Cek Tagihan Pascabayar
Endpoint untuk mengecek detail tagihan sebelum melakukan pembayaran. Inquiry tidak memotong saldo.
Endpoint: POST /v1/order
info
Simpan ref_id dari response inquiry — wajib digunakan saat Bayar Tagihan. Sesi inquiry berlaku 5 menit.
Parameter Request
| Parameter | Tipe | Wajib | Keterangan |
|---|---|---|---|
api_id | string | ✅ | API ID |
timestamp | integer | ✅ | Unix timestamp |
signature | string | ✅ | HMAC-SHA256 |
cmd | string | ✅ | Harus inquiry |
code | string | ✅ | Kode produk pascabayar dari Daftar Produk |
customer_no | string | ✅ | Nomor pelanggan / ID pelanggan / nomor meter |
ref_id | string | ❌ | ID referensi unik — jika kosong di-generate otomatis |
testing | boolean | ❌ | true untuk mode testing. Default: false |
Contoh Request
- PHP
- JavaScript
- Python
- Java
- C#
- cURL
<?php
$api_id = 'your_api_id';
$api_key = 'your_api_key';
$secret_key = 'your_secret_key';
$timestamp = time();
// Business params
$businessParams = [
'cmd' => 'inquiry',
'code' => 'MPBPJS',
'customer_no' => '1234567890',
'ref_id' => 'INQ-' . uniqid(),
];
// Urutkan A ke Z (ksort)
ksort($businessParams);
$canonicalBody = json_encode($businessParams, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
$bodyHash = hash('sha256', $canonicalBody);
$stringToSign = implode('|', [$api_id, $api_key, $timestamp, $bodyHash]);
$signature = hash_hmac('sha256', $stringToSign, $secret_key);
$payload = array_merge($businessParams, [
'api_id' => $api_id,
'timestamp' => $timestamp,
'signature' => $signature,
]);
$ch = curl_init('https://api.isikuota.com/v1/order');
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => ['Content-Type: application/json'],
CURLOPT_POSTFIELDS => json_encode($payload),
]);
$response = json_decode(curl_exec($ch), true);
curl_close($ch);
// Simpan ref_id untuk pembayaran
$ref_id = $response['data']['ref_id'];
const crypto = require('crypto');
const api_id = 'your_api_id';
const api_key = 'your_api_key';
const secret_key = 'your_secret_key';
const timestamp = Math.floor(Date.now() / 1000);
// Business params — urutkan A ke Z
const businessParams = {
cmd: 'inquiry',
code: 'MPBPJS',
customer_no: '1234567890',
ref_id: `INQ-${Date.now()}`,
};
const sorted = Object.fromEntries(
Object.keys(businessParams).sort().map(k => [k, businessParams[k]])
);
const canonicalBody = JSON.stringify(sorted);
const bodyHash = crypto.createHash('sha256').update(canonicalBody).digest('hex');
const stringToSign = `${api_id}|${api_key}|${timestamp}|${bodyHash}`;
const signature = crypto.createHmac('sha256', secret_key).update(stringToSign).digest('hex');
const response = await fetch('https://api.isikuota.com/v1/order', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ ...sorted, api_id, timestamp, signature }),
});
const data = await response.json();
const ref_id = data.data.ref_id; // simpan untuk pembayaran
import hmac, hashlib, time, json, requests
api_id = 'your_api_id'
api_key = 'your_api_key'
secret_key = 'your_secret_key'
timestamp = int(time.time())
# Business params — urutkan A ke Z
business_params = {
'cmd': 'inquiry',
'code': 'MPBPJS',
'customer_no': '1234567890',
'ref_id': f'INQ-{int(time.time())}',
}
sorted_params = dict(sorted(business_params.items()))
canonical_body = json.dumps(sorted_params, ensure_ascii=False, separators=(',', ':'))
body_hash = hashlib.sha256(canonical_body.encode()).hexdigest()
string_to_sign = f'{api_id}|{api_key}|{timestamp}|{body_hash}'
signature = hmac.new(secret_key.encode(), string_to_sign.encode(), hashlib.sha256).hexdigest()
payload = {**sorted_params, 'api_id': api_id, 'timestamp': timestamp, 'signature': signature}
response = requests.post('https://api.isikuota.com/v1/order', json=payload)
data = response.json()
# Simpan ref_id untuk pembayaran
ref_id = data['data']['ref_id']
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.time.Instant;
import java.util.*;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.net.http.*;
import java.net.URI;
public class InquiryExample {
static String sha256(String input) throws Exception {
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hash = digest.digest(input.getBytes(StandardCharsets.UTF_8));
StringBuilder sb = new StringBuilder();
for (byte b : hash) sb.append(String.format("%02x", b));
return sb.toString();
}
static String hmacSha256(String data, String key) throws Exception {
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "HmacSHA256"));
byte[] hash = mac.doFinal(data.getBytes(StandardCharsets.UTF_8));
StringBuilder sb = new StringBuilder();
for (byte b : hash) sb.append(String.format("%02x", b));
return sb.toString();
}
public static void main(String[] args) throws Exception {
String apiId = "your_api_id";
String apiKey = "your_api_key";
String secretKey = "your_secret_key";
long timestamp = Instant.now().getEpochSecond();
// Business params — TreeMap otomatis urut A ke Z
TreeMap<String, String> businessParams = new TreeMap<>();
businessParams.put("cmd", "inquiry");
businessParams.put("code", "MPBPJS");
businessParams.put("customer_no", "1234567890");
businessParams.put("ref_id", "INQ-" + System.currentTimeMillis());
ObjectMapper mapper = new ObjectMapper();
String canonicalBody = mapper.writeValueAsString(businessParams);
String bodyHash = sha256(canonicalBody);
String stringToSign = apiId + "|" + apiKey + "|" + timestamp + "|" + bodyHash;
String signature = hmacSha256(stringToSign, secretKey);
Map<String, Object> payload = new LinkedHashMap<>(businessParams);
payload.put("api_id", apiId);
payload.put("timestamp", timestamp);
payload.put("signature", signature);
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.isikuota.com/v1/order"))
.header("Content-Type", "application/json")
.POST(HttpRequest.BodyPublishers.ofString(mapper.writeValueAsString(payload)))
.build();
HttpResponse<String> response = HttpClient.newHttpClient()
.send(request, HttpResponse.BodyHandlers.ofString());
// Simpan ref_id untuk pembayaran
var result = mapper.readTree(response.body());
String refId = result.at("/data/ref_id").asText();
System.out.println("ref_id: " + refId);
}
}
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net.Http;
using System.Security.Cryptography;
using System.Text;
using System.Text.Json;
using System.Threading.Tasks;
class InquiryExample
{
static string Sha256(string input)
{
using var sha = SHA256.Create();
var bytes = sha.ComputeHash(Encoding.UTF8.GetBytes(input));
return BitConverter.ToString(bytes).Replace("-", "").ToLower();
}
static string HmacSha256(string data, string key)
{
using var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key));
var bytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(data));
return BitConverter.ToString(bytes).Replace("-", "").ToLower();
}
static async Task Main()
{
var apiId = "your_api_id";
var apiKey = "your_api_key";
var secretKey = "your_secret_key";
var timestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
// Business params — SortedDictionary otomatis urut A ke Z
var businessParams = new SortedDictionary<string, string>
{
{ "cmd", "inquiry" },
{ "code", "MPBPJS" },
{ "customer_no", "1234567890" },
{ "ref_id", $"INQ-{DateTimeOffset.UtcNow.ToUnixTimeMilliseconds()}" },
};
var canonicalBody = JsonSerializer.Serialize(businessParams);
var bodyHash = Sha256(canonicalBody);
var stringToSign = $"{apiId}|{apiKey}|{timestamp}|{bodyHash}";
var signature = HmacSha256(stringToSign, secretKey);
var payload = new Dictionary<string, object>(
businessParams.Select(x => new KeyValuePair<string, object>(x.Key, x.Value)))
{
{ "api_id", apiId },
{ "timestamp", timestamp },
{ "signature", signature },
};
using var client = new HttpClient();
var json = JsonSerializer.Serialize(payload);
var content = new StringContent(json, Encoding.UTF8, "application/json");
var response = await client.PostAsync("https://api.isikuota.com/v1/order", content);
var result = await response.Content.ReadAsStringAsync();
// Simpan ref_id untuk pembayaran
var doc = JsonDocument.Parse(result);
var refId = doc.RootElement.GetProperty("data").GetProperty("ref_id").GetString();
Console.WriteLine($"ref_id: {refId}");
}
}
API_ID="your_api_id"
API_KEY="your_api_key"
SECRET="your_secret_key"
TIMESTAMP=$(date +%s)
# Business params — key wajib urut A ke Z
CANONICAL_BODY='{"cmd":"inquiry","code":"MPBPJS","customer_no":"1234567890","ref_id":"INQ-001"}'
BODY_HASH=$(echo -n "$CANONICAL_BODY" | sha256sum | awk '{print $1}')
STRING_TO_SIGN="${API_ID}|${API_KEY}|${TIMESTAMP}|${BODY_HASH}"
SIGNATURE=$(echo -n "$STRING_TO_SIGN" | openssl dgst -sha256 -hmac "$SECRET" | awk '{print $2}')
curl -X POST https://api.isikuota.com/v1/order \
-H "Content-Type: application/json" \
-d "{
\"api_id\": \"$API_ID\",
\"timestamp\": $TIMESTAMP,
\"signature\": \"$SIGNATURE\",
\"cmd\": \"inquiry\",
\"code\": \"MPBPJS\",
\"customer_no\": \"1234567890\",
\"ref_id\": \"INQ-001\"
}"
Contoh Response
- BPJS Kesehatan
- PLN Pascabayar
- Internet (Telkom)
- PDAM (Air)
- Multifinance (Cicilan)
- Gas Negara (PGN)
- HP Pascabayar
{
"success": true,
"code": "BILL_INQUIRY_SUCCESS",
"message": "Tagihan berhasil ditemukan",
"data": {
"ref_id": "INQ-001",
"status": "success",
"customer_no": "122219256576",
"customer_name": "Demo Member",
"code": "MPBPJS",
"tagihan": 22500,
"admin": 2700,
"total": 25200,
"desc": {
"jumlah_peserta": "2",
"lembar_tagihan": 1,
"alamat": "JAKARTA PUSAT",
"detail": [{ "periode": "01" }]
}
},
"errors": null,
"meta": null
}
{
"success": true,
"code": "BILL_INQUIRY_SUCCESS",
"message": "Tagihan berhasil ditemukan",
"data": {
"ref_id": "INQ-001",
"status": "success",
"customer_no": "082298859671",
"customer_name": "Nama Pelanggan",
"code": "MPPLNPASCA",
"tagihan": 8000,
"admin": 2500,
"total": 10500,
"desc": {
"tarif": "R1",
"daya": 1300,
"lembar_tagihan": 1,
"detail": [
{ "periode": "201901", "nilai_tagihan": "8000", "admin": "2500", "denda": "500" }
]
}
},
"errors": null,
"meta": null
}
{
"success": true,
"code": "BILL_INQUIRY_SUCCESS",
"message": "Tagihan berhasil ditemukan",
"data": {
"ref_id": "INQ-001",
"status": "success",
"customer_no": "082298859671",
"customer_name": "Nama Pelanggan",
"code": "MPSPEEDY",
"tagihan": 19500,
"admin": 5000,
"total": 24500,
"desc": {
"lembar_tagihan": 2,
"detail": [
{ "periode": "MEI 2019", "nilai_tagihan": "8000", "admin": "2500" },
{ "periode": "JUN 2019", "nilai_tagihan": "11500", "admin": "2500" }
]
}
},
"errors": null,
"meta": null
}
{
"success": true,
"code": "BILL_INQUIRY_SUCCESS",
"message": "Tagihan berhasil ditemukan",
"data": {
"ref_id": "INQ-001",
"status": "success",
"customer_no": "082298859671",
"customer_name": "Nama Pelanggan",
"code": "PDAMBANDUNG",
"tagihan": 10000,
"admin": 2500,
"total": 12500,
"desc": {
"tarif": "3A",
"lembar_tagihan": 1,
"alamat": "WONOKROMO S.S BARU 2 8",
"jatuh_tempo": "1-15 DES 2014",
"detail": [
{
"periode": "201901",
"nilai_tagihan": "8000",
"denda": "500",
"meter_awal": "00080000",
"meter_akhir": "00090000",
"biaya_lain": "1500"
}
]
}
},
"errors": null,
"meta": null
}
{
"success": true,
"code": "BILL_INQUIRY_SUCCESS",
"message": "Tagihan berhasil ditemukan",
"data": {
"ref_id": "INQ-001",
"status": "success",
"customer_no": "082298859671",
"customer_name": "Nama Pelanggan",
"code": "MPMEGACENFINANCE",
"tagihan": 22500,
"admin": 2500,
"total": 25000,
"desc": {
"lembar_tagihan": 1,
"item_name": "HONDA VARIO TECHNO 125 PGM FI NON CBS",
"no_rangka": "MH1JFB111CK196426",
"no_pol": "B6213UWX",
"tenor": "030",
"detail": [{ "periode": "002", "denda": "0", "biaya_lain": "0" }]
}
},
"errors": null,
"meta": null
}
{
"success": true,
"code": "BILL_INQUIRY_SUCCESS",
"message": "Tagihan berhasil ditemukan",
"data": {
"ref_id": "INQ-001",
"status": "success",
"customer_no": "082298859671",
"customer_name": "Nama Pelanggan",
"code": "MPGASNEGARA",
"tagihan": 97500,
"admin": 2500,
"total": 100000,
"desc": {
"lembar_tagihan": 1,
"alamat": "KO. GRIYA ASRI CIPAGERAN",
"detail": [{ "periode": "0320", "meter_awal": "006538", "meter_akhir": "006573" }]
}
},
"errors": null,
"meta": null
}
{
"success": true,
"code": "BILL_INQUIRY_SUCCESS",
"message": "Tagihan berhasil ditemukan",
"data": {
"ref_id": "INQ-001",
"status": "success",
"customer_no": "082298859671",
"customer_name": "Nama Pelanggan",
"code": "MPHPPASCA",
"tagihan": 10000,
"admin": 2500,
"total": 12500,
"desc": {
"lembar_tagihan": 1
}
},
"errors": null,
"meta": null
}
Field Response
| Field | Tipe | Keterangan |
|---|---|---|
ref_id | string | Simpan ini — wajib dipakai saat pembayaran |
status | string | Status inquiry (success / failed) |
customer_no | string | Nomor pelanggan |
customer_name | string | Nama pelanggan sesuai tagihan |
code | string | Kode produk |
tagihan | integer | Nilai tagihan sebelum admin (Rp) |
admin | integer | Biaya admin (Rp) |
total | integer | Total yang harus dibayar = tagihan + admin (Rp) |
desc | object | Detail tagihan — struktur berbeda per jenis layanan |
tip
Tampilkan customer_name, tagihan, admin, dan total ke user sebelum konfirmasi pembayaran.