UPI Collect OTM - PayU Hosted

The merchant initiates a call to PayU with the SI details, pg, bankcode, and pre-authorization amount. This amount is considered the Block Amount. Using these details, Payu will then relay the callback with the current status to the merchant.

The pre_authorize parameter is used for pre-authorize payments using the seamless integration with the _payment API.

Steps to integrate

1. Post the Pre-Auth Transaction Request

Submit the pre-authorization transaction request to PayU for payment hold

2. Check the Response from PayU

Handle and process the response received from PayU after pre-auth request submission

3. Capture a Pre-Authorized Payment

Complete the payment capture process for the pre-authorized transaction

4. Check Transaction Status

Verify the current status of the transaction and confirm payment completion

Step 1: Post the Pre-Auth transaction request

Post the additional parameters for with the Pre-Authorization using the Merchant Hosted Checkout. For API Reference, refer to UPI One-Time Mandate Consent API.

Environment


Test Environment	https://test.payu.in/_payment
Production Environment	https://secure.payu.in/_payment>

Parameter	Description	Example
key `mandatory`	`varchar` This parameter is the unique Merchant Key provided by PayU for your merchant account.	Your Test Key
txnid `mandatory`	`varchar` This parameter is known as Transaction ID (or Order ID). It is the order reference number generated at your (Merchant's) end. It is an identifier that you (merchant) would use to track a particular order. If a transaction using a particular transaction ID has already been successful at PayU, the usage of the same Transaction ID again would fail. Hence, you must post us a unique transaction ID for every new transaction. `Character limit`: 25 Note*: Ensure that the transaction ID sent to us has not been successful earlier. In case of this duplication, the customer would get an error of 'duplicate Order ID.'	fd3e847h2
amount `mandatory`	`float` This parameter should contain the payment amount of the particular transaction. Note*: Type-cast the amount to float type	1000
productinfo `mandatory`	`varchar` This parameter should contain a brief product description. It should be a string describing the product. `Character limit`: 100	Time Magazine Subscription
firstname `mandatory`	`varchar` Must contain the first name of the customer. `Character limit`: 60	Ashish
email `mandatory`	`varchar` Must contain the email of the customer. This information is helpful when it comes to issues related to fraud detection and chargebacks. Hence, it is a must to provide the correct information. Also, MIS reporting is shared with few issuing banks where email and mobile number is used to keep track of users using SI transactions. Character limit: 50	[email protected]
phone `mandatory`	`varchar` Must contain the phone number of the customer. This information is helpful when it comes to issues related to fraud detection and chargebacks. Hence, it is must to provide the correct information. Character limit: 50	9843176540
surl `mandatory`	surL is the acronym for Success URL. This parameter must contain the URL on which PayU will redirect the final response if the transaction is successful.
furl `mandatory`	furl is the acronym for for Failure URL. This parameter must contain the URL on which PayU will redirect the final response if the transaction is failed.
txn_s2s_flow `mandatory`	This parameter must be passed with the values as 4 for UPI Intent.	4
pre_authorize `mandatory for Pre-Auth`	This parameter is set to1 to pre-authorize payment.	1
si_details	This parameter contains the following information in JSON format: paymentStartDate paymentEndDateExample: {"paymentStartDate":"2024-07-24","paymentEndDate":"2024-07-28"}
hash `mandatory`	Hash is a crucial parameter used to ensure that any date is not tampered while redirecting customer from the merchant website to PayU's payment interface while registration transactions. It is SHA512 hash generated by encrypting values of merchant key, txnid, amount, productinfo, firstname, email, udf and si_details by merchant salt. In the case of registration transaction, the formula is used to calculate this hash is similar to the following: `HASH = sha512(key\|txnid\|amount\|productinfo\|firstname\|email\|udf1\|udf2\|udf3\|udf4\|udf5\|\|\|\|\|\|SALT)

Hashing

You must hash the request parameters using the following hash logic:

sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||SALT)

For more information, refer to Generate Hash.

Sample request

curl --request POST   

--url https://test.payu.in/_payment   
--header 'accept: text/plain'   
--header 'content-type: application/x-www-form-urlencoded'   
--data key=JPM7Fg   
--data txnid=aso6787   
--data siDetails="{"paymentStartDate": "2019-09-01","paymentEndDate": "2019-12-01"}"   
--data pre_authorize=1 \  
--data amount=100.00   
--data productinfo=iPhone   
--data firstname=Ashish   
--data [email protected]   
--data phone=9876543210   
--data surl=https://apiplayground-response.herokuapp.com/   
--data furl=https://apiplayground-response.herokuapp.com/   
--data hash=8e8de8a3cf2ba999e16c0ffdb63a645074af4ad1aa0a8d66d81555a119c004e1791173fe6199084f256623664b250d3aeb50fc2c4cfc155e729d8811a157c98b

Step 2: Check the response from PayU

On receiving valid request over PayU's payment interface (_payment), PayU returns:

Sample response

mihpayid=6MAESTROMAESTRO5&mode=UPI&status=success&key=travelibibo&txnid=8286f8e3954bf669c02e&amount=10000.00&addedon=2024-04-22 15:48:45&productinfo=Product Info&firstname=CARDHOLDERXXXXXXXXNAME-Admin&lastname=&address1=&address2=&city=&state=&country=&zipcode=&[email protected]&"phone":"##########"&udf1=&udf2=&udf3=&udf4=Created&udf5=&udf6=&udf7=&udf8=&udf9=&udf10=&card_token=&card_no=&field0=&field1=sur***@icici&field2=&field3=sur***icici&field4=ICICI Test Vpa&field5=3159219e58ed45eda39e8914b998401a@icici&field6=rambo|_mobilenum_&field7=00|APPROVED OR COMPLETED SUCCESSFULLY&field8=&field9=APPROVED OR COMPLETED SUCCESSFULLY|Completed Using Callback&payment_source=payuPureS2S&PG_TYPE=UPI-PG&error=E000&error_Message=No Error&net_amount_debit=10000&discount=0.00&unmappedstatus=auth&hash=3ca863c1c8148baa13891f6e8e124c07f909d9fa14d6757acc01b08b736c35bbdae9845fa445cdaf22fb190f717285d0d09c02508bbfe081b4833eaf5637ec03&bank_ref_no=410901015475&bank_ref_num=410901015475&bankcode=UPI&surl=http://local.admin.payu.in/test_response&curl=http://local.admin.payu.in/test_response&furl=http://local.admin.payu.in/test_response

The formatted response is similar to the file:

# PayU Hosted Checkout Response (v1)

mihpayid: 6MAESTROMAESTRO5
mode: UPI
status: success
key: travelibibo
txnid: 8286f8e3954bf669c02e
amount: 10000.00
addedon: 2024-04-22 15:48:45
productinfo: Product Info
firstname: CARDHOLDERXXXXXXXXNAME-Admin
lastname: 
address1: 
address2: 
city: 
state: 
country: 
zipcode: 
email: [email protected]
phone: ##########
udf1: 
udf2: 
udf3: 
udf4: Created
udf5: 
udf6: 
udf7: 
udf8: 
udf9: 
udf10: 
card_token: 
card_no: 
field0: 
field1: sur***@icici
field2: 
field3: sur***@icici
field4: ICICI Test Vpa
field5: 3159219e58ed45eda39e8914b998401a@icici
field6: rambo|_mobilenum_
field7: 00|APPROVED OR COMPLETED SUCCESSFULLY
field8: 
field9: APPROVED OR COMPLETED SUCCESSFULLY|Completed Using Callback
payment_source: payuPureS2S
PG_TYPE: UPI-PG
error: E000
error_Message: No Error
net_amount_debit: 10000
discount: 0.00
unmappedstatus: auth
hash: 3ca863c1c8148baa13891f6e8e124c07f909d9fa14d6757acc01b08b736c35bbdae9845fa445cdaf22fb190f717285d0d09c02508bbfe081b4833eaf5637ec03
bank_ref_no: 410901015475
bank_ref_num: 410901015475
bankcode: UPI
surl: http://local.admin.payu.in/test_response
curl: http://local.admin.payu.in/test_response
furl: http://local.admin.payu.in/test_response

Step 3: Capture a pre-authorized payment

To capture a pre-authorized payment, use the following command. After the API command is successful, the transaction would be captured and settled to you.=

Request parameters

Parameter	Description	Example
key `mandatory`	This parameter is the unique Merchant Key provided by PayU for your merchant account. The Merchant Key acts as the unique identifier (primary key) to identify a Merchant Account in our database.	YbfVda
command `mandatory`	For initiating a capture transaction, the value of the parameter will be passed as capture_transaction	capture_transaction
hash `mandatory`	This parameter must contain the hash value to be calculated at merchant end. Hash logic for this API is: `sha512(key\|command\|var1\|salt)`	5fcf2d7c2b...
var1 `mandatory`	This parameter must contain the payuId that was generated by PayU as part of pre-authorize operation.	403993715523409521
var2 `mandatory`	This parameter contains the token, that is, merchant unique reference number.	TXN123456789
var3 `mandatory`	This parameter must contain the amount to be captured.	100.00

Sample request

curl --location --request POST 'https://info.payu.in/merchant/postservice.php?form=2' \   
 --header 'Content-Type: application/x-www-form-urlencoded' \   
 --form 'key="JF***g"' \   
 --form 'command="capture_transaction"' \   
 --form 'hash="67411736ab98c59522492a12751a6015c41b87764019f9dc14052690c2c7af9095d31002fc109dcf3596c2f38792d56db6f6207b1989010f2adf51c144fa3019"' \   
 --form 'var1="15246574846"' \   
 --form 'var2="authorizeTransaction123"' \   
 --form 'var3="1"'

Sample response

{
  "msg": "Transaction Processed successfully",
  "status": 1,
  "result": {
    "payuid": 613345678912399031,
    "txnId": "upiAuthCapture_12",
    "amount": 10000.00,
    "merchantId": 3,
    "authpayuid": "3975",
    "status": "in progress",
    "mode": "UPIOTM",
    "bankRefNumber": "410700457030",
    "payerVpa": "surya@icici",
    "field5": "3159219e58ed45eda39e8914b998401a@icici",
    "field9": "0|Transaction Successful"
  }
}

Step 4: Check Transaction Status

Upon receiving the response, we recommend performing a reconciliation step to validate all transaction details.
You can verify your payments using either of the following methods:

Configure the webhooks to monitor the status of payments.
Webhooks enable a server to communicate with another server by sending an HTTP callback or message.
These callbacks are triggered by specific events or instances and operate at the server-to-server (S2S) level.

👉 For more details, refer to Webhooks for Payments.

👍
Reference: For cancelling pre-auth payments, refer to Cancel a Pre-Authorized Transaction API.

Updated 9 days ago

Step 1: Post the Pre-Auth transaction request

Step 2: Check the response from PayU

Step 3: Capture a pre-authorized payment

Step 4: Check Transaction Status

EXAMPLE QUESTIONS