Payments8 min read

Set Up DOKU QRIS: Client ID, Merchant ID, Shared Key, and Webhook

A practical guide for collecting DOKU Production credentials, setting the Notification URL, and avoiding QRIS signature errors in OurBooth.

What you need before enabling QRIS

OurBooth generates Dynamic QRIS through DOKU SNAP BI. To create QRIS and receive paid status quickly on Android, prepare a complete Production credential set from DOKU Back Office.

Client ID from QRIS Credential Settings or API Keys.
Active Secret Key from API Keys, not the API Key field.
Merchant ID/Credential mall ID from QRIS Credential Settings.
Terminal ID from QR Payment or QRIS Credential Settings, commonly A01.
Five-digit QRIS merchant postal code.
QRIS Fee Type, use 1 unless DOKU gives a different value.
Shared Key from Settings > API Key for webhook verification.
OurBooth Notification URL configured in Settings > QR Payment > Edit.
RSA Public Key from OurBooth uploaded to Edit Merchant Public Key in DOKU.

Do not mix Sandbox and Production

Every value in the OurBooth form must come from DOKU Production. Mixing Production Client ID with Sandbox Secret Key can produce signature mismatch or unauthorized errors.

Find Client ID, Merchant ID, MPAN, and NMID

1Log in to DOKU Back Office Production.
2Open Settings > Checkout Appearance.
3Find QRIS Credential Settings.
4Copy the Client ID shown there, usually starting with BRN- or MCH-.
5Copy the numeric Merchant ID. Do not fill Merchant ID with the Client ID.
6Copy MPAN and NMID if they appear on the page or QRIS certificate. These are useful for merchant audit and matching.

Find the Active Secret Key

1Open Settings > API Keys.
2Find the Active Secret Key box.
3Click Reveal Key, then copy it into OurBooth.
4Ignore API Key and Public Key when filling Active Secret Key.

Find the Shared Key

OurBooth uses the Shared Key to verify that payment webhooks really come from DOKU. In some DOKU Back Office layouts, it appears under Settings > API Key in the merchant/public DOKU section. Copy the Shared Key exactly; do not replace it with Public Key or API Key.

Set the Notification URL

The Notification URL lets DOKU send payment status to OurBooth immediately after the customer pays. Without it, QRIS may still be generated, but Android has to wait for polling or inquiry fallback, which feels slower.

1Copy the Notification URL from OurBooth tenant settings.
2In DOKU Back Office, open Settings > QR Payment > Edit.
3Paste the URL into Notification URL.
4Save the change in DOKU, then run a small QRIS test to confirm paid status arrives.

OurBooth Notification URL

Use https://ourbooth-upload-signer.edison-thomas52.workers.dev/v1/webhooks/doku. The URL must be public HTTPS, not localhost, VPN-only, or protected by login.

Upload the Public Key generated by OurBooth

When you click Save Credentials in OurBooth, the system creates an RSA keypair. The Private Key is stored encrypted, while the Public Key must be copied to DOKU.

1Copy the Public Key shown after saving credentials.
2Open DOKU Back Office Production > Settings > API Keys.
3Click Edit Merchant Public Key.
4Paste the full Public Key, including BEGIN PUBLIC KEY and END PUBLIC KEY lines.
5Save, then run a connection test or test QRIS from OurBooth.

OurBooth field	DOKU location	Notes
Client ID	Settings > Checkout Appearance > QRIS Credential Settings or API Keys	Usually BRN- or MCH-
Active Secret Key	Settings > API Keys	Click Reveal Key. Do not use API Key.
Merchant ID	QRIS Credential Settings	Numeric merchant/credential mall ID.
Terminal ID	QR Payment or QRIS Credential Settings	Usually A01.
Postal Code	QR Payment or merchant outlet data	Must be 5 digits.
Fee Type	QR Payment or DOKU instruction	Usually 1.
Shared Key	Settings > API Key, merchant/public DOKU section	Used for webhook verification.
MPAN/NMID	QRIS Credential Settings or QRIS certificate	Used for merchant audit/matching.

Ready to finish setup?

Open tenant settings, enable QRIS Gateway, save DOKU credentials, set the Notification URL in DOKU, then run a test QRIS before your event.

Open Tenant Settings