Home Developers Support Quick Start

API Documentation

Official documentation for Visa API endpoints. Integrate payments, verify transactions, and manage KHQR codes efficiently with comprehensive examples and guides.

Quick Start Guide Bakong API Game Verification Get Support

Quick Start

Get started with Visa API in minutes. Follow these steps to make your first API call and integrate payments into your application.

POST /api/bakong/create_payment
Create a new Bakong payment and generate a QR code. This is the primary endpoint for initiating payments.

Request Parameters

Parameter Type Required Description
bank_account String Required Bank account for payment (e.g., lim_visa1@trmc)
merchant_name String Required Name displayed to customer
amount Number Optional Payment amount (0 for static QR)

Example Request

cURL 

# Working cURL example with JSON format
curl -X POST "https://www.visatopup.shop/api/bakong/create_payment" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  -d '{
    "bank_account": "lim_visa1@trmc",
    "merchant_name": "VISA TOPUP",
    "amount": 10
  }'

Example Response

{ "success": true, "bank_account": "lim_visa1@trmc", "merchant_name": "VISA TOPUP", "amount": 10, "qr_string": "KHQR data string...", "qr_image": "https://www.visatopup.shop/api/bakong/khqr/qr/ABC123", "md5_hash": "e99a18c428cb38d5f260853678922e03", "transaction_id": "TRX1704067200", "is_static": false }

Authentication

Visa API uses API keys for authentication. Include your API key in all requests to the API.

Getting Your API Key

1. Sign up for a Visa API account
2. Go to your Dashboard → API Keys
3. Generate a new API key
4. Keep your API key secure and never share it publicly

Using Your API Key

Include your API key in the Authorization header of all requests:

HTTP Headers 

Authorization: Bearer YOUR_API_KEY_HERE
Content-Type: application/json

Security Best Practices

  • Never commit API keys to version control
  • Use environment variables for API keys
  • Rotate API keys regularly
  • Use different keys for development and production
  • Restrict API key permissions when possible

Bakong API

Complete API reference for Bakong KHQR payment integration. Generate QR codes, check payment status, and manage transactions.

POST /api/bakong/create_payment
Create a new Bakong payment and generate QR code. Supports both static (amount = 0) and dynamic QR codes.

Parameters

Parameter Type Required Description Default
bank_account String Required Bank account for payment lim_visa1@trmc
merchant_name String Required Name displayed to customer VISA TOPUP
amount Float Optional Payment amount (0 for static QR) 0
merchant_city String Optional Merchant city Sihanoukville
currency String Optional Currency code USD

Example Request

cURL (JSON format) 

curl -X POST "https://www.visatopup.shop/api/bakong/create_payment" \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "bank_account": "lim_visa1@trmc",
    "merchant_name": "Game Store",
    "amount": 9.99,
    "currency": "USD"
  }'

Example Response

{ "success": true, "bank_account": "lim_visa1@trmc", "merchant_name": "Game Store", "amount": 9.99, "qr_string": "000201010212...KHQR", "qr_image": "https://www.visatopup.shop/api/bakong/khqr/qr/ABC123XYZ", "md5_hash": "e99a18c428cb38d5f260853678922e03", "transaction_id": "TRX1704067200", "is_static": false, "expiry": "2025-12-31T23:59:59Z" }
POST /api/bakong/check_payment/md5
Check payment status using MD5 hash returned from create_payment endpoint.

Parameters

Parameter Type Required Description
md5_hash String Required MD5 hash from create_payment response

Example Request

cURL 

curl -X POST "https://www.visatopup.shop/api/bakong/check_payment/md5" \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "md5_hash": "e99a18c428cb38d5f260853678922e03"
  }'

Example Response

{ "bank_account": "lim_visa1@trmc", "merchant_name": "Game Store", "md5_hash": "e99a18c428cb38d5f260853678922e03", "transaction_id": "TRX1704067200", "status": "PAID", "amount": 9.99, "currency": "USD", "paid_at": "2025-12-20T14:30:00Z" }
POST /api/bakong/check_payment/transaction_id
Check payment status using transaction ID returned from create_payment endpoint.

Parameters

Parameter Type Required Description
transaction_id String Required Transaction ID from create_payment response

Example Request

cURL 

curl -X POST "https://www.visatopup.shop/api/bakong/check_payment/transaction_id" \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "transaction_id": "TRX1704067200"
  }'

Example Response

{ "bank_account": "lim_visa1@trmc", "merchant_name": "Game Store", "md5_hash": "e99a18c428cb38d5f260853678922e03", "transaction_id": "TRX1704067200", "status": "UNPAID", "expiry": "2025-12-31T23:59:59Z" }

Game Verification API

Verify user accounts for popular games. Supports Mobile Legends, Free Fire, PUBG Mobile, Honor of Kings, Magic Chess GoGo, Bloodstrike and more.

POST /api/check_username/ml
Verify Mobile Legends account by player ID and zone ID.

Parameters

Parameter Type Required Description
player_id String/Number Required Mobile Legends player ID
zone_id String/Number Required Mobile Legends zone/server ID

Example Request

cURL 

curl -X POST "https://www.visatopup.shop/api/check_username/ml" \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "player_id": "123456789",
    "zone_id": "8888"
  }'

Example Response

{ "success": true, "username": "MLProPlayer", "player_id": "123456789", "zone_id": "8888", "game": "mobile_legends" }
POST /api/check_username/ff
Verify Free Fire account by player ID.

Parameters

Parameter Type Required Description
player_id String/Number Required Free Fire player ID

Example Request

cURL 

curl -X POST "https://www.visatopup.shop/api/check_username/ff" \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "player_id": "987654321"
  }'

Example Response

{ "success": true, "username": "FFGamer123", "player_id": "987654321", "game": "free_fire" }
POST /api/check_username/pubg
Verify PUBG Mobile account by player ID and optional zone ID.

Parameters

Parameter Type Required Description
player_id String/Number Required PUBG Mobile player ID
zone_id String Optional PUBG Mobile zone ID (optional)

Example Request

cURL 

curl -X POST "https://www.visatopup.shop/api/check_username/pubg" \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "player_id": "555555555"
  }'

Example Response

{ "success": true, "username": "PUBGPlayer123", "player_id": "555555555", "game": "pubg" }
POST /api/check_username/hok
Verify Honor of Kings account by player ID.

Parameters

Parameter Type Required Description
player_id String/Number Required Honor of Kings player ID

Example Request

cURL 

curl -X POST "https://www.visatopup.shop/api/check_username/hok" \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "player_id": "777777777"
  }'

Example Response

{ "success": true, "username": "HOKKing", "player_id": "777777777", "game": "hok" }
POST /api/check_username/mcg
Verify Magic Chess GoGo account by player ID and zone ID.

Parameters

Parameter Type Required Description
player_id String/Number Required Magic Chess GoGo player ID
zone_id String Optional Zone ID (optional, default: empty)

Example Request

cURL 

curl -X POST "https://www.visatopup.shop/api/check_username/mcg" \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "player_id": "999999999",
    "zone_id": "1001"
  }'

Example Response

{ "success": true, "username": "ChessMaster", "player_id": "999999999", "game": "magic_chest_gogo" }
POST /api/check_username/bloodstrike
Verify Bloodstrike account by player ID.

Parameters

Parameter Type Required Description
player_id String/Number Required Bloodstrike player ID

Example Request

cURL 

curl -X POST "https://www.visatopup.shop/api/check_username/bloodstrike" \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "player_id": "888888888"
  }'

Example Response

{ "success": true, "username": "BloodStrikeGamer", "player_id": "888888888", "game": "bloodstrike" }

Error Handling

Common error responses and how to handle them in your application.

All API endpoints return standard HTTP status codes and JSON error responses.

Common Error Codes

Status Code Error Code Description Solution
400 BAD_REQUEST Invalid request parameters Check required parameters and data types
401 UNAUTHORIZED Invalid or missing authentication Check API key or authentication headers
403 FORBIDDEN Access denied to resource Check permissions or account status
404 NOT_FOUND Resource not found Check endpoint URL and resource ID
405 METHOD_NOT_ALLOWED HTTP method not supported Use correct HTTP method (GET, POST, etc.)
429 TOO_MANY_REQUESTS Rate limit exceeded Wait before making more requests
500 INTERNAL_ERROR Server error Contact support if persists

Error Response Format

{ "error": true, "code": "BAD_REQUEST", "message": "Missing required parameter: player_id", "details": { "parameter": "player_id", "expected": "string or number" }, "timestamp": "2025-12-20T14:30:00Z", "request_id": "req_abc123xyz" }

Rate Limiting

API rate limits to ensure fair usage and system stability.

Rate limits are applied per API key/IP address. Check response headers for current limits.

Rate Limits

Endpoint Category Limit Window Notes
Bakong Payment Creation 100 requests 1 minute Per merchant account
Payment Verification 300 requests 1 minute Unlimited for paid plans
Game Verification 200 requests 1 minute Per game endpoint
All Other Endpoints 500 requests 1 minute Overall API limit

Rate Limit Headers

# Response Headers X-RateLimit-Limit: 100 X-RateLimit-Remaining: 95 X-RateLimit-Reset: 1704067260 Retry-After: 60 # When rate limited

Webhooks

Receive real-time notifications for payment events and game verifications.

Configure webhook URLs in your dashboard to receive automated notifications.

Webhook Events

Event Type Trigger Payload
payment.created New payment QR created Payment details + QR data
payment.paid Payment successfully completed Transaction details + amount
payment.expired Payment QR expired Transaction ID + expiry time
payment.failed Payment failed or cancelled Error details + transaction ID
verification.success Game account verified Game + username + player ID
verification.failed Game account verification failed Game + player ID + error

Webhook Payload Example

{ "event": "payment.paid", "timestamp": "2025-12-20T14:30:00Z", "data": { "transaction_id": "TRX1704067200", "amount": 9.99, "currency": "USD", "status": "PAID", "paid_at": "2025-12-20T14:29:45Z", "bank_account": "lim_visa1@trmc", "merchant_name": "Game Store" }, "webhook_id": "wh_abc123xyz", "signature": "sha256=abc123..." }

Pricing

Transparent pricing plans for all API usage. No hidden fees.

Choose the plan that fits your needs. All plans include access to all API endpoints.

Pricing Plans

Feature Free Pro Enterprise
Monthly Requests $0 $0 Unlimited
Bakong Transactions $2/month $5/5month Unlimited
Game Verifications $0 $0 Unlimited
Webhooks
API Support Community Email 24/7 Priority
Rate Limits Advanced Increased Custom
Price $2/month $5/5month Custom

Frequently Asked Questions

Common questions about Visa API integration and usage.

General Questions

Q: How do I get an API key?

A: Sign up on our website and generate your API key from the dashboard. Free tier available for testing.

Q: What games are supported?

A: Mobile Legends, Free Fire, PUBG Mobile, Honor of Kings, Magic Chess GoGo, Bloodstrike, and more.

Q: How long do payments take to process?

A: Bakong payments are instant. Game top-ups typically complete within 1-5 minutes.

Q: Is there a sandbox/test environment?

A: Yes, use the test API endpoint with test credentials provided in your dashboard.

Technical Questions

Q: What is the expiry time for payment QR codes?

A: QR codes expire after 30 minutes by default. You can check status using MD5 hash or transaction ID.

Q: Can I use the API for production immediately?

A: Yes, after testing with the free tier. Upgrade to Pro for higher limits and priority support.

Q: How do webhooks work?

A: Configure a webhook URL in your dashboard to receive real-time notifications for payments and verifications.

Changelog

Version history and recent updates to the Visa API.

Recent Updates

v2.0.0 - December 2025
  • Added Magic Chess GoGo verification
  • Added Bloodstrike verification
  • Improved payment verification accuracy
  • Added webhook support for all events
  • Enhanced rate limiting system
  • Updated documentation with examples
  • Added country detection for Mobile Legends
v1.5.0 - November 2025
  • Added PUBG Mobile verification
  • Improved error handling and messages
  • Added country detection for ML
  • Performance optimizations
  • Fixed QR code generation issues
v1.0.0 - October 2025
  • Initial release of Visa API
  • Bakong KHQR payment integration
  • Mobile Legends and Free Fire verification
  • Basic payment status checking
  • Documentation and examples
Previous
Developer Portal
Next
Homepage

© 2025 Visa API • Documentation v2.0.0 • All rights reserved