logo
English
English
API ReferenceSign In

Account Linking

Last updated 05/20/2021

There are 2 types of account Direct debit supports: Bank Account and Debit Card. Here are the steps to test your Direct Debit integration

Xendit supports BPI Philippines Direct Debit via Bank Account and BRI Direct Debit via Debit Card

Debit Card

Xendit supports BRI Direct Debit via Debit Card

Positive Scenarios

Follow these 2 simple steps to link debit card. After linking success, proceed to Making payment

1. Link Debit Card

Send a POST to `/linked_account_tokens/` with the following parameter values:

{
  "customer_id": "any", // Create Customer ID first
  "channel_code": "DC_BRI",
  "properties": {
    "account_mobile_number": "+62818555988", // any Indonesia number in E.164 format
    "card_last_four": "8888",
    "card_expiry": "06/24", // any future date
    "account_email": "test.email@xendit.co" // customer email
  }
}

Values for other parameters are arbitrary as long as they follow and consistent with validation rules. This should return a successful linked account token response.

2. Validate OTP

Send a POST to `/linked_account_tokens/{linked_account_token_id}/validate_otp` with valid id and the following request payload: 

{
  "otp_code": "333000"
}

This should return a successful linked account token response. After linking success, proceed to Making payment

Negative Scenarios

There are couple of negative scenarios you will need to handle

Bank failed to deliver OTP to end-customer

Send a POST to `/linked_account_tokens/` with the following parameter values:

{
  "customer_id": "any", // Create Customer ID first
  "channel_code": "DC_BRI",
  "properties": {
    "account_mobile_number": "+62818555988", // any Indonesia number in E.164 format
    "card_last_four": "0011",
    "card_expiry": "06/24", // any future date
    "account_email": "test.email@xendit.co" // customer email
  }
}

Values for other parameters are arbitrary as long as they follow and consistent with validation rules. This should return an error: 400 OTP_DELIVERY_ERROR

Debit Card Blocked / Any Account Issue

Send a POST to `/linked_account_tokens/` with the following parameter values:

{
  "customer_id": "any", // Create Customer ID first
  "channel_code": "DC_BRI",
  "properties": {
    "account_mobile_number": "+62818555988", // any Indonesia number in E.164 format
    "card_last_four": "0012",
    "card_expiry": "06/24", // any future date,
    "account_email": "test.email@xendit.co" // customer email
  }
}

Values for other parameters are arbitrary as long as they follow and consistent with validation rules. This should return an error: 400 ACCOUNT_ACCESS_BLOCKED

OTP Expired

This request payload simulates OTP expired when user didn't enter the OTP on-time

{
  "otp_code": "333001"
}

The API will response 400 EXPIRED_OTP_ERROR

Max OTP Attampts Reached

This request payload simulates scenario when maximum retry attempts has been reached

{
  "otp_code": "333002"
}

The API will response 400 MAX_OTP_ATTEMPTS_ERROR

Invalid OTP

This request payload simulates scenario when user input invalid OTP

{
  "otp_code": "333003" // or any 6 digits not 333000-333002
}

The API will response 400 INVALID_OTP_ERROR

Bank Account

Xendit supports BPI Direct Debit via Bank Account

Positive Scenarios

1. Initiate Link Bank Account

Send a POST to `/linked_account_tokens/` with the following parameter values:

{
  "customer_id": "any", // Create Customer ID first
  "channel_code": "BA_BPI",
  "properties": {
    "success_redirect_url": "https://company.co/success",
    "failure_redirect_url": "https://company.co/failure",
    "callback_url": "https://company.co/callback"
  },
  "metadata": {
    "origin": "mobile_app"
  }
}

Values for other parameters are arbitrary as long as they follow and consistent with validation rules. This should return a successful linked account token response. Use authorizer_url for next step.

{
  "id": "lat-aa620619-124f-41db-995b-66a52abe036a",
  "customer_id": "7205eb90-ce35-436d-8fa1-3695ecc5889a",
  "channel_code": "BA_BPI",
  "authorizer_url": "https://link-web.xendit.co/auth/d88ede5dd016?state=",
  "status": "PENDING",
  "metadata": {
    "origin": "mobile_app"
  }
}

2. Authorize Bank Account

Use authorizer_url from previous step and redirect users to the URL to authorize bank account access. A Money Bank login screen will appear. Input the following credentials to simulate successful authorization::

  • Username: 91284
  • Password: strongpassword

Upon successful authorization, user will be redirected back to success_redirect_url

Negative Scenarios

User didn't authorize bank account

To simulate an user didn't authorize their bank account, create a new initiate linking request and input these credentials in the Money Bank login screen (authorizer_url)

  • Username: 28284
  • Password: badpassword

Upon failed authorization, user will be redirected back to failure_redirect_url