Cek Saldo

Endpoint untuk mengecek saldo akun Anda secara real-time.

Endpoint: POST /v1/balance

info

Endpoint ini tidak memiliki parameter bisnis tambahan. canonicalBody untuk signature menggunakan string kosong "".

Parameter Request

Parameter	Tipe	Wajib	Keterangan
api_id	string	✅	API ID dari pengaturan akun
timestamp	integer	✅	Unix timestamp saat request dikirim
signature	string	✅	HMAC-SHA256 — lihat cara membuat signature

Contoh Request

PHP

<?php
$api_id     = 'your_api_id';
$api_key    = 'your_api_key';
$secret_key = 'your_secret_key';
$timestamp  = time();

// Tidak ada business params → canonicalBody = string kosong
$bodyHash     = hash('sha256', '');
$stringToSign = implode('|', [$api_id, $api_key, $timestamp, $bodyHash]);
$signature    = hash_hmac('sha256', $stringToSign, $secret_key);

$payload = [
    'api_id'    => $api_id,
    'timestamp' => $timestamp,
    'signature' => $signature,
];

$ch = curl_init('https://api.isikuota.com/v1/balance');
curl_setopt_array($ch, [
    CURLOPT_POST           => true,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER     => ['Content-Type: application/json'],
    CURLOPT_POSTFIELDS     => json_encode($payload),
]);
$response = json_decode(curl_exec($ch), true);
curl_close($ch);

JavaScript

const crypto = require('crypto');

const api_id     = 'your_api_id';
const api_key    = 'your_api_key';
const secret_key = 'your_secret_key';
const timestamp  = Math.floor(Date.now() / 1000);

// Tidak ada business params → canonicalBody = string kosong
const bodyHash     = crypto.createHash('sha256').update('').digest('hex');
const stringToSign = `${api_id}|${api_key}|${timestamp}|${bodyHash}`;
const signature    = crypto.createHmac('sha256', secret_key).update(stringToSign).digest('hex');

const response = await fetch('https://api.isikuota.com/v1/balance', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({ api_id, timestamp, signature }),
});
const data = await response.json();

Python

import hmac, hashlib, time, requests

api_id     = 'your_api_id'
api_key    = 'your_api_key'
secret_key = 'your_secret_key'
timestamp  = int(time.time())

# Tidak ada business params → canonicalBody = string kosong
body_hash      = hashlib.sha256(b'').hexdigest()
string_to_sign = f'{api_id}|{api_key}|{timestamp}|{body_hash}'
signature      = hmac.new(secret_key.encode(), string_to_sign.encode(), hashlib.sha256).hexdigest()

response = requests.post('https://api.isikuota.com/v1/balance', json={
    'api_id': api_id, 'timestamp': timestamp, 'signature': signature,
})
data = response.json()

cURL

API_ID="your_api_id"
API_KEY="your_api_key"
SECRET="your_secret_key"
TIMESTAMP=$(date +%s)

# Tidak ada business params → canonicalBody = string kosong
BODY_HASH=$(echo -n "" | sha256sum | awk '{print $1}')
STRING_TO_SIGN="${API_ID}|${API_KEY}|${TIMESTAMP}|${BODY_HASH}"
SIGNATURE=$(echo -n "$STRING_TO_SIGN" | openssl dgst -sha256 -hmac "$SECRET" | awk '{print $2}')

curl -X POST https://api.isikuota.com/v1/balance \
  -H "Content-Type: application/json" \
  -d "{
    \"api_id\":    \"$API_ID\",
    \"timestamp\": $TIMESTAMP,
    \"signature\": \"$SIGNATURE\"
  }"

Java

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.time.Instant;
import java.net.http.*;
import java.net.URI;

public class BalanceExample {

    static String sha256(String input) throws Exception {
        MessageDigest digest = MessageDigest.getInstance("SHA-256");
        byte[] hash = digest.digest(input.getBytes(StandardCharsets.UTF_8));
        StringBuilder sb = new StringBuilder();
        for (byte b : hash) sb.append(String.format("%02x", b));
        return sb.toString();
    }

    static String hmacSha256(String data, String key) throws Exception {
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "HmacSHA256"));
        byte[] hash = mac.doFinal(data.getBytes(StandardCharsets.UTF_8));
        StringBuilder sb = new StringBuilder();
        for (byte b : hash) sb.append(String.format("%02x", b));
        return sb.toString();
    }

    public static void main(String[] args) throws Exception {
        String apiId     = "your_api_id";
        String apiKey    = "your_api_key";
        String secretKey = "your_secret_key";
        long   timestamp = Instant.now().getEpochSecond();

        // Tidak ada business params → canonicalBody = string kosong
        String bodyHash     = sha256("");
        String stringToSign = apiId + "|" + apiKey + "|" + timestamp + "|" + bodyHash;
        String signature    = hmacSha256(stringToSign, secretKey);

        String body = String.format(
            "{\"api_id\":\"%s\",\"timestamp\":%d,\"signature\":\"%s\"}",
            apiId, timestamp, signature
        );

        HttpRequest request = HttpRequest.newBuilder()
            .uri(URI.create("https://api.isikuota.com/v1/balance"))
            .header("Content-Type", "application/json")
            .POST(HttpRequest.BodyPublishers.ofString(body))
            .build();

        HttpResponse<String> response = HttpClient.newHttpClient()
            .send(request, HttpResponse.BodyHandlers.ofString());
        System.out.println(response.body());
    }
}

C#

using System;
using System.Net.Http;
using System.Security.Cryptography;
using System.Text;
using System.Text.Json;
using System.Threading.Tasks;

class BalanceExample
{
    static string Sha256(string input)
    {
        using var sha = SHA256.Create();
        var bytes = sha.ComputeHash(Encoding.UTF8.GetBytes(input));
        return BitConverter.ToString(bytes).Replace("-", "").ToLower();
    }

    static string HmacSha256(string data, string key)
    {
        using var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key));
        var bytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(data));
        return BitConverter.ToString(bytes).Replace("-", "").ToLower();
    }

    static async Task Main()
    {
        var apiId     = "your_api_id";
        var apiKey    = "your_api_key";
        var secretKey = "your_secret_key";
        var timestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();

        // Tidak ada business params → canonicalBody = string kosong
        var bodyHash     = Sha256("");
        var stringToSign = $"{apiId}|{apiKey}|{timestamp}|{bodyHash}";
        var signature    = HmacSha256(stringToSign, secretKey);

        var payload = new { api_id = apiId, timestamp, signature };
        var json    = JsonSerializer.Serialize(payload);
        var content = new StringContent(json, Encoding.UTF8, "application/json");

        using var client   = new HttpClient();
        var response       = await client.PostAsync("https://api.isikuota.com/v1/balance", content);
        Console.WriteLine(await response.Content.ReadAsStringAsync());
    }
}

Contoh Response

{
  "success": true,
  "code": "SUCCESS",
  "message": "Saldo berhasil didapatkan",
  "data": {
    "name": "John Doe",
    "balance": 25490,
    "currency": "IDR",
    "checked_at": "2026-05-31 10:21:58"
  },
  "errors": null,
  "meta": null
}

Field Response

Field	Tipe	Keterangan
name	string	Nama akun
balance	integer	Saldo saat ini dalam rupiah (IDR)
currency	string	Mata uang — selalu IDR
checked_at	string	Waktu pengecekan saldo

Best Practice

• Cek saldo sebelum transaksi untuk menghindari gagal karena saldo kurang
• Implementasikan notifikasi otomatis jika saldo di bawah threshold tertentu
• Cache response beberapa detik untuk mengurangi jumlah API call