ForjioHuudisIdentityPlugipayPaymentsStorlaunchE-commerceFulkrumaFulfilmentRiplloMarketingLinkSnapShort URLsPawpadoGPU streaming
Plugipay Docs
⌘K

Xendit (BYO)

Xendit is a leading Indonesian/Southeast Asian payment processor. If you already have a Xendit account — or want one directly — you can connect it to Plugipay and we'll orchestrate payments through it.

This page covers setup, what works, and what's BYO-specific.

Why use Xendit BYO

  • You already have a Xendit account. No need to re-onboard with us.
  • Direct settlement. Funds settle to your Xendit balance, then to your bank on Xendit's schedule.
  • Direct Xendit support. For payment-method-specific issues you can reach Xendit directly.
  • Slightly lower platform fee. Plugipay's BYO rate is lower than managed, since you're providing the provider relationship.

What you need to set up

  1. An active Xendit account in production (live mode) and/or test mode.
  2. A Xendit secret API key (in the Xendit dashboard: Settings → Developers → API keys).
  3. A Xendit webhook verification token (Settings → Webhooks).

Plugipay needs both to operate. The secret key authenticates outbound calls; the webhook token lets Plugipay validate inbound webhook events from Xendit.

Connecting Xendit

  1. In Plugipay, go to Settings → Payment methods → Add provider → Xendit.
  2. Choose test or live (you can connect both, one per environment).
  3. Paste the secret key and webhook verification token.
  4. Click Connect. We'll round-trip a test API call to confirm the credentials work.

If the test fails: the most common cause is whitespace in the pasted keys. Re-copy from Xendit, no leading/trailing spaces.

After connecting, configure the webhook URL in Xendit:

  • Xendit dashboard → Settings → Webhooks
  • Add https://api.plugipay.com/v1/inbound-webhooks/xendit/<your-workspace-id> as a webhook URL
  • Subscribe to all event types

Your workspace ID is shown in the Plugipay setup wizard.

Payment methods supported

Method Status
Cards (Visa, MC)
Cards (AmEx, JCB) ✅ if enabled on your Xendit account
Bank transfer (VA: BCA, Mandiri, BNI, BRI, Permata)
E-wallets (OVO, DANA, ShopeePay, LinkAja)
GoPay (via Xendit Direct)
QRIS
Retail outlets (Alfamart, Indomaret)
PayLater (Kredivo, Akulaku) ✅ if enabled on Xendit

Per-method availability depends on what you've activated in Xendit — we mirror Xendit's enabled set, we don't enable methods for you.

What Plugipay does on top

Even though Xendit handles the payment, Plugipay adds:

  • Unified API. Your code uses the same Plugipay SDKs regardless of which provider is underneath.
  • Hosted checkout pages. Plugipay's branded checkout pages, not Xendit's.
  • Webhook normalization. Xendit events come in their format; Plugipay re-emits them as payment.succeeded, refund.failed, etc. consistent with managed mode.
  • Templates and theming. Customize the checkout look in Plugipay — works the same as managed.
  • Idempotency. Plugipay's idempotency layer wraps Xendit calls so retries are safe.
  • Cross-provider portability. Switch off Xendit later without changing your application code.

What Xendit does

  • Money movement and settlement. Funds go through Xendit's pipes, not Plugipay's.
  • Underlying compliance. PCI-DSS, AML, KYC of the merchant (Plugipay supplements but Xendit is primary).
  • Direct disputes and chargebacks. Card disputes are handled in Xendit's dashboard.

Refunds

Refunds via the Plugipay API forward to Xendit's refund API. Timing:

  • Cards: 5-10 business days (Xendit's standard)
  • VA / e-wallet: 1-3 business days
  • QRIS: instant or near-instant

The refund's status in Plugipay reflects the underlying Xendit status. Listen for refund.succeeded / refund.failed webhooks.

Fees

Xendit charges you per their pricing — we don't intermediate that. Plugipay charges a separate BYO platform fee, billed monthly.

Both appear on payment details:

  • payment.fees.provider — Xendit's cut
  • payment.fees.platform — Plugipay's cut
  • payment.net — what you actually receive

Switching off Xendit

To disconnect:

  1. Settings → Payment methods → Xendit → Disconnect.
  2. We stop routing new payments through Xendit.
  3. Existing payments and refunds continue to work — we keep the credentials around long enough to handle in-flight operations.
  4. After 90 days of no activity, we purge the stored credentials.

You can reconnect later with new credentials anytime.

Limits and quirks

  • Xendit's rate limits apply. We pass them through; you can see them on 429 responses if you hit Xendit's ceiling.
  • Test mode vs live keys. A test Xendit key won't process real money no matter what; the environment is determined by the key prefix.
  • Settlement currency. Xendit settles in IDR by default. If you need USD or another currency, configure that in Xendit first.

Next

Plugipay — Payments that don't tax your success