Skip to main content
POST
/
v2
/
payments
/
open
/
api
/
transfer
付款申请
curl --request POST \
  --url https://gate.uat.payloco.com/gateway/v2/payments/open/api/transfer \
  --header 'Content-Type: application/json' \
  --header 'signature: <api-key>' \
  --data '
{
  "charset": "UTF-8",
  "version": "2.0.0",
  "signType": "RSA",
  "memberId": "2023010558663764",
  "merchantId": "2023010558663764",
  "requestTime": "2026-05-24T14:29:32.682+08:00",
  "keyVersion": "1",
  "data": {
    "merchantOrderId": "2026042914410001",
    "country": "AF",
    "chargeOption": "SHA",
    "clearingRail": "SWIFT",
    "userId": "2026042900010001",
    "sourceCurrency": "AED",
    "destinationCurrency": "AED",
    "trade": {
      "amount": "1.01",
      "currency": "USD"
    },
    "payeeInfo": {
      "paymentMethodType": "BANK_TRANSFER",
      "targetOrg": "FPS",
      "payeeType": "PERSONAL",
      "accountInfo": {
        "accountNo": "string",
        "accountType": "string",
        "checkDigit": "string"
      },
      "bankInfo": {
        "bankCode": "622666607777",
        "bankName": "bank",
        "bankBranch": "bank branch",
        "bankCity": "ShangHai",
        "corAccountNo": "string"
      },
      "name": {
        "firstName": "string",
        "middleName": "string",
        "lastName": "string",
        "fullName": "string"
      },
      "document": {
        "documentType": "string",
        "documentId": "string",
        "documentIssueDate": "string",
        "documentExpireDate": "string"
      },
      "address": {
        "address": "string",
        "city": "string",
        "state": "string",
        "zipCode": "string"
      },
      "payeePhone": "string",
      "birthDate": "string",
      "email": "string",
      "payeeNationality": "CN",
      "payeeGender": "string",
      "payeeBirthCountry": "string"
    },
    "payerInfo": {
      "subMerchantNo": "string",
      "businessLegalName": "string",
      "registrationCountry": "string",
      "merchantCategoryCode": "DIGITAL_GOODS_MEDIA",
      "payerId": "string",
      "name": {
        "firstName": "string",
        "middleName": "string",
        "lastName": "string",
        "fullName": "string"
      }
    },
    "channelExtra": {
      "pixKeyType": "cpf",
      "pixKey": "11013601513",
      "documentNo": "11013601513",
      "name": "string",
      "lastName": "string",
      "email": "string",
      "phone": "string"
    },
    "riskParams": {
      "registerName": "string",
      "registerNo": "string",
      "nickName": "string",
      "thirdAccountNoType": "string",
      "thirdAccountNo": "string",
      "bindEmail": "string",
      "bindPhoneNo": "string",
      "accountLevel": "string",
      "vipLevel": "string",
      "regTime": "string",
      "lastLoginTime": "string",
      "liveCountry": "string",
      "taxId": "string",
      "cumPayoutAmount": "string",
      "cumPayoutTxn": "string",
      "accountBalance": "string",
      "expressMerchantID": "string"
    },
    "expiryDays": "string",
    "remark": "string",
    "reference": "string",
    "notifyUrl": "https://www.google.com",
    "notifyEmail": "string",
    "notifyPhone": "string",
    "purpose": "ISUBIL"
  }
}
'
{
  "code": "00000003",
  "message": "处理中",
  "traceId": "33fae7b7aed1233f",
  "data": {
    "merchantOrderId": "20260430000111111",
    "orderId": "INT2026061222222",
    "status": "SUCCESS"
  }
}

Authorizations

signature
string
header
required

加签(Signature)

加签是 PayLoco 开放平台与商户之间用于保障报文完整性防篡改的安全机制。

适用场景

  1. 商户请求 PayLoco:商户使用自身私钥对请求报文进行加签。
  2. PayLoco 返回响应:商户使用 PayLoco 公钥 对响应报文进行验签。

加签规则(商户请求端)

商户需对 HTTP 请求的 Body 进行签名,具体步骤如下:

1. 计算签名(SHA256withRSA)

Signature signature = Signature.getInstance("SHA256withRSA");
signature.initSign(merchantPrivateKey);

// 必须使用 UTF-8 编码
byte[] bodyBytes = requestBody.getBytes(StandardCharsets.UTF_8);
signature.update(bodyBytes);

byte[] signedBytes = signature.sign();

2. 将加签内容进行 Base64 编码;

String signature = Base64.getEncoder().encodeToString(signedHash);

3. 将编码后的内容放在请求头部 signature 参数中。

POST /v2/payments/open/api/pay HTTP/1.1
Content-Type: application/json
signature: MIIC8jCCAdqgAwIBAgI...

Body

application/json
charset
string
default:UTF-8
required

交互数据的编码【utf-8】

Example:

"UTF-8"

version
string
required

接口版本,当前版本为【2.0.0】,目前只能传2.0.0,不能不传

Maximum string length: 8
Example:

"2.0.0"

signType
string
required

报文签名类型

Example:

"RSA"

memberId
string
required

机构号

Example:

"2023010558663764"

merchantId
string
required

商户号

Maximum string length: 32
Example:

"2023010558663764"

requestTime
string
required

请求时间,遵循rfc3339标准格式,格式为yyyy-MM-DDTHH:mm:ssSSS+TIMEZONE,yyyy-MM-DD表示年月日,T出现在字符串中,表示time元素的开头,HH:mm:ss表示时分秒,TIMEZONE表示时区(+08:00表示东八区时间,领先UTC 8小时,即北京时间)。例如:2026-05-20T13:29:35.262+08:00表示,北京时间2026年5月20日13点29分35秒。

Maximum string length: 32
Example:

"2026-05-24T14:29:32.682+08:00"

keyVersion
string
required

密钥版本 当前值为:1

Maximum string length: 8
Example:

"1"

data
object

请求数据体

Response

200 - application/json

OK

code
string
required

响应状态码,code为00000000表示响应成功,其他状态码表示响应失败。具体系统错误码可以参考系统错误码。

Example:

"00000003"

message
string
required

错误消息

Example:

"处理中"

traceId
string
required

请求消息唯一标识。traceId为本次调用产生的流水号,接口调用异常,可以提供此流水号用于排查问题。

Example:

"33fae7b7aed1233f"

data
object

返回数据