Authorization
Process
- Merchant calls this API to authorize a transaction that has been authenticated above. Customer's funds are deducted and held in their account.
- Only call authorization API after completing the Authentication step.
- Hold time is 5-7 days. During this period, if capture is not called, the funds will automatically reverse.
- Incremental authorize is used when increasing the hold amount of a previously authorized transaction.
API Information
Method: POST
URL: (Provided by Baokim)
Request
Main Parameters
| No | Field Name | Data Type | Required | Description |
|---|---|---|---|---|
| 1 | request_id | String(100) | ✅ | Unique request ID |
| 2 | request_time | String(20) | ✅ | Request send time. Format: YYYY-MM-DD H:i:s |
| 3 | master_merchant_code | String(50) | ✅ | Unique identifier for master merchant |
| 4 | sub_merchant_code | String(50) | ✅ | Unique identifier for sub merchant |
| 5 | order_code | String(50) | ✅ | Baokim order code from Authentication step |
| 6 | authorize_type | Number | ✅ | Authorization type: 1 = Authorize / 2 = Incremental Authorize |
| 7 | authorize_amount | Number | ✅ | Hold amount. If type=2: amount to increase |
| 8 | card | Object | ✅ | Card information |
| 9 | extend | Object | ❌ | Extended data |
| 10 | description | String(255) | ❌ | Transaction description |
Card Information
| No | Field Name | Data Type | Required | Description |
|---|---|---|---|---|
| 1 | card_data | String(255) | ✅ | Card encrypted per Baokim standard, required if card_token null |
| 2 | card_token | String(255) | ✅ | Card token. Required if card_data null. |
Card_data Information Before Encryption
| No. | Field Name | Data Type | Required | Description |
|---|---|---|---|---|
| 1 | card_number | String(20) | ✅ | Card number |
| 2 | card_name | String(255) | ✅ | Cardholder name |
| 3 | card_month | String(2) | ✅ | Card expiry month |
| 4 | card_year | String(4) | ✅ | Card expiry year |
| 5 | card_cvv | String(3) | ✅ | Card security code |
Extend Information
| No. | Field Name | Data Type | Required | Description |
|---|---|---|---|---|
| 1 | billing | Object | ❌ | Payer information |
Extend.billing Information
| No. | Field Name | Data Type | Required | Description |
|---|---|---|---|---|
| 1 | firstname | String(255) | ❌ | Payer first name |
| 2 | lastname | String(255) | ❌ | Payer last name |
| 3 | address | String(500) | ❌ | Payer address |
| 4 | city | String(50) | ❌ | City (Example: HANOI) |
| 5 | state | String(255) | ❌ | State/Province |
| 6 | country | String(2) | ❌ | Country ISO2 (Example: VN) |
| 7 | String(255) | ❌ | Payer email | |
| 8 | phone | String(10) | ❌ | Phone number |
| 9 | postal_code | String(6) | ❌ | Postal code |
Example Request
{
"request_id": "MERCHANT050015588AXE014",
"request_time":" 2020-08-11 14:41:00 ",
"master_merchant_code":"MASTER_MERCHANT",
"sub_merchant_code":"SUB_MERCHANT",
"order_code":"VLAD_1753867524",
"authorize_type":1,
"authorize_amount":1000000,
"card": {
"card_data": "yeAhZHfP6cWkLCL28svcXv2F9ntN3I1xBFGJG17JfxERkg8913ZxV",
"card_token": null
},
"extend": {
"billing": {
"firstname": "A",
"lastname": "NGUYEN VAN",
"address": "313 Truong Chinh, Dong Da",
"city": "HANOI",
"state": NULL,
"country": "VN",
"email": "[email protected]",
"phone": "0394899999",
"postal_code": "10000"
}
},
"description": "description GD authorize"
}
Response
Main Parameters Table
| No. | Field Name | Data Type | Required | Description |
|---|---|---|---|---|
| 1 | code | Number(3) | ✅ | Baokim error code |
| 2 | message | String(200) | ✅ | Baokim error message |
| 3 | data | Object | ✅ | Data returned by Baokim |
Data Information
| No. | Field Name | Data Type | Required | Description |
|---|---|---|---|---|
| 1 | order_code | String | ✅ | Baokim order code |
| 2 | auth_code | String(50) | ✅ | Authorization code from bank |
| 3 | authorize_status | Number | ✅ | Authorization status: 0 = Pending, 1 = Authorized, 2 = Fail |
| 4 | status | Number | ✅ | Overall transaction status |
| 5 | authorize_amount | Number | ✅ | Authorization amount this time |
| 6 | total_amount | Number | ✅ | Total authorized amount |
Example Response
{
"code": 0,
"message": "Success",
"data": {
"order_code": "VLAD_1753867524",
"auth_code": "AUTH456789",
"authorize_status": 1,
"status": 1,
"amount": 1000000,
"total_amount": 1000000
}
}
Error Code Table
| Error Code | Description |
|---|---|
| 100 | Success |
| 11 | Failed |
| 101 | Baokim system error |
| 104 | OAuth authentication error |
| 105 | Signature authentication error |
| 422 | Validation error: RequestId invalid |
| 422 | Validation error: RequestTime invalid |
| 422 | Validation error: PartnerCode invalid |
| 422 | Card_data invalid |
| 422 | Amount invalid |
| 301 | Order not found by order_code |
| 302 | Card issue (does not exist, expired) |
| 303 | Card declined |
| 304 | Insufficient card balance |
| 305 | User cancelled transaction |
| 306 | Incorrect OTP |
| 308 | Transaction has not completed Authentication |
| 309 | Transaction has not completed Authorization |
| 310 | Transaction already reversed — cannot capture |
| 311 | Transaction already captured — cannot reverse |
| 313 | Bank-side processing error |