{"activeVersionTag":"latest","latestAvailableVersionTag":"latest","collection":{"info":{"_postman_id":"2445d6f9-6ae5-4249-9fa7-21f0fd89ecf6","name":"HOI eServices API","description":"The HOI eServices API provides a unified interface for digital services including gift cards, eSIM provisioning, mobile top-ups, vouchers, bill payments, and travel insurance. Each service is organized as a separate folder within this collection.\n\n---\n\n## Base URLs\n\n| Environment | Base URL |\n| --- | --- |\n| Preproduction (PPD) | `https://eservicespre.hoicom.net` |\n| Production (PRD) | `https://eservices.hoicom.net` |\n\nAll endpoint paths are relative to the base URL for your target environment, e.g. `{{baseUrl}}/api/v0/gifts/locations`.\n\n---\n\n## API Architecture\n\nThe API is structured around RESTful principles, utilizing standard HTTP methods and status codes. It communicates using JSON-formatted requests and responses, ensuring compatibility with a wide range of clients and platforms.\n\n- **Content Type:** All requests and responses use `application/json`\n    \n- **Base URL:** Environment-specific — see the **Base URLs** section above. Paths follow the form `.../api/{version}/{service}`\n    \n- **Versioning:** API versions are specified in the URL path (e.g., `v0`, `v1`)\n    \n\n---\n\n## Authentication\n\nAll API endpoints require proper authentication to ensure secure access. Authentication is handled via **Basic Authentication**, where clients provide their credentials with each request.\n\n| Property | Value |\n| --- | --- |\n| **Method** | Basic Authentication |\n| **Header** | `Authorization: Basic {Base64EncodedCredentials}` |\n\n### How to encode credentials\n\n1. Combine your username and password with a colon: `username:password`\n    \n2. Encode the combined string using **Base64** encoding\n    \n3. Include the encoded string in the `Authorization` header:\n    \n\n```\nAuthorization: Basic xxxxxxxxx\n\n ```\n\n---\n\n## Security\n\n### Transport Security (TLS)\n\n- All API communication is served **exclusively over HTTPS/TLS**. Plain HTTP is not supported on any endpoint.\n- **TLS 1.2 or higher** is enforced.\n- Our TLS server certificates are issued by a **trusted public Certificate Authority (CA)**.\n\n### Certificates\n\n- Server certificates are renewed **annually**, ahead of expiry.\n- Clients who validate or pin our certificate on their systems are **notified in advance of each renewal**, with the new certificate / public key provided beforehand so it can be pre-configured with **no service interruption**.\n\n### Authentication\n\n- Every request must include valid client credentials in the `Authorization` header (HTTP **Basic Authentication**).\n- Each client is issued **unique credentials**, with **separate credentials per environment** (Pre-Production and Production).\n- Credentials are delivered through a **secure channel during onboarding** and can be **rotated or revoked immediately** upon request or suspicion of compromise.\n\n### Input Validation\n\n- Strict **server-side validation** is applied to request format and parameters, protecting the platform against malformed and injection-style payloads.\n\n### Environment Segregation\n\n- **Pre-Production** (`eservicespre.hoicom.net`) and **Production** (`eservices.hoicom.net`) are **fully segregated** environments, with separate credentials and separate data.\n- All integration testing must be completed in **Pre-Production before Production access is granted**.\n\n---\n\n## Response Format\n\nAll responses follow a standard JSON structure:\n\n``` json\n{\n  \"code\": 1000,\n  \"message\": \"Success\",\n  \"data\": { }\n}\n\n ```\n\n| Field | Type | Description |\n| --- | --- | --- |\n| `code` | `int` | Custom response code (see table below) |\n| `message` | `string` | Human-readable message |\n| `data` | `object` | Response payload (nullable on errors) |\n\n---\n\n## Response Codes\n\n| Code | Name | Message |\n| --- | --- | --- |\n| **1000** | Success | Request processed successfully. |\n| **1101** | InternalServerError | Internal server error. |\n| **1102** | InvalidRequestFormat | Invalid request format. |\n| **1103** | UnauthorizedAccess | Unauthorized access. |\n| **1104** | Forbidden | Forbidden. |\n| **1105** | ResourceNotFound | Resource not found. |\n| **1106** | MethodNotAllowed | Method not allowed. |\n| **1107** | ValidationError | Validation error. |\n| **1108** | InvalidCredentials | Invalid credentials. |\n| **1109** | RateLimitExceeded | Rate limit exceeded. |\n| **1110** | UnsupportedMediaType | Unsupported media type. |\n| **1111** | NotAcceptable | Not acceptable. |\n| **1112** | Conflict | Conflict with current state. |\n| **1113** | ServiceUnavailable | Service unavailable. |\n| **1114** | InvalidParameterValue | Invalid parameter value. |\n| **1120** | TooManyRequests | Too many requests. |\n| **1201** | PaginationErrorInvalidPage | Invalid page number. |\n| **1202** | PaginationErrorInvalidPageSize | Invalid page size. |\n| **1301** | SearchParameterErrorInvalidTerm | Invalid search term. |\n| **1302** | FilteringErrorInvalidCriteria | Invalid filtering criteria. |\n| **1303** | NoResultsFound | No results found. |\n| **1401** | InvalidNumberOrAccount | Invalid number or account. |\n| **1402** | LimitationExceeded | Limitation exceeded. |\n| **1403** | TransactionRejected | Transaction rejected. |\n| **1404** | DeclinedByProvider | Declined by provider. |\n| **1405** | ProviderDown | Provider is down. |\n| **1406** | NumberOrAccountIssueByProvider | Number or account issue by provider. |\n| **1407** | DuplicateTransaction | Duplicate transaction. |\n| **1408** | TransactionTimeout | Transaction timeout. |\n| **1409** | InvalidTransactionAmount | Invalid transaction amount. |\n| **1410** | ServiceTemporarilyUnavailable | Service temporarily unavailable. |\n| **1411** | InsufficientFunds | Insufficient funds. |\n| **1412** | ExceededTransactionLimit | Exceeded transaction limit. |\n| **1413** | InvalidProductId | Invalid product ID. |\n| **1414** | InvalidCurrencyCode | Invalid currency code. |\n| **1415** | InvalidAmountRange | Invalid amount range. |\n| **1416** | InvalidDestinationNumberFormat | Invalid destination number format. |\n| **1417** | DestinationNumberNotSupported | Destination number not supported. |\n| **1418** | InvalidExternalReference | Invalid external reference. |\n| **1419** | TransactionAlreadyProcessed | Transaction already processed. |\n| **1420** | UnsupportedCountry | Unsupported country. |\n| **1421** | UnsupportedOperator | Unsupported operator. |\n\n---\n\n## Transaction Statuses\n\n| Status | Description |\n| --- | --- |\n| **Submitted** | The transaction has been received and is queued for processing. |\n| **Pending** | The transaction is currently being processed by the system or service provider. |\n| **Completed** | The transaction has been completed successfully. |\n| **Failed** | The transaction failed during processing due to an error or issue. |\n| **Cancelled** | The transaction was cancelled before completion. |","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","isPublicCollection":false,"owner":"41813919","team":10263783,"collectionId":"2445d6f9-6ae5-4249-9fa7-21f0fd89ecf6","publishedId":"2sBXigMZ13","public":true,"publicUrl":"https://docs.hoicom.net","privateUrl":"https://go.postman.co/documentation/41813919-2445d6f9-6ae5-4249-9fa7-21f0fd89ecf6","customColor":{"top-bar":"2671C5","right-sidebar":"303030","highlight":"2671C5"},"documentationLayout":"classic-double-column","customisation":{"metaTags":[{"name":"description","value":""},{"name":"title","value":""}],"appearance":{"default":"system_default","themes":[{"name":"dark","logo":"https://content.pstmn.io/f5ddcd48-f80f-4777-a9ef-365f57682961/d2hpdGUgbG9nby5wbmc=","colors":{"top-bar":"2671C5","right-sidebar":"303030","highlight":"2671C5"}},{"name":"light","logo":"https://content.pstmn.io/adf7ce90-6e71-46e5-9d89-76f232083457/d2hpdGUgbG9nby5wbmc=","colors":{"top-bar":"2671C5","right-sidebar":"303030","highlight":"2671C5"}}]}},"version":"8.11.8","publishDate":"2026-07-02T09:11:58.000Z","activeVersionTag":"latest","documentationTheme":"light","metaTags":{"title":"","description":""},"logos":{"logoLight":"https://content.pstmn.io/adf7ce90-6e71-46e5-9d89-76f232083457/d2hpdGUgbG9nby5wbmc=","logoDark":"https://content.pstmn.io/f5ddcd48-f80f-4777-a9ef-365f57682961/d2hpdGUgbG9nby5wbmc="}},"statusCode":200},"environments":[],"user":{"authenticated":false,"permissions":{"publish":false}},"run":{"button":{"js":"https://run.pstmn.io/button.js","css":"https://run.pstmn.io/button.css"}},"web":"https://www.getpostman.com/","team":{"logo":"https://res.cloudinary.com/postman/image/upload/t_team_logo_pubdoc/v1/team/4e2a3d126c060f7b1d0da0c81053a43f4d03e698344e514fc8f1d02fb90c4e23","favicon":"https://hoicom.net/favicon.ico"},"isEnvFetchError":false,"languages":"[{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"HttpClient\"},{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"RestSharp\"},{\"key\":\"curl\",\"label\":\"cURL\",\"variant\":\"cURL\"},{\"key\":\"dart\",\"label\":\"Dart\",\"variant\":\"http\"},{\"key\":\"go\",\"label\":\"Go\",\"variant\":\"Native\"},{\"key\":\"http\",\"label\":\"HTTP\",\"variant\":\"HTTP\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"OkHttp\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"Unirest\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"Fetch\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"jQuery\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"XHR\"},{\"key\":\"c\",\"label\":\"C\",\"variant\":\"libcurl\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Axios\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Native\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Request\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Unirest\"},{\"key\":\"objective-c\",\"label\":\"Objective-C\",\"variant\":\"NSURLSession\"},{\"key\":\"ocaml\",\"label\":\"OCaml\",\"variant\":\"Cohttp\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"cURL\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"Guzzle\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"HTTP_Request2\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"pecl_http\"},{\"key\":\"powershell\",\"label\":\"PowerShell\",\"variant\":\"RestMethod\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"http.client\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"Requests\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"httr\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"RCurl\"},{\"key\":\"ruby\",\"label\":\"Ruby\",\"variant\":\"Net::HTTP\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"Httpie\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"wget\"},{\"key\":\"swift\",\"label\":\"Swift\",\"variant\":\"URLSession\"}]","languageSettings":[{"key":"csharp","label":"C#","variant":"HttpClient"},{"key":"csharp","label":"C#","variant":"RestSharp"},{"key":"curl","label":"cURL","variant":"cURL"},{"key":"dart","label":"Dart","variant":"http"},{"key":"go","label":"Go","variant":"Native"},{"key":"http","label":"HTTP","variant":"HTTP"},{"key":"java","label":"Java","variant":"OkHttp"},{"key":"java","label":"Java","variant":"Unirest"},{"key":"javascript","label":"JavaScript","variant":"Fetch"},{"key":"javascript","label":"JavaScript","variant":"jQuery"},{"key":"javascript","label":"JavaScript","variant":"XHR"},{"key":"c","label":"C","variant":"libcurl"},{"key":"nodejs","label":"NodeJs","variant":"Axios"},{"key":"nodejs","label":"NodeJs","variant":"Native"},{"key":"nodejs","label":"NodeJs","variant":"Request"},{"key":"nodejs","label":"NodeJs","variant":"Unirest"},{"key":"objective-c","label":"Objective-C","variant":"NSURLSession"},{"key":"ocaml","label":"OCaml","variant":"Cohttp"},{"key":"php","label":"PHP","variant":"cURL"},{"key":"php","label":"PHP","variant":"Guzzle"},{"key":"php","label":"PHP","variant":"HTTP_Request2"},{"key":"php","label":"PHP","variant":"pecl_http"},{"key":"powershell","label":"PowerShell","variant":"RestMethod"},{"key":"python","label":"Python","variant":"http.client"},{"key":"python","label":"Python","variant":"Requests"},{"key":"r","label":"R","variant":"httr"},{"key":"r","label":"R","variant":"RCurl"},{"key":"ruby","label":"Ruby","variant":"Net::HTTP"},{"key":"shell","label":"Shell","variant":"Httpie"},{"key":"shell","label":"Shell","variant":"wget"},{"key":"swift","label":"Swift","variant":"URLSession"}],"languageOptions":[{"label":"C# - HttpClient","value":"csharp - HttpClient - C#"},{"label":"C# - RestSharp","value":"csharp - RestSharp - C#"},{"label":"cURL - cURL","value":"curl - cURL - cURL"},{"label":"Dart - http","value":"dart - http - Dart"},{"label":"Go - Native","value":"go - Native - Go"},{"label":"HTTP - HTTP","value":"http - HTTP - HTTP"},{"label":"Java - OkHttp","value":"java - OkHttp - Java"},{"label":"Java - Unirest","value":"java - Unirest - Java"},{"label":"JavaScript - Fetch","value":"javascript - Fetch - JavaScript"},{"label":"JavaScript - jQuery","value":"javascript - jQuery - JavaScript"},{"label":"JavaScript - XHR","value":"javascript - XHR - JavaScript"},{"label":"C - libcurl","value":"c - libcurl - C"},{"label":"NodeJs - Axios","value":"nodejs - Axios - NodeJs"},{"label":"NodeJs - Native","value":"nodejs - Native - NodeJs"},{"label":"NodeJs - Request","value":"nodejs - Request - NodeJs"},{"label":"NodeJs - Unirest","value":"nodejs - Unirest - NodeJs"},{"label":"Objective-C - NSURLSession","value":"objective-c - NSURLSession - Objective-C"},{"label":"OCaml - Cohttp","value":"ocaml - Cohttp - OCaml"},{"label":"PHP - cURL","value":"php - cURL - PHP"},{"label":"PHP - Guzzle","value":"php - Guzzle - PHP"},{"label":"PHP - HTTP_Request2","value":"php - HTTP_Request2 - PHP"},{"label":"PHP - pecl_http","value":"php - pecl_http - PHP"},{"label":"PowerShell - RestMethod","value":"powershell - RestMethod - PowerShell"},{"label":"Python - http.client","value":"python - http.client - Python"},{"label":"Python - Requests","value":"python - Requests - Python"},{"label":"R - httr","value":"r - httr - R"},{"label":"R - RCurl","value":"r - RCurl - R"},{"label":"Ruby - Net::HTTP","value":"ruby - Net::HTTP - Ruby"},{"label":"Shell - Httpie","value":"shell - Httpie - Shell"},{"label":"Shell - wget","value":"shell - wget - Shell"},{"label":"Swift - URLSession","value":"swift - URLSession - Swift"}],"layoutOptions":[{"value":"classic-single-column","label":"Single Column"},{"value":"classic-double-column","label":"Double Column"}],"versionOptions":[],"environmentOptions":[{"value":"0","label":"No Environment"}],"canonicalUrl":"https://docs.hoicom.net/view/metadata/2sBXigMZ13"}