Code

HTTP Status Code Status Response Description escription
200 0000 Success Success  
400 0102 Failed Invalid Signature  

Simulation

Reconciliation

Every user of the API needs to do transaction reconciliation everyday, especially on transactions that contain anomalies.
There are some options user can use to do transaction reconsiliation :

  1. Using Get Report Date BRIVA API
  2. Using Get Report Time BRIVA API
  3. Using Account Statement v2.0 API
  4. Using MT940 after the day of transaction