Sending OTP Code

The API endpoint for sending an OTP for STCPay payment.

Endpoint

POST /rest/pay/stcpay/sendOtp

Request Headers

HeaderRequiredDescription
AcceptYesIt must be set to application/JSON.
Content-TypeYesIt must be set to application/JSON.
{
  "Accept": "application/json",
  "Content-Type": "application/json"
}

Request Body Parameters

Field NameField TypeRequiredDescription
stcpayMobileCountryCodeStringYesThe country code for the STCPay mobile number.
stcpayMobileStringYesThe STCPay mobile number to send the OTP to.
orderNumberStringYesThe unique identifier for the transaction. It is the transactionNo generated from the Add Invoice endpoint.
totalNumberYesThe total amount for the transaction.

πŸ“˜

OrderNumber Parameter

orderNumber can be received from the transactionNo field of the response of Add Invoice endpoint.

An example of the request is as follows:

{
  "stcpayMobileCountryCode": "966",
  "stcpayMobile": "512345678",
  "orderNumber": "16791237111116",
  "total": 10
}

Success Response

If the OTP request is successful, the API will return a JSON-encoded response with the following parameters:

Parameter NameData TypeDescription
stcMobileStringThe STC mobile number is associated with the transaction.
paymentSessionIdStringThe unique ID for the payment session. It will be passed to the processPayment endpoint.
signatureStringThe signature for the transaction. It will be passed to the processPayment endpoint.
stcpayMobileStringThe STCPay mobile number the OTP was sent to. It will be passed to the processPayment endpoint.
signedBase64DataStringThe signed base64-encoded data for the transaction. It will be passed to the processPayment endpoint.

Here is an example success response:

{
  "stcMobile": "512345678",
  "paymentSessionId": "641c1fec04e8e7793c123455",
  "signature": "NTkzMjU2MzFhYmIwNGY4****",
  "stcpayMobile": "512345678",
  "signedBase64Data": "NTk5OTI1NDc3NjQxYz****"
}

Failure Response

If the OTP request fails, the API will return a JSON-encoded response with the following parameters:

Parameter NameData TypeDescription
timestampNumberThe timestamp for the error.
statusNumberThe HTTP status code for the error.
errorStringThe error message.
pathStringThe API path for the request that caused the error.

Here is an example failure response:

{
  "timestamp": 1679566267336,
  "status": 500,
  "error": "Internal Server Error",
  "path": "/rest/pay/stcpay/sendOtp"
}

Error Codes

The API may return the following HTTP status codes:

Status CodeDescription
200OK. The request was successful.
400Bad Request. The request parameters were invalid.
401Unauthorized. The request did not include valid authentication credentials.
404Not Found. The requested resource was not found.
500Internal Server Error. An unexpected error occurred on the server.