API Payouts - BETA
Set up your account
To use our Payouts APIs, register for a xendit account. After registration, you can start testing payouts on test mode.
Integration Checklist
Retrieve your API Key
We provide unique API keys for Development and Production environments. You can retrieve these from your Dashboard. Your API keys should be kept private, so do not share your secret API keys. To successfully authenticate with Xendit’s API, you must append a colon and Base 64 encode the API key. All API requests should be made over HTTPS instead of HTTP (all calls made over plain HTTP will fail).
Set callback URL
You should always set up your payout callback URL to use Payouts. Upon execution of the payout, we send you a callback with the updated status. If the payout was successfully executed, we send you a callback notifying you that the payout was completed. If the payout was not successfully executed, we send you a callback notifying you that payout has failed along with the appropriate failure code, to facilitate your decision on whether to send us another request to create payout or return the failure result to your customer.
To set this up, you can set up the callback URL in your dashboard settings. Nominate a callback URL for product Payouts V2.
Authentication
To ensure that the HTTP requests we receive are really from you, basic authentication using your API key must be applied to each request sent to us.
Your individual API key should be provided by your AM. This key will also be used by Xendit to identify which merchant is using the APIs. Make sure to store this key securely.
Xendit’s API Gateway uses basic access authentication. Use the format {{username}}:{{password}}; insert your API key as the username and leave the password blank. Then encode the string to Base64. The resulting string must be included in the Authorization HTTP header for every API call made.
Sample authentication string (in plain text) - take note of the colon:
xnd_development_P4qDfOss0OCpl8RtKrROHjaQYNCk9dN5lSfk+R1l9Wbe+rSiCwZ3jw==:
Sample base64 encoded string:
eG5kX2RldmVsb3BtZW50X1A0cURmT3NzME9DcGw4UnRLclJPSGphUVlOQ2s5ZE41bFNmaytSMWw5V2JlK3JTaUN3WjNqdz09Og==
Sample HTTP Authorization header:
Authorization: Basic eG5kX2RldmVsb3BtZW50X1A0cURmT3NzME9DcGw4UnRLclJPSGphUVlOQ2s5ZE41bFNmaytSMWw5V2JlK3JTaUN3WjNqdz09Og==
All the API requests should be made over HTTPS instead of HTTP (all calls made over plain HTTP will fail). Note that all requests made in the test environment will not be relayed to the banking networks and will thus not cost you anything.
Please allow us to emphasize: For the security of your funds, your API keys must be kept private, so do not share your secret API keys under any circumstance.
To help guide you through testing, the following is a complete guide on recommended steps and best practices.
Funds for Testing
After receiving sandbox credentials and setting up your callback URL, you can immediately start testing! Each sandbox account is pre-loaded with a test balance of IDR 1,000,000,000 or PHP 1,000,000 for use in simulating transactions.
If you need more funds for testing, feel free to reach out to your account manager to increase the balance of your test account.
Postman collection
To make it easier to get familiar with our APIs, we've published a Postman Collection so that you can try out all our APIs. Simply import this link into Postman: https://www.getpostman.com/collections/7a0843280dde5141d213