npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

aya-pay-merchant-api

v1.0.8

Published

MMQR, AYA Pay - Integration Package

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

nawingngannawingngan

Keywords

MMQRAYA Pay

Readme

📘 AYA Pay Merchant API Integration Documentation (APIM)

This document provides a professional reference for integrating the AYAPayMerchant Node.js/TypeScript package into your application for handling payment and authentication flows.

🚀 Installation

Install the package via npm:

npm install aya-pay-merchant-api --save

Implementation IDEA

import { AYAPayMerchantSDK, SDKOptions } from 'aya-pay-merchant-api';

const options: SDKOptions = {
  baseUrl: 'https://sandboxxxxx.aya-payx.com/api', // <<< Request AYA Team. I cannot disclose here for security reasons
  prefixUrl: 'xxx',  // <<< Request AYA Team. I cannot disclose here for security reasons
  consumerKey: 'YOUR_CONSUMER_KEY',
  consumerSecret: 'YOUR_CONSUMER_SECRET',
  decryptionKey: 'YOUR_DECRYPTION_KEY_32_BYTES',
  phone: 'MERCHANT_APP_PHONE_NUMBER',
  password: 'MERCHANT_APP_PASSWORD', // Password Or Pincode
};

const ayaPayClient = AYAPayMerchantSDK(options);

// DEVELOPMENT QR
const qrResponse = await ayaPayClient.requestQR({
  amount: 5000,
  currency: 'MMK',
  externalTransactionId: 'ORD-' + new Date().getTime(),
  serviceCode: 'xxx-qr', // << I cannot disclose all of these ENUM for security reasons, Please ask merchant onboarding teams
  // externalAdditionalData: optional
})
console.log(qrResponse)

const qrStatusResponse = await ayaPayClient.paymentStatusQR({
  referenceNumber: qrResponse.data.referenceNumber,
  externalTransactionId: qrResponse.data.externalTransactionId,
})
console.log(qrStatusResponse)


const omResponse = await ayaPayClient.requestPush({
  amount: 5000,
  currency: 'MMK',
  externalTransactionId: 'ORD-' + new Date().getTime(),
  serviceCode: 'xxx-om', // << I cannot disclose all of these ENUM for security reasons, Please ask merchant onboarding teams
  // externalAdditionalData: optional
})
console.log(omResponse)

const omStatusResponse = await ayaPayClient.paymentStatusPush({
  referenceNumber: omResponse.data.referenceNumber,
  externalTransactionId: omResponse.data.externalTransactionId,
})
console.log(omStatusResponse)

// Now you can call methods like:
// await ayaPayClient.getToken({ grantType: 'client_credentials' });

📝 SDK Configuration and Initialization

The SDK requires specific credentials and endpoint information for initialization.

SDKOptions Interface

This configuration object is passed to the initialization function.

| Property | Type | Required | Description | | :--- | :--- | :---: | :--- | | baseUrl | string | Yes | The base URL for the AYA Pay API (e.g., https://api.gateway.com). | | consumerKey | string | Yes | Your merchant consumer key used for generating the Basic Token. | | consumerSecret | string | Yes | Your merchant consumer secret used for generating the Basic Token. | | decryptionKey | string | Yes | The AES-256-ECB secret key for decrypting payment callback data. | | basicKey | string | No | (Present in interface but currently unused in methods). |

Initialization Example (TypeScript)

The AYAPayMerchantSDK function returns a class instance containing all core methods.

import { AYAPayMerchantSDK, SDKOptions } from 'aya-pay-merchant-api';

const options: SDKOptions = {
  baseUrl: 'https://sandbox.ayapay.com/api', // <<< Request HERE I cannot disclose for security reasons
  consumerKey: 'YOUR_CONSUMER_KEY',
  consumerSecret: 'YOUR_CONSUMER_SECRET',
  decryptionKey: 'YOUR_DECRYPTION_KEY_32_BYTES',
  basicKey: '', // Can be an empty string
};

const ayaPayClient = AYAPayMerchantSDK(options);

// Now you can call methods like:
// await ayaPayClient.getToken({ grantType: 'client_credentials' });

🔑 Authentication and Token Management

All merchant API interactions require two tokens: the Key Token (for Token header) and the API Token (for Authorization header).

1. getToken()

Requests the primary Key Token using the Client Credentials grant type. This token is stored internally and used in the Token header.

| Parameter | Type | Description | | :--- | :--- | :--- | | options.grantType | string | Must be set to 'client_credentials'. |

getTokenResponse (Success Response)

| Property | Type | Description | | :--- | :--- | :--- | | accessToken | string | The Key Token obtained. | | tokenType | string | Token type, e.g., 'Bearer'. | | expiresIn | number | Token expiry time in seconds. |

2. login(options: loginRequest)

Authenticates the merchant to retrieve the merchant-specific API Token and Refresh Token.

loginRequest (Parameters)

| Property | Type | Description | | :--- | :--- | :--- | | phone | string | Merchant's registered phone number. | | password | string | Merchant's password. |

loginResponse (Success Response)

| Property | Type | Description | | :--- | :--- | :--- | | err | number | Error code (0 for success). | | message | string | Status message. | | token.token | string | The API Token, stored internally and used for payment methods. | | refreshToken.token | string | The Refresh Token. |

💳 Payment Methods

1. requestQR(options: PaymentCreateRequest)

Generates a QR code for a customer to scan and pay.

| Parameter | Type | Description | | :--- | :--- | :--- | | options | PaymentCreateRequest | Object containing payment details. |

2. requestPush(options: PaymentCreateRequest)

Initiates a payment by sending a push notification request to the customer's payment app.

| Parameter | Type | Description | | :--- | :--- | :--- | | options | PaymentCreateRequest | Object containing payment details. |

PaymentCreateRequest (Parameters for QR/Push)

| Property | Type | Description | | :--- | :--- | :--- | | amount | number | Transaction amount. | | currency | string | Currency code (e.g., 'MMK'). | | externalTransactionId | string | Unique ID from the merchant's system. | | serviceCode | string | Merchant's service code. | | externalAdditionalData | string | Optional field for extra merchant data. |

PaymentCreateResponse (Success Response)

| Property | Type | Description | | :--- | :--- | :--- | | data.qrdata | string | (QR) Raw QR code string. | | data.mmqrdata | string | (QR) Myanmar QR code string. | | data.referenceNumber | string | Unique transaction reference number from AYA Pay. | | data.amount | string | Transaction amount confirmed. | | data.expiredAt | string | Timestamp when the payment request expires. |

🔍 Status Check Methods

1. paymentStatusQR(options: PaymentStatusRequest)

Checks the status of a previously requested QR payment.

2. paymentStatusPush(options: PaymentStatusRequest)

Checks the status of a previously requested Push payment.

PaymentStatusRequest (Parameters for Status Check)

| Property | Type | Description | | :--- | :--- | :--- | | referenceNumber | string | The AYA Pay unique transaction reference number. | | externalTransactionId | string | The merchant's unique transaction ID. |

PaymentStatusResponse (Success Response)

| Property | Type | Description | | :--- | :--- | :--- | | status | string | The transaction status (e.g., 'PENDING', 'SUCCESS', 'FAILED'). | | transRefId | string | Alias for the AYA Pay transaction ID. | | err | number | Error code (0 for success). |

🔔 Callback Verification

This utility method is used by the merchant's callback endpoint to securely decrypt the transaction result payload sent by the AYA Pay system.

verifyCallback(options: CallbackEncoded)

Decrypts the Base64-encoded, encrypted payload using AES-256-ECB with the configured decryptionKey.

| Parameter | Type | Description | | :--- | :--- | :--- | | options.paymentResult | string | The encrypted and Base64-encoded payment payload from the callback body. | | options.refundResult | string | The encrypted refund payload (if applicable). | | options.externalTransactionId | string | The merchant's unique ID for context. |

| Returns | Type | Description | | :--- | :--- | :--- | | Promise<CallbackDecoded> | The raw, decrypted JSON string of the transaction result. Must be parsed into an object for use. |

Decryption Example

// Example handler for the merchant's callback endpoint (e.g., /api/payment/callback)

async function handleCallback(encodedBody) {
  try {
    const decryptedPayload = await ayaPayClient.verifyCallback(encodedBody);
    // The result is a JSON string, which must be parsed
    const paymentResult = JSON.parse(decryptedPayload as string);
    // Process paymentResult (e.g., update order status)
    console.log('Decrypted Status:', paymentResult.status);

  } catch (error) {
    console.error('Decryption Failed:', error);
  }
}