Special Notes:
Before testing API calls, please read and confirm following details:
- Make sure your server has already enabled the firewall (i.e. any other external IP can access your server), otherwise you will not be able to receive ECPay’s response (callbacks).
- ECPay’s connection port for API calls is only the HTTPS (443 port). Please use a legitimate domain name system (DNS).
- For the request method of API calls, please use HTTP POST.
- If you really need to use a Port, ECPay supports only HTTP Port 80 and HTTPS Port 443.
- When testing API calls, please do not place credentials (i.e. MerchantID, HashKey and HashIV) into the front-end code, such as JavaScript, HTML and CSS to avoid the theft of credentials and data leakage.
- Chinese characters are not supported in server URLs. Please converter the Chinese into punycode.
For example, 中文.tw is converted into xn--fiq228c.tw. - Not every ECPay’s merchant could use ECPay’s e-invoice on production, so if you are sure to use this services on ECPay’s production, please apply for it firstly.
- To protect customers’ rights and online transaction security, ECPay’s API services support only TLS 1.2 and above.
- Using this e-invoice services is not necessary to print the e-invoice (since e-invoice is basically a paper-free services). But if you still have the need to do so, please contact your ECPay’s sales contact to apply for the QRCode (密碼種子).
- If you have the need to print the e-invoice through a kiosk in any convenience store, please contact your ECPay’s sales contact firstly and then follow the API specification of printing e-invoice.
- ECPay’s host IP is not fixed. If your firewall needs to connect to the ECPay’s host, please set it in the way of FQDN (fully qualified domain name) as below: postgate.ecpay.com.tw, postgate-stage.ecpay.com.tw(Test mode).
If you need a fixed IP for your firewall, please go to https://member.ecpay.com.tw/ServiceReply/CreateProblem
to apply. (問題類別及子類別請選擇:申請主機IP鎖定) - If your application is calling the API too fast, you will receive a status code of HTTP Status Code 403, please reduce the frequency of API calls and wait 30 minutes before calling again. If you need to access the API at high speed, please make sure you are a “contracted merchants” and contact your service provider first.
- If you receive a status code (HTTP Status Code 500), it may be the data format error, a mismatch between MerchantID and Key and IV (no permission) or an encryption error. Please check the return message you received and resend the correct data.