Model 3 - Simple REST API Integration

You can choose this model integration for better flexibility and control. You can choose to keep only the PayU token with them and/or network/issuer tokens.

To integrate vault with the Simple REST APIs, this section describes the following:



To use tokenisation, you need to get the Token Requestor onboarding to be done. Contact your PayU Key Account Manager (KAM) to get the onboarding done.

First-time transaction

  1. Get the customer’s consent on token creation on their checkout page.

Note: This 2FA is done as per RBI guidelines and you need to be PCI-DSS compliant to store your customer’s card details.

  1. Initiate the payment call to process the transaction with the card details.
  2. After the payment response is received as successful, you will trigger the save_user_card API to get save_card_token. For more information, refer to Save a Card API
  3. The response received will provide the PayU reference ID and the network/issuer tokens, if the merchant is PCI-DSS compliant.

Repeat transaction with token

  1. If the transaction is to be processed through PayU:
    • Send the card token, network token, or issuer token and other details in the _payment API. For more information, refer to Collect Payments - Save Card
  2. If the transaction is to be processed outside PayU:
    • Call the get_payment_details API with the PayU/Network token and get the TAVV/cryptogram. For more information, refer to Get User Cards API
    • After the token and cryptogram is available, you will be able to do transaction with the preferred PA/PG.

Manage the tokens

  1. To make any changes in the card token already created, you need to call the edit_user_card API. For more information, refer to Edit a Saved Card API.
  2. To delete any token to comply with customer consent management, you need to call delete_user_card. For more information, refer to Delete a Saved Card API