UPI Collect OTM - PayU Hosted
The merchant initiates a call to PayU with the SI details, pg, bankcode, and pre-authorization amount. This amount is considered the Block Amount. Using these details, Payu will then relay the callback with the current status to the merchant.
The pre_authorize parameter is used for pre-authorize payments using the seamless integration with the _payment API.
Step 1: Post the Pre-Auth transaction request
Post the additional parameters for with the Pre-Authorization using the Merchant Hosted Checkout. For API Reference, refer to UPI One-Time Mandate Consent API.
Environment
Test Environment | https://test.payu.in/_payment |
Production Environment | https://secure.payu.in/_payment> |
Parameter | Description | Example |
---|---|---|
key
|
| Your Test Key |
txnid
|
| fd3e847h2 |
amount
|
| 1000 |
productinfo
|
| Time Magazine Subscription |
firstname
|
| Ashish |
email
|
| |
phone
|
This information is helpful when it comes to issues related to fraud detection and chargebacks. Hence, it is must to provide the correct information. Character limit: 50 | 9843176540 |
surl
| surL is the acronym for Success URL. This parameter must contain the URL on which PayU will redirect the final response if the transaction is successful. | |
furl
| furl is the acronym for for Failure URL. This parameter must contain the URL on which PayU will redirect the final response if the transaction is failed. | |
txn_s2s_flow
| This parameter must be passed with the values as 4 for UPI Intent. | 4 |
pre_authorize
| This parameter is set to1 to pre-authorize payment. | 1 |
si_details | This parameter contains the following information in JSON format:
| |
hash
| Hash is a crucial parameter used to ensure that any date is not tampered while redirecting customer from the merchant website to PayU's payment interface while registration transactions. It is SHA512 hash generated by encrypting values of merchant key, txnid, amount, productinfo, firstname, email, udf and si_details by merchant salt. In the case of registration transaction, the formula is used to calculate this hash is similar to the following: `HASH = sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||SALT) |
Hashing
You must hash the request parameters using the following hash logic:
sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||SALT)
For more information, refer to Generate Hash.
Sample request
curl --request POST
--url https://test.payu.in/_payment
--header 'accept: text/plain'
--header 'content-type: application/x-www-form-urlencoded'
--data key=JPM7Fg
--data txnid=aso6787
--data siDetails="{"paymentStartDate": "2019-09-01","paymentEndDate": "2019-12-01"}"
--data pre_authorize=1 \
--data amount=100.00
--data productinfo=iPhone
--data firstname=Ashish
--data [email protected]
--data phone=9876543210
--data surl=https://apiplayground-response.herokuapp.com/
--data furl=https://apiplayground-response.herokuapp.com/
--data hash=8e8de8a3cf2ba999e16c0ffdb63a645074af4ad1aa0a8d66d81555a119c004e1791173fe6199084f256623664b250d3aeb50fc2c4cfc155e729d8811a157c98b
Step 2: Check the response from PayU
On receiving valid request over PayU's payment interface (_payment), PayU returns:
Sample response
mihpayid=6MAESTROMAESTRO5&mode=UPI&status=success&key=travelibibo&txnid=8286f8e3954bf669c02e&amount=10000.00&addedon=2024-04-22 15:48:45&productinfo=Product Info&firstname=CARDHOLDERXXXXXXXXNAME-Admin&lastname=&address1=&address2=&city=&state=&country=&zipcode=&[email protected]&"phone":"##########"&udf1=&udf2=&udf3=&udf4=Created&udf5=&udf6=&udf7=&udf8=&udf9=&udf10=&card_token=&card_no=&field0=&field1=sur***@icici&field2=&field3=sur***icici&field4=ICICI Test Vpa&field5=3159219e58ed45eda39e8914b998401a@icici&field6=rambo|_mobilenum_&field7=00|APPROVED OR COMPLETED SUCCESSFULLY&field8=&field9=APPROVED OR COMPLETED SUCCESSFULLY|Completed Using Callback&payment_source=payuPureS2S&PG_TYPE=UPI-PG&error=E000&error_Message=No Error&net_amount_debit=10000&discount=0.00&unmappedstatus=auth&hash=3ca863c1c8148baa13891f6e8e124c07f909d9fa14d6757acc01b08b736c35bbdae9845fa445cdaf22fb190f717285d0d09c02508bbfe081b4833eaf5637ec03&bank_ref_no=410901015475&bank_ref_num=410901015475&bankcode=UPI&surl=http://local.admin.payu.in/test_response&curl=http://local.admin.payu.in/test_response&furl=http://local.admin.payu.in/test_response
The formatted response is similar to the file:
# PayU Hosted Checkout Response (v1)
mihpayid: 6MAESTROMAESTRO5
mode: UPI
status: success
key: travelibibo
txnid: 8286f8e3954bf669c02e
amount: 10000.00
addedon: 2024-04-22 15:48:45
productinfo: Product Info
firstname: CARDHOLDERXXXXXXXXNAME-Admin
lastname:
address1:
address2:
city:
state:
country:
zipcode:
email: [email protected]
phone: ##########
udf1:
udf2:
udf3:
udf4: Created
udf5:
udf6:
udf7:
udf8:
udf9:
udf10:
card_token:
card_no:
field0:
field1: sur***@icici
field2:
field3: sur***@icici
field4: ICICI Test Vpa
field5: 3159219e58ed45eda39e8914b998401a@icici
field6: rambo|_mobilenum_
field7: 00|APPROVED OR COMPLETED SUCCESSFULLY
field8:
field9: APPROVED OR COMPLETED SUCCESSFULLY|Completed Using Callback
payment_source: payuPureS2S
PG_TYPE: UPI-PG
error: E000
error_Message: No Error
net_amount_debit: 10000
discount: 0.00
unmappedstatus: auth
hash: 3ca863c1c8148baa13891f6e8e124c07f909d9fa14d6757acc01b08b736c35bbdae9845fa445cdaf22fb190f717285d0d09c02508bbfe081b4833eaf5637ec03
bank_ref_no: 410901015475
bank_ref_num: 410901015475
bankcode: UPI
surl: http://local.admin.payu.in/test_response
curl: http://local.admin.payu.in/test_response
furl: http://local.admin.payu.in/test_response
Step 3: Capture a pre-authorized payment
To capture a pre-authorized payment, use the following command. After the API command is successful, the transaction would be captured and settled to you.=
Request parameters
Parameter | Description | Example |
---|---|---|
key mandatory |
This parameter is the unique Merchant Key provided by PayU for your merchant account. The Merchant Key acts as the unique identifier (primary key) to identify a Merchant Account in our database. | YbfVda |
command mandatory |
For initiating a capture transaction, the value of the parameter will be passed as capture_transaction | capture_transaction |
hash mandatory |
This parameter must contain the hash value to be calculated at merchant end. Hash logic for this API is:sha512(key|command|var1|salt) |
5fcf2d7c2b... |
var1 mandatory |
This parameter must contain the payuId that was generated by PayU as part of pre-authorize operation. | 403993715523409521 |
var2 mandatory |
This parameter contains the token, that is, merchant unique reference number. | TXN123456789 |
var3 mandatory |
This parameter must contain the amount to be captured. | 100.00 |
Sample request
curl --location --request POST 'https://info.payu.in/merchant/postservice.php?form=2' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--form 'key="JF***g"' \
--form 'command="capture_transaction"' \
--form 'hash="67411736ab98c59522492a12751a6015c41b87764019f9dc14052690c2c7af9095d31002fc109dcf3596c2f38792d56db6f6207b1989010f2adf51c144fa3019"' \
--form 'var1="15246574846"' \
--form 'var2="authorizeTransaction123"' \
--form 'var3="1"'
Sample response
{
"msg": "Transaction Processed successfully",
"status": 1,
"result": {
"payuid": 613345678912399031,
"txnId": "upiAuthCapture_12",
"amount": 10000.00,
"merchantId": 3,
"authpayuid": "3975",
"status": "in progress",
"mode": "UPIOTM",
"bankRefNumber": "410700457030",
"payerVpa": "surya@icici",
"field5": "3159219e58ed45eda39e8914b998401a@icici",
"field9": "0|Transaction Successful"
}
}
Step 4: Check Transaction Status
Upon receiving the response, we recommend performing a reconciliation step to validate all transaction details.
You can verify your payments using either of the following methods:
Configure the webhooks to monitor the status of payments.
Webhooks enable a server to communicate with another server by sending an HTTP callback or message.
These callbacks are triggered by specific events or instances and operate at the server-to-server (S2S) level.
👉 For more details, refer to Webhooks for Payments.
Reference: For cancelling pre-auth payments, refer to Cancel a Pre-Authorized Transaction API.
Updated 5 days ago