API Authentication and Security

When you are posting requests using any of the PayU APIs, you will be posting the merchant key as the first parameter, so separate authentication is not required because these are REST APIs. For testing purposes, you can use the Test merchant key. For Integration APIs, use “JPTXg” as the Test merchant key.

All the requests are accompanied by hash that is appended at the end of the request.


While posting parameters for an API, the hash parameter in each API must contain the hash value to be calculated at your end. The string used for calculating the hash is mentioned below:


Where, sha512 is the encryption method used here. For more information on SHA, refer to Wikipedia.



You can use the Hash API of the PayU node SDK on Github to perform reverse hashing. Refer to the PayU node SDK Readme, download and install the PayU node SDK from the PayU node SDK Github location.