Appearance
Complete Integration Example
This walkthrough demonstrates a complete transaction lifecycle using a Digi Prepaid reload as an example. Every API call is shown with full request and response bodies.
This example uses the legacy Product Listing API. For the recommended approach using the Dynamic Product Catalog, see the Catalog API documentation.
Prerequisites
- IIMMPACT account with API credentials (Create Account)
- API Key and HMAC Secret from Dashboard > Developer > API Keys
- Callback URL configured (Callback Setup)
Step 1: Check Your Balance
Before processing transactions, verify your wallet has sufficient funds.
Request:
http
GET https://api.iimmpact.com/v2/balance
X-Api-Key: <your_api_key>
X-Timestamp: <unix_timestamp>
X-Nonce: <unique_nonce>
X-Signature: v1=<hmac_signature>Signing details: API Key Authentication
Response:
json
{
"data": {
"account": "3100528",
"name": "Demo Merchant Sdn Bhd",
"balance": 950,
"level": "12",
"access": 0
}
}Step 2: Get Product List
Fetch available products and find the Digi Prepaid product code.
Request:
http
GET https://api.iimmpact.com/v2/product-list
X-Api-Key: <your_api_key>
X-Timestamp: <unix_timestamp>
X-Nonce: <unique_nonce>
X-Signature: v1=<hmac_signature>Signing details: API Key Authentication
Response (trimmed to Digi Prepaid):
json
{
"data": [
{
"status": "Active",
"has_subproduct": false,
"product_code": "D",
"product_name": "Digi Prepaid",
"product_remarks": "Top up will be credited to the mobile number.",
"account_label": "Mobile Number",
"keyboard_type": "Numeric",
"denomination": "5,10,15,20,25,30,50,100",
"common_denominations": "10,30,50",
"denomination_data_type": "Integer",
"denomination_currency": "MYR",
"product_group": "Mobile Reload",
"category": "Prepaid",
"image_url": "https://dashboard.iimmpact.com/img/D.png",
"account_type": "phone_number",
"is_refundable": false
}
]
}Step 3: Check Network Status
Verify Digi Prepaid service is available.
Request:
http
GET https://api.iimmpact.com/v2/networkstatus?product=D
X-Api-Key: <your_api_key>
X-Timestamp: <unix_timestamp>
X-Nonce: <unique_nonce>
X-Signature: v1=<hmac_signature>Signing details: API Key Authentication
Response (Healthy):
json
{
"data": {
"product_code": "D",
"product_name": "Digi Prepaid",
"product_img": "https://dashboard.iimmpact.com/img/D.png",
"network_status": "Healthy"
},
"metadata": {
"status_code": 200,
"last_updated": "15-01-2025 10:23:40"
}
}If status is Interruption
Display a warning to the user, but still allow checkout and payment.
Step 4: Make Payment
Process the Digi Prepaid reload.
Request:
http
POST https://api.iimmpact.com/v2/topup
X-Api-Key: <your_api_key>
X-Timestamp: <unix_timestamp>
X-Nonce: <unique_nonce>
X-Signature: v1=<hmac_signature>
Content-Type: application/jsonSigning details: API Key Authentication
json
{
"refid": "digi-reload-20250115-001",
"product": "D",
"account": "0123456789",
"amount": 30,
"remarks": "Digi Prepaid RM30"
}Response (Success):
json
{
"data": {
"statusCode": 20,
"status": "Succesful",
"account": "0123456789",
"product": "D",
"productName": "Digi Prepaid",
"amount": 30,
"sn": "DG250115000187",
"pin": "",
"expiry": "",
"cost": 29.4,
"balance": 920.6,
"remarks": "",
"refid": "digi-reload-20250115-001",
"timestamp": "2025-01-15 10:23:51",
"note": "Top up successful and credited to mobile number.",
"voucherlink": ""
}
}Spelling note
The success status value is Succesful (single s). Match this exact string in your code.
Response (Processing):
json
{
"data": {
"statusCode": 1,
"status": "Processing",
"account": "0123456789",
"product": "D",
"productName": "Digi Prepaid",
"amount": 30,
"sn": "",
"pin": "",
"expiry": "",
"cost": 0,
"balance": 950,
"remarks": "Transaction is being processed",
"refid": "digi-reload-20250115-001",
"timestamp": "2025-01-15 10:23:48",
"note": "",
"voucherlink": ""
}
}Polling guidance
If you receive Processing, poll every 5-10 seconds by calling POST /v2/topup again with the same refid and parameters.
Response (Failed — HTTP 200):
json
{
"data": {
"statusCode": 48,
"status": "Failed",
"account": "0123456789",
"product": "D",
"productName": "Digi Prepaid",
"amount": 30,
"sn": "",
"pin": "",
"expiry": "",
"cost": 0,
"balance": 950,
"remarks": "HC",
"refid": "digi-reload-20250115-001",
"timestamp": "2025-01-15 10:24:10",
"note": "",
"voucherlink": ""
}
}HTTP 200 Failed
This is a transaction that was created and failed at the provider level. The refid is consumed — use a new refid for the next attempt.
Response (Validation Error — HTTP 400):
json
{
"data": {
"statusCode": 58,
"status": "Failed",
"account": "0123456789",
"product": "D",
"amount": 22.23,
"cost": 0,
"balance": 950,
"remarks": "Invalid_Denomination",
"refid": "digi-reload-20250115-001",
"timestamp": "2025-01-15 10:24:05"
}
}HTTP 400 Failed
This is a pre-transaction validation error — no transaction was created and the refid is not consumed. Fix the input (e.g., use a valid denomination) and retry with the same refid.
Step 5: Handle Callback
After processing begins, IIMMPACT sends a callback to your webhook endpoint.
Request (incoming webhook):
http
POST https://merchant.example.com/iimmpact/callback
Content-Type: application/json
X-Forwarded-For: 18.140.170.98Callback payload:
json
{
"data": {
"statusCode": 20,
"status": "Succesful",
"account": "0123456789",
"product": "D",
"productName": "Digi Prepaid",
"amount": 30,
"sn": "DG250115000187",
"pin": "",
"expiry": "",
"cost": 29.4,
"balance": 920.6,
"remarks": "",
"refid": "digi-reload-20250115-001",
"timestamp": "2025-01-15 10:23:51",
"note": "Top up successful and credited to mobile number.",
"voucherlink": ""
}
}Response (your webhook):
http
HTTP/1.1 200 OK
Content-Type: application/jsonjson
{
"received": true
}Verify callbacks before updating your order state:
- Check source IP against the IIMMPACT callback allowlist.
- Match
refidto a transaction you initiated. - Validate
product,account, andamountagainst your original request.
Step 6: Verify Transaction
Optionally verify final status by re-querying with the same refid.
Request:
http
POST https://api.iimmpact.com/v2/topup
X-Api-Key: <your_api_key>
X-Timestamp: <unix_timestamp>
X-Nonce: <unique_nonce>
X-Signature: v1=<hmac_signature>
Content-Type: application/jsonSigning details: API Key Authentication
json
{
"refid": "digi-reload-20250115-001",
"product": "D",
"account": "0123456789",
"amount": 30,
"remarks": "Digi Prepaid RM30"
}Response:
json
{
"data": {
"statusCode": 20,
"status": "Succesful",
"account": "0123456789",
"product": "D",
"productName": "Digi Prepaid",
"amount": 30,
"sn": "DG250115000187",
"pin": "",
"expiry": "",
"cost": 29.4,
"balance": 920.6,
"remarks": "",
"refid": "digi-reload-20250115-001",
"timestamp": "2025-01-15 10:23:51",
"note": "Top up successful and credited to mobile number.",
"voucherlink": ""
}
}Step 7: Reconcile
Check transaction history to confirm the transaction is recorded.
Request:
http
GET https://api.iimmpact.com/v2/transactions?date=2025-01-15&product=D&limit=5
X-Api-Key: <your_api_key>
X-Timestamp: <unix_timestamp>
X-Nonce: <unique_nonce>
X-Signature: v1=<hmac_signature>Signing details: API Key Authentication
Response:
json
{
"data": [
{
"trxid": "905187223",
"date": "2025-01-15 10:23:47.910",
"product_code": "D",
"product_name": "Digi Prepaid",
"biller_code": null,
"product_image_url": "https://dashboard.iimmpact.com/img/D.png",
"category": "Prepaid",
"amount": "30.0000",
"account": "0123456789",
"sender": "203.0.113.10",
"member_id": "3100528",
"status_code": "20",
"status_name": "Successful",
"response_date": "2025-01-15 10:23:51.102",
"price": "29.4000",
"sn": "DG250115000187",
"pin": "",
"expiry": "",
"remarks": null,
"refid": "digi-reload-20250115-001",
"voucherlink": null,
"currency": "MYR"
}
],
"meta": {
"transaction_count": "1",
"total_amount": "30.0000",
"total_price": "29.4000",
"profit": "0.6000",
"successful_count": "1",
"failed_count": "0",
"pending_count": "0",
"refund_count": "0"
}
}Status Spelling Difference
The POST /v2/topup response uses data.status: "Succesful" (single 's'). The GET /v2/transactions history endpoint uses status_name: "Successful" (correctly spelled). These are different fields from different systems — always match the exact string for each endpoint.
Summary
| Step | Endpoint | Purpose |
|---|---|---|
| 1 | GET /v2/balance | Verify wallet funds |
| 2 | GET /v2/product-list | Discover products |
| 3 | GET /v2/networkstatus | Check availability |
| 4 | POST /v2/topup | Process payment |
| 5 | Webhook | Receive status update |
| 6 | POST /v2/topup (same refid) | Verify status |
| 7 | GET /v2/transactions | Reconcile |