B2C E-Invoice API Document

Preliminary Preparation / Special Notes

❗ Special Notes:

Before testing API calls, please read and confirm the following details:

  • Make sure your server has already enabled the firewall (i.e. any other external IP can access your server), otherwise you will not be able to receive ECPay’s response (callbacks).
  • ECPay’s connection port for API calls is only the HTTPS (443 port). Please use a legitimate domain name system (DNS).
  • For the request method of API calls, please use HTTP POST.
  • If you really need to use a Port, ECPay supports only HTTP Port 80 and HTTPS Port 443.
  • When testing API calls, please do not place credentials (i.e. MerchantID, HashKey and HashIV) into the front-end code, such as JavaScript, HTML and CSS to avoid the theft of credentials and data leakage.
  • Chinese characters are not supported in server URLs. Please converter the Chinese into punycode.
    For example, 中文.tw is converted into xn--fiq228c.tw.
  • Not every ECPay merchant can use ECPay’s e-invoice in production, so if you are sure you want to use these services in ECPay’s production, please apply for it first.
  • To protect customers’ rights and online transaction security, ECPay’s API services support only TLS 1.2 and above.
  • Using e-invoice service is not necessary to print the e-invoice (since e-invoice is basically a paper-free service).  However, if you still need to do so, please contact your ECPay sales representative to apply for the QR code (密碼種子).
  • If you have the need to print the e-invoice through a kiosk in any convenience store, please contact your ECPay’s sales contact firstly and then follow the API specification of printing e-invoice.
  • ECPay’s host IP is not fixed. If your firewall needs to connect to ECPay’s host, please set it using the FQDN (fully qualified domain name) as below: postgate.ecpay.com.tw, postgate-stage.ecpay.com.tw (Test mode).
    If you need a fixed IP for your firewall, please go to https://member.ecpay.com.tw/ServiceReply/CreateProblem
    to apply. (問題類別及子類別請選擇:申請主機IP鎖定)
  • If your application is calling the API too fast, you will receive an HTTP Status Code 403. Please reduce the frequency of API calls and wait 30 minutes before calling again. If you need to access the API at high speed, please make sure you are a “contracted merchants” and contact your service provider first.
  • If you receive a status code (HTTP Status Code 500), it may be the data format error, a mismatch between MerchantID and Key and IV (no permission) or an encryption error. Please check the return message you received and resend the correct data.

Copyright © Green World FinTech Service Co., Ltd. All rights reserved.

Green World