GrabPay
Topics covered on this page
Accept online payments from Grab users through your website using the GrabPay payment method. This guide walks you through the payment flow and details on how to implement.
How to enable
- Supported Countries: Singapore, Malaysia
- Minimum API version:
2017-11-02
To enable GrabPay, send an email requesting this feature to support@opn.ooo. You will need to review and accept new terms and conditions.
Payment flow
GrabPay supports payment on desktop and mobile website. Customers paying via GrabPay go through a redirect payment flow. This means they are redirected from your website to GrabPay’s secure checkout page where they authorize and confirm the payment. The following screenshots demonstrate the flow throughout the journey.
❶ The customer chooses to pay with Grab and ❷ gets redirected to GrabPay's secure checkout page to fill in the phone number that they have registered with Grab. ❸ The customer receives and fills in the OTP. ❹ Then, the customer selects one of the available payment options from Grab. ❺ After the payment is complete, the customer will be automatically redirected to the merchant's payment confirmation page.
GrabPay users can make payments using the following payment methods:
Supported Payment Methods | Singapore | Malaysia |
---|---|---|
Wallet Balance | ✅ | ✅ |
Credit Card | ||
PayLater (Postpaid) | ✅ | ✅ |
PayLater (Installments) | ✅ | ✅ |
Implementation
To create a charge using GrabPay, make the following API requests.
- Create a new payment source (
type
:grabpay
) using Omise.js or one of the mobile SDKs (iOS and Android) - Create a new charge using the identifier of the source created in Step 1.
- After receiving the charge completion webhook event, retrieve the charge to verify its status (optional, but recommended).
Use your public key to create the GrabPay source on the client (a customer's browser or mobile phone). Use your secret key to create the GrabPay charge on the server.
If both the creation and charge of a source must happen server-side, you can create and charge the source in a single API request using your secret key.
Creating a source
When the customer confirms that they wish to pay with this payment method, create a new source specifying the amount
, currency
, and type
.
The following examples demonstrate the creation of a new GrabPay source for S$50. Replace the omise_public_key
and $OMISE_PUBLIC_KEY
variables with the test public key found on your dashboard.
Using Omise.js, the
type
parameter is supplied as the first argument to thecreateSource
method.
Omise.setPublicKey(omise_public_key);
Omise.createSource('grabpay', {
"amount": 5000,
"currency": "SGD",
}, function(statusCode, response) {
console.log(response)
});
For testing, you can create the same request using curl.
curl https://api.omise.co/sources \
-u $OMISE_PUBLIC_KEY: \
-d "amount=5000" \
-d "currency=SGD" \
-d "type=grabpay"
{
"object": "source",
"id": "src_test_5s7rzhl3eri4knzq8zi",
"livemode": false,
"location": "/sources/src_test_5s7rzhl3eri4knzq8zi",
"amount": 5000,
"barcode": null,
"bank": null,
"created_at": "2022-06-21T07:26:27Z",
"currency": "SGD",
"email": null,
"flow": "redirect",
"installment_term": null,
"absorption_type": null,
"name": null,
"mobile_number": null,
"phone_number": null,
"platform_type": null,
"scannable_code": null,
"references": null,
"store_id": null,
"store_name": null,
"terminal_id": null,
"type": "grabpay",
"zero_interest_installments": null,
"charge_status": "unknown",
"receipt_amount": null,
"discounts": []
}
The id
attribute is the source identifier (begins with src
).
Creating a charge
Create a charge specifying the parameters return_uri
, source
, amount
, and currency
.
return_uri
specifies the location on your website to which the customer should be redirected after completing the payment authorization step.source
specifies the source identifier.amount
andcurrency
must matchamount
andcurrency
of the source.
Opn recommends that you do not use the charge attributes
net
,fee
,fee_vat
andtransaction_fees
until a charge status issuccessful
.
The following example demonstrates how to create a new charge using curl.
Replace $OMISE_SECRET_KEY
with your test secret key found on your dashboard.
Replace $SOURCE_ID
with the id
of the source.
curl https://api.omise.co/charges \
-u $OMISE_SECRET_KEY: \
-d "amount=5000" \
-d "currency=SGD" \
-d "return_uri=http://example.com/orders/345678/complete" \
-d "source=$SOURCE_ID"
{
"object": "charge",
"id": "chrg_test_5s7rzhp8myc7ro62212",
"location": "/charges/chrg_test_5s7rzhp8myc7ro62212",
"amount": 5000,
"net": 0,
"fee": 0,
"fee_vat": 0,
"interest": 0,
"interest_vat": 0,
"funding_amount": 5000,
"refunded_amount": 0,
"transaction_fees": {
"fee_flat": null,
"fee_rate": null,
"vat_rate": "0.0"
},
"platform_fee": {
"fixed": null,
"amount": null,
"percentage": null
},
"currency": "SGD",
"funding_currency": "SGD",
"ip": null,
"refunds": {
"object": "list",
"data": [],
"limit": 20,
"offset": 0,
"total": 0,
"location": "/charges/chrg_test_5s7rzhp8myc7ro62212/refunds",
"order": "chronological",
"from": "1970-01-01T00:00:00Z",
"to": "2022-06-21T07:26:28Z"
},
"link": null,
"description": null,
"metadata": {},
"card": null,
"source": {
"object": "source",
"id": "src_test_5s7rzgecru2r9bwulwh",
"livemode": false,
"location": "/sources/src_test_5s7rzgecru2r9bwulwh",
"amount": 5000,
"barcode": null,
"bank": null,
"created_at": "2022-06-21T07:26:21Z",
"currency": "SGD",
"email": null,
"flow": "redirect",
"installment_term": null,
"absorption_type": null,
"name": null,
"mobile_number": null,
"phone_number": null,
"platform_type": null,
"scannable_code": null,
"references": null,
"store_id": null,
"store_name": null,
"terminal_id": null,
"type": "grabpay",
"zero_interest_installments": null,
"charge_status": "pending",
"receipt_amount": null,
"discounts": []
},
"schedule": null,
"customer": null,
"dispute": null,
"transaction": null,
"failure_code": null,
"failure_message": null,
"status": "pending",
"authorize_uri": "https://pay.omise.co/payments/pay2_test_5s7rzhpas8oe6bo1eun/authorize",
"return_uri": "http://example.com/orders/345678/complete",
"created_at": "2022-06-21T07:26:27Z",
"paid_at": null,
"expires_at": "2022-06-28T07:26:27Z",
"expired_at": null,
"reversed_at": null,
"zero_interest_installments": false,
"branch": null,
"terminal": null,
"device": null,
"authorized": false,
"capturable": false,
"capture": true,
"disputable": false,
"livemode": false,
"refundable": false,
"reversed": false,
"reversible": false,
"voided": false,
"paid": false,
"expired": false
}
Creating a source and charge
Alternatively, you can create and charge a source in a single API request.
curl https://api.omise.co/charges \
-u $OMISE_SECRET_KEY: \
-d "amount=5000" \
-d "currency=SGD" \
-d "return_uri=http://example.com/orders/345678/complete" \
-d "source[type]=grabpay"
Completing the charge
At this point, you have created a new charge with its status
set to pending
.
Other possible values for charge status
are successful
, failed
, and expired
.
The following sections detail how to authorize a charge, receive its completion webhook event, and update its status.
This sequence diagram shows the entire flow.
Authorizing the charge
Redirect the customer to location specified in authorize_uri
so that they can authorize the charge.
You can simulate this authorization phase in test mode by visiting the authorize_uri
to manually mark the charge as Successful
or Failed
.
After the customer has completed the authorization phase, they will be redirected to the location you specified in return_uri
.
Receiving the charge completion event
The best way for you to be notified of the completion of a charge is using webhook events. Set up a location on your server to receive webhook events, and add this location as a webhook endpoint on the dashboard.
Once a charge is completed, a POST request will be sent to this endpoint with the charge response embedded.
The key
attribute for the event object contains charge.complete
and the data
attribute contains the charge object.
See Events API for event object structure.
Checking the charge status
After receiving this event, retrieve the charge using its id
and confirm that its status
matches the status
of the charge contained in the event.
If the value of status
is successful
, you got paid.
If the value of status
is failed
, check the failure_code
and failure_message
in the charge object for an explanation.
Possible failure codes are listed below.
Failure Code | Description |
---|---|
payment_expired |
Payment expired. |
payment_rejected |
Payment rejected by issuer. |
failed_processing |
General payment processing failure. |
invalid_account |
Valid account for payment method not found. |
insufficient_fund |
Insufficient funds in the account or the payment method has reached its limit. |
Voids and Refunds
GrabPay charges can be partially or fully refunded within three months of the transaction date.
Limits
- Minimum:
100
(MYR1.00) - Maximum:
150000
(MYR1,500.00)