1. 01 Preparations
YUNMO-API
  • API
    • 01 Preparations
      • 1.1 Protocol Specification
      • 1.2 Appendix
      • 1.3 Login authorization
        POST
    • 02 Customer
      • 2.1 Create Customer
      • 2.2 Query customer information
    • 03 KYC
      • 3.1 Submit KYC Information
      • 3.2 Get Liveness H5 Link
      • 3.3 Query Liveness Results
      • 3.4 Querying KYC Status
    • 04 Card
      • 4.01 Query available card samples
      • 4.02 Create virtual card
      • 4.03 Query customer card
      • 4.04 Customer card balance adjustment
      • 4.05 Customer card top-up order query
      • 4.06 Query customer card detail
      • 4.07 Destroy card
      • 4.08 Freeze card
      • 4.09 Unfreeze card
      • 4.10 Query card PAN-HTML
      • 4.11 Query card PAN
      • 4.12 Query card PIN
      • 4.13 Update phone number
      • 4.14 Update email
      • 4.15 Update card limit
      • 4.16 Bind physical card
      • 4.17 Activate physical card
    • 05 Transaction
      • 5.1 3DS Authorization Confirmation
    • 06 Webhook
      • 6.1 Notification Specification
      • 6.2 KYC callback
      • 6.3 3DS Notification
      • 6.4 Transaction Notification
    • Schemas
      • GetTokenVo
      • ApiResponse«GetTokenVo»
      • ApiRequest«GetTokenDto»
      • ApiRequest«CreateCardDto»
      • ApiRequest«CardRechargeDto»
      • ApiRequest«RechargeOrderQueryDto»
      • ApiRequest«CardDetailDto»
      • ApiRequest«CardStatusUpdateDto»
      • ApiRequest«CardPanHtmlDto»
      • ApiRequest«CardPanEncryptDto»
      • ApiRequest«CardQueryPinDto»
      • ApiRequest«CardPhoneDto»
      • ApiRequest«CardEmailDto»
      • ApiRequest«CardTradeLimitDto»
      • ApiRequest«BindCardDto»
      • ApiRequest«ActiveCardDto»
      • ApiRequest«CustomerAddDto»
      • ApiRequest«CustomerQueryDto»
      • ApiRequest«GetLivenessUrlDto»
      • ApiRequest«GetLivenessResultDto»
      • ApiRequest«KycDto»
      • ApiRequest«Confirm3DSDto»
      • CardSampleInfoVo
      • ApiRequest«Object»
      • ApiRequest«CardQueryDto»
      • ApiRequest«SubmitKycDto»
      • CreateCardDto
      • GetTokenDto
      • CardBenefitVo
      • ApiResponse«List«CardSampleInfoVo»»
      • CreateCardVo
      • ApiResponse«CreateCardVo»
      • CardQueryVo
      • ApiResponse«List«CardQueryVo»»
      • CardQueryDto
      • CardRechargeVo
      • ApiResponse«CardRechargeVo»
      • CardRechargeDto
      • RechargeOrderQueryVo
      • ApiResponse«RechargeOrderQueryVo»
      • RechargeOrderQueryDto
      • CardDetailVo
      • ApiResponse«CardDetailVo»
      • CardDetailDto
      • ApiResponse«Boolean»
      • CardStatusUpdateDto
      • ApiResponse«String»
      • CardPanHtmlDto
      • ApiEncryptVo
      • ApiResponse«ApiEncryptVo»
      • CardPanEncryptDto
      • CardQueryPinDto
      • CardPhoneDto
      • CardEmailDto
      • CardTradeLimitDto
      • BindCardVo
      • ApiResponse«BindCardVo»
      • BindCardDto
      • ActiveCardDto
      • CustomerAddVo
      • ApiResponse«CustomerAddVo»
      • CustomerAddDto
      • CustomerQueryVo
      • ApiResponse«CustomerQueryVo»
      • CustomerQueryDto
      • LivenessUrlQueryDto
      • ApiResponse«LivenessUrlQueryDto»
      • GetLivenessUrlDto
      • LivenessResultQueryDto
      • ApiResponse«LivenessResultQueryDto»
      • GetLivenessResultDto
      • SubmitKycDto
      • InHouseKycInfoVo
      • ApiResponse«InHouseKycInfoVo»
      • KycDto
      • Confirm3DSDto
  1. 01 Preparations

1.1 Protocol Specification

YUNMO API DOC#

Before proceeding with integration, please contact YUNMO's business representatives to obtain your sandbox/production environment credentials and the merchant management console URL.

Interface Rules#

1.Agreement Type#

Transmission Protocol:HTTPS
Request Method:POST
Request header information:Content-Type: application/json
Character encoding:UTF-8
Signature Algorithm:MD5

2.Interface Address#

Sandbox
production
https://sandbox-api.yunmo.io

3.Public Participation#

All interface request parameters consist of common parameters + the data section, with the data section varying according to specific interface requirements. The common parameters are described as follows:
paramrequiredtypedescription
merchantNoYStringAssigned merchant ID
tokenYStringRequest Token
requestTimeYLongRequest Timestamp
versionYStringInterface Version (current fixed value V1.0)
nonceYString16-character random string
signYStringSignature
data\Object\

4.Common Response#

All API responses consist of a common response plus data, where the data part contains the specific results of the request. The common response is described below:
paramtypedescription
codeStringFor operation result codes, please refer to the response codes section in the appendix.
msgStringOperation Result Explanation
timestampLongResponse Timestamp
dataObject\

Signature Algorithm#

All api in this document require a signature for access. You can verify your signature method by clicking 【Settings】 -> 【Signature Tool】 in the Merchant Management Console.

1. Steps for Generating a Signature#

Let all sent or received data form a set M. Sort the keys of non-empty parameter values within set M in ascending order by ASCII code (lexicographical order). Concatenate them using the URL key-value pair format (i.e., key1=value1&key2=value2...) to form the string plainText.
Parameter names are case-sensitive.
Parameter NameASCII CodeSort in Ascending Order (Lexicographical Order)
If the parameter value is empty, it is excluded from the signature.
The sign field in the parameters does not participate in the signature.
The token field in the parameters is not included in the signature.
Certain parameters that are not involved in signing will be detailed in the API documentation.
The interface may add fields, when verifying signatures, all fields returned must be validated.
The interface may add fields, when verifying signatures, all fields returned must be validated.
The interface may add fields, when verifying signatures, all fields returned must be validated.
Append the secretKey obtained from the merchant backend's 【API Management】 menu to the end of plainText (ensure this secretKey is safeguarded; never include it in request parameters. If the secretKey is compromised, immediately reset it in the merchant center). This yields the signTemp string (i.e., plainText + secretKey). Apply MD5 encryption to signTemp to obtain the final encrypted result signValue. Place signValue into the sign field of the request parameters to complete the signing process.

2. Signature Example#

1.
Assuming a request for YUNMO's JSON data
{
	"nonce": "TW4P54uVulwRoc2y",
	"merchantNo": "BU078255558",
	"token": "testToken",
	"requestTime": 1770712296681,
	"version": "v1.0",
	"data": {
		"customerCode": "test0001"
	}
}
2.
Sort the json data by ASCII code and convert it into URL key-value pairs. The resulting plainText value is as follows:
customerCode=test0001&merchantNo=BU078255558&nonce=TW4P54uVulwRoc2y&requestTime=1770712296681&version=v1.0
3.
Concatenate the value of plainText with the application's secretKey (assuming secretKey=1111111111111111) to obtain the value of signTemp as follows:
customerCode=test0001&merchantNo=BU078255558&nonce=TW4P54uVulwRoc2y&requestTime=1770712296681&version=v1.01111111111111111
5.
Perform MD5 encryption on the value of signTemp to obtain the 32-bit signValue, as follows:
6bf642b5fc7b10a6eae3b8ab5e7bbea2
7.
Place the value of signValue into the sign field of the request parameters. The final request parameters sent to YUNMO are as follows:
{
	"sign": "6bf642b5fc7b10a6eae3b8ab5e7bbea2",
	"nonce": "TW4P54uVulwRoc2y",
	"merchantNo": "BU078255558",
	"token": "testToken",
	"requestTime": 1770712296681,
	"version": "v1.0",
	"data": {
		"customerCode": "test0001"
	}
}
Modified at 2026-02-11 07:09:02
Next
1.2 Appendix
Built with