Loa Heo Vàng - Đối tác thanh toán
  1. Partner
Loa Heo Vàng - Đối tác thanh toán
  • Partner
    • Get access token for partner client
      POST
    • Refresh token
      POST
    • Send verification code to speaker device
      POST
    • Register a speaker device for a partner
      POST
    • Unregister a speaker device
      POST
    • Webhook callback endpoint for payment processor to notify transaction status
      POST
    • Update status of multiple speaker devices
      PATCH
    • Create a dynamic QR code for payment
      POST
    • Get speaker device detail
      GET
  • Partner Store
    • Update store information
      PUT
  1. Partner

Webhook callback endpoint for payment processor to notify transaction status

Develop Env
https://api-test.loaheovang.com
Develop Env
https://api-test.loaheovang.com
POST
/api/v1/partner/payment/callback
Last modified:2025-08-01 02:37:10
Maintainer:Not configured
Validates the checksum of the callback payload using the partner's client secret. The checksum should be calculated by signing
the body data (excluding the checksum field itself) using HMAC SHA256 with the client secret as the key. If validation fails,
returns error code 40014.
To generate the checksum:
1.
Create a URLSearchParams object with these fields in order:
terminalID
bankCode
billNumber
transactionAmount
notice
payDate (in ISO 8601 format)
traceTransfer
ftCode
2.
Convert URLSearchParams to string
3.
Sign the string using HMAC SHA256 with your client secret as the key
4.
The resulting signature is your checksum
Example in NodeJS:
Example in Java:

Request

Authorization
Bearer Token
Provide your bearer token in the
Authorization
header when making requests to protected resources.
Example:
Authorization: Bearer ********************
or
Header Params

Body Params application/jsonRequired

Example
{
    "terminalID": "T123456789",
    "billNumber": "BILL202305250001",
    "transactionAmount": "250000",
    "notice": "Thanh toán hóa đơn",
    "traceTransfer": "TRACE123456789",
    "ftCode": "FT23145678901",
    "checkSum": "string",
    "payDate": "2023-05-25T14:35:12.000Z",
    "bankCode": "BIDV"
}

Request Code Samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://api-test.loaheovang.com/api/v1/partner/payment/callback' \
--header 'x-client-id;' \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data-raw '{
    "terminalID": "T123456789",
    "billNumber": "BILL202305250001",
    "transactionAmount": "250000",
    "notice": "Thanh toán hóa đơn",
    "traceTransfer": "TRACE123456789",
    "ftCode": "FT23145678901",
    "checkSum": "string",
    "payDate": "2023-05-25T14:35:12.000Z",
    "bankCode": "BIDV"
}'

Responses

🟢200OK
application/json
Body

Example
{
    "bankName": "Ngân hàng TMCP Quân đội (MB Bank)",
    "bankCode": "MB",
    "bankAccountNumber": "0123456789012",
    "bankAccountName": "NGUYEN VAN A",
    "qrcode": "string",
    "storeId": "string",
    "billNumber": "string",
    "id": "string"
}
🟠400Bad Request
🟠401Unauthorized
Modified at 2025-08-01 02:37:10
Previous
Unregister a speaker device
Next
Update status of multiple speaker devices
Built with