Merchant Hosted Integration
The pre_authorize parameter is used to pre-authorize payments using the Merchant Hosted Checkout integration with the _payment API.
Note:You need to activate the Pre-Authorize Payments before you start using this integration. Contact your PayU Key Account Manager (KAM) to activate Pre-Authorize Payments.
Step 1: Post the Pre-Auth transaction request
Post the additional parameters for with the Pre-Authorization using the Merchant Hosted Checkout. For complete list of parameters, refer to Pre-Authorize Payment for the complete list parameters with Try It experience.
Environment
| Test Environment | https://test.payu.in/_payment |
| Production Environment | https://secure.payu.in/_payment |
The pre_authorize parameter as specified is used to pre-authorize payments using the Merchant Hosted Checkout integration with the _payment API.
| Parameter | Description | Example |
|---|---|---|
key
mandatory
StringMerchant key provided by PayU during onboarding. | ||
|---|---|---|
txnid
mandatory
| ||
|---|---|---|
amount |
| |
productinfo |
| |
firstname |
| Ashish |
email
|
| |
phone
|
| |
pg
|
| CC |
bankcode |
| AMEX |
ccnum
|
| 5123456789012346 |
ccname |
| Ashish Kumar |
ccvv
|
| 123 |
ccexpmon |
| 10 |
ccexpyr
|
| 2021 |
furl
|
| |
surl
|
| |
pre_authorize
| This parameter is set to 1to pre-authorize payment using PayU Hosted Checkout. | |
hash
|
| |
address1
|
| |
address2
|
| |
city
|
| |
state
|
| |
country
|
| |
zipcode
|
| |
udf1
|
| |
udf2
|
| |
udf3
|
| |
udf4
|
| |
udf5
|
|
Hashing
You must hash the request parameters using the following hash logic:
sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||SALT)For more information, refer to Generate Hash.
Sample request
curl --request POST \
--url 'https://test.payu.in/_payment?form=2' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'accept: text/plain' \
--data key=JPM7Fg \
--data pg=CC \
--data bankcode=CC \
--data pre_authorize=1 \
--data surl=https://test-payment-middleware.payu.in/simulatorResponse \
--data furl=https://test-payment-middleware.payu.in/simulatorResponse \
--data txnid=ypskjfdaaksdjfh \
--data amount=10000 \
--data productinfo=iPhone \
--data firstname=Ashish \
--data [email protected] \
--data phone=9889XXXXXX \
--data ccnum=512*******012346 \
--data ccname=Ashish \
--data ccexpmon=11 \
--data ccexpyr=2025 \
--data ccvv=123 \
--data hash=d99f230c19d781016fa64c57f976d0ec8ff3761fe5d9d6448933cf46d7177db6fb7b370e551e39dd37f2045a2a761f9065f8462838bbaad22963c083c84f9cedStep 2: Check the response from PayU
Hash validation logic for payment response (Reverse Hashing)
While sending the response, PayU takes the exact same parameters that were sent in the request (in reverse order) to calculate the hash and returns it to you. You must verify the hash and then mark a transaction as a success or failure. This is to make sure the transaction has not tampered within the response.
The order of the parameters is similar to the following code block:
sha512(SALT|status||||||udf5|udf4|udf3|udf2|udf1|email|firstname|productinfo|amount|txnid|key)Sample response
The formatted sample response body is similar to the following, and you need to look for the following parameters:
- PG_TYPE: CC PG
- bankcode: CC
- unamappedstatus: auth
{
"mihpayid": "403993715531065775",
"mode": "CC",
"status": "success",
"unmappedstatus": "captured",
"key": "JPM7Fg",
"txnid": "ypskjfdaaksdjfh",
"amount": "10000.00",
"cardCategory": "domestic",
"discount": "0.00",
"net_amount_debit": "10000",
"addedon": "2024-02-26 07:20:56",
"productinfo": "iPhone",
"firstname": "Ashish",
"lastname": "",
"address1": "",
"address2": "",
"city": "",
"state": "",
"country": "",
"zipcode": "",
"email": "[email protected]",
"phone": "9889843845",
"udf1": "",
"udf2": "",
"udf3": "",
"udf4": "",
"udf5": "",
"udf6": "",
"udf7": "",
"udf8": "",
"udf9": "",
"udf10": "",
"hash": "00f188fdda2d60d418b147e7dce3a6ead172cf760a95a4df09b763f7627c01d867127e022de97841f1fe41cecb420b12b482fd8b68aaf66476b840bdfe82ca3c",
"field1": "261005309469848160",
"field2": "724760",
"field3": "10000.00",
"field4": "",
"field5": "00",
"field6": "02",
"field7": "AUTHPOSITIVE",
"field8": "AUTHORIZED",
"field9": "Transaction is Successful",
"payment_source": "payu",
"PG_TYPE": "CC-PG",
"bank_ref_num": "261005309469848160",
"bankcode": "CC",
"error": "E000",
"error_Message": "No Error",
"cardnum": "XXXXXXXXXXXX2346",
"cardhash": "This field is no longer supported in postback params.",
"splitInfo": "{\"splitStatus\":\"splitNotReceived\",\"splitSegments\":[]}"
}Step 3: Capture a Pre-authorized payment
To capture a pre-authorized payment, use the following command. After the API command is successful, the transaction would be captured and settled to you.
Environment
| Environment | URL |
|---|---|
| Test Environment | https://test.payu.in/merchant/postservice?form=2 |
| Production Environment | https://info.payu.in/merchant/postservice?form=2 |
Sample request
curl --location --request POST 'https://info.payu.in/merchant/postservice.php?form=2' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--form 'key="JF***g"' \
--form 'command="capture_transaction"' \
--form 'hash="67411736ab98c59522492a12751a6015c41b87764019f9dc14052690c2c7af9095d31002fc109dcf3596c2f38792d56db6f6207b1989010f2adf51c144fa3019"' \
--form 'var1="15246574846"' \
--form 'var2="authorizeTransaction123"' \
--form 'var3="1"' Sample response
{
"status": 1,
"msg": "Capture Request Queued",
"request_id": "Request ID",
"bank_ref_num": "Bank Reference Number"
} Step 3: Check Action Status
- To check the status of the transaction, use the verify_payment API. For more information, refer to Verify Payment API
- To check the status of the Auth Request and then Capture Request sent, use the check_action_status API. For more information, refer to Check Refund Status API with Request ID.
Note:
- The unamappedstatus to auth can be checked using thje Verify Payment API and in callback response in the Transaction callback.
- If you want to cancel or refund a pre-authorized payment, refer to Cancel a Pre-Authorized Payment.
Sample response
Failure scenario
{
"status": 1,
"msg": "1 out of 1 Transactions Fetched Successfully",
"transaction_details": {
"18315176038": {
"12806028149": {
"mihpayid": "18315176038",
"bank_ref_num": "6969235068376733806127",
"request_id": "12806028149",
"amt": "2.00",
"mode": "CC",
"action": "auth",
"token": "",
"status": "SUCCESS", // Auth is successful
"bank_arn": null,
"settlement_id": null,
"amount_settled": null,
"UTR_no": null,
"value_date": null,
"refund_mode": "-"
},
"12806028151": {
"mihpayid": "18315176038",
"bank_ref_num": null,
"request_id": "12806028151",
"amt": "1.00",
"mode": "CC",
"action": "capture",
"token": "Cap_18315176038_01",
"status": "QUEUED", // Capture is in queue statue
"bank_arn": null,
"settlement_id": null,
"amount_settled": null,
"UTR_no": null,
"value_date": null,
"refund_mode": "-"
}
}
} Success scenario
{
"status": 1,
"msg": "1 out of 1 Transactions Fetched Successfully",
"transaction_details": {
"18283829909": {
"12781896792": {
"mihpayid": "18283829909",
"bank_ref_num": "6966342376826003206121",
"request_id": "12781896792",
"amt": "1031.00",
"mode": "CC",
"action": "auth",
"token": "",
"status": "SUCCESS",
"bank_arn": null,
"settlement_id": null,
"amount_settled": null,
"UTR_no": null,
"value_date": null,
"refund_mode": "-"
},
"12781896793": {
"mihpayid": "18283829909",
"bank_ref_num": "6969233152136917105030",
"request_id": "12781896793",
"amt": "426.00",
"mode": "CC",
"action": "capture",
"token": "PZT2310070446VG2VC01",
"status": "success", // Auth is successful
"bank_arn": null,
"settlement_id": "202310111115",
"amount_settled": "418.7100",
"UTR_no": null,
"value_date": null,
"refund_mode": "-"
},
"12806008126": {
"mihpayid": "18283829909",
"bank_ref_num": null,
"request_id": "12806008126",
"amt": "605.00",
"mode": "CC",
"action": "cancel",
"token": "825816e28afb809be802c7b",
"status": "SUCCESS", // Capture is successful
"bank_arn": null,
"settlement_id": null,
"amount_settled": null,
"UTR_no": null,
"value_date": null,
"refund_mode": "-"
}
}
}
} Reference: For cancelling pre-auth payments, refer to Cancel a Pre-Authorized Transaction API.
Updated 4 days ago