Sibaq payment gateway

Developer documentation for branded payments.

Integrate standard checkout, express merchant payments, callbacks, and optional AGILAB add-on APIs when those add-ons are installed and activated.

Start Docs Express Checkout
API Ready Webhook Callback Merchant Checkout
API Status Live

200 OK

CheckoutReady
CardsOptional
POST /payment/form
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json
Standard Integration Express Integration AGILAB Docs
Express Integration

SIBAQ Express Payment Gateway Documentation

Use this guide to integrate branded payment checkout, redirect handling, transaction verification, and production-safe callbacks without exposing merchant secrets.

Quick Start

Step 1

Download the SDK package

Complete this step before moving to production testing.

Step 2

Set credentials on your server

Complete this step before moving to production testing.

Step 3

Create payment request

Complete this step before moving to production testing.

Step 4

Redirect buyer to approved URL

Complete this step before moving to production testing.

Credentials

Use your merchant Client ID and Client Secret from the merchant/admin API credential area. Keep credentials in environment variables or encrypted server configuration.

Security Notice

Never expose your Client Secret in frontend JavaScript, public HTML, mobile apps, or browser-side code. Use it only on your secure server-side backend.

Payment Request

Payer

Set the payer payment method to your active brand or system payment method. Other payment methods can be added later when supported.

Payer PHP 
// Payer Object
$payer = new Payer();
$payer->setPaymentMethod('Sibaq'); // preferably, your system or brand name

Amount

Specify the payment amount and currency. The currency must exist in the merchant wallet list.

Amount PHP 
// Amount Object
$amountIns = new Amount();
$amountIns->setTotal(20)->setCurrency('USD');

Transaction Reference

Attach the amount object to the transaction resource. Use your own order reference when the SDK or gateway supports it.

Transaction Reference PHP 
// Transaction Object
$trans = new Transaction();
$trans->setAmount($amountIns);

Redirect URLs

Set where the buyer should return after a successful or cancelled payment. Keep these URLs under your verified domain.

Redirect URLs PHP 
// RedirectUrls Object
$urls = new RedirectUrls();
$urls->setSuccessUrl('https://your-domain.com/sibaq-sdk/example-success.php')
    ->setCancelUrl('https://your-domain.com/sibaq-sdk/');

Send Payment Request

Create the payment with merchant credentials, redirect URLs, payer, and transaction. Redirect the buyer to the approved URL returned by the gateway.

Send Payment Request PHP 
// Payment Object
$payment = new Payment();
$payment->setCredentials([
    'client_id' => 'place your client id here',
    'client_secret' => 'place your client secret here'
])->setRedirectUrls($urls)
  ->setPayer($payer)
  ->setTransaction($trans);

try {
    $payment->create();
    header('Location: ' . $payment->getApprovedUrl());
    exit;
} catch (Exception $ex) {
    print $ex;
    exit;
}

Redirect URLs

Success and cancel URLs return the customer to your website. Callback/webhook URLs should be used for final order updates because browser redirects can be interrupted by users.

Redirect URL Example PHP 
$urls = new RedirectUrls();
$urls->setSuccessUrl('https://your-domain.com/payment/success')
    ->setCancelUrl('https://your-domain.com/payment/cancel');

Callback / Webhook

After payment is completed, the gateway sends the transaction result to your callback URL. Treat the callback as the source of truth for order updates.

  • Verify transaction ID
  • Verify amount
  • Verify currency
  • Verify payment status
  • Update your order only once
  • Log callback attempts
Idempotency

Do not credit the same transaction twice. Always check if the transaction reference already exists before updating the order.

Download Package

Download Express Package

Includes PHP connection file, payment example, and setup guide.

Download Package

Full PHP Example

Full PHP Example PHP 
require 'vendor/autoload.php';

use Sibaq\Api\Payer;
use Sibaq\Api\Amount;
use Sibaq\Api\Transaction;
use Sibaq\Api\RedirectUrls;
use Sibaq\Api\Payment;

$payer = new Payer();
$payer->setPaymentMethod('Sibaq');

$amountIns = new Amount();
$amountIns->setTotal(20)->setCurrency('USD');

$trans = new Transaction();
$trans->setAmount($amountIns);

$urls = new RedirectUrls();
$urls->setSuccessUrl('https://your-domain.com/sibaq-sdk/example-success.php')
    ->setCancelUrl('https://your-domain.com/sibaq-sdk/');

$payment = new Payment();
$payment->setCredentials([
    'client_id' => getenv('Sibaq_CLIENT_ID'),
    'client_secret' => getenv('Sibaq_CLIENT_SECRET'),
])->setRedirectUrls($urls)
  ->setPayer($payer)
  ->setTransaction($trans);

$payment->create();
header('Location: ' . $payment->getApprovedUrl());
exit;

Optional Instructions

  • Composer clear-cache
  • Composer install
  • Composer dump-autoload

Error Codes

CodeMeaningWhat to do
INVALID_CLIENTClient ID or secret is wrongCheck API credentials
INVALID_AMOUNTAmount is missing or invalidSend valid amount
INVALID_CURRENCYCurrency is unsupportedUse supported currency
PAYMENT_CANCELLEDCustomer cancelled paymentRedirect to cancel URL
PAYMENT_FAILEDPayment could not be completedRetry or contact support

Production Checklist

  • Use live Client ID and Client Secret
  • Set live callback URL
  • Set live success and cancel URLs
  • Test one successful payment
  • Test one cancelled payment
  • Test one failed payment
  • Confirm transaction history updates correctly
  • Confirm secret keys are not exposed publicly