The PayU India API requires authentication using a merchant key and a salt. When you post requests using any of the PayU APIs, you will be posting the merchant key as the first parameter, so separate authentication is not required because these are REST APIs All requests are accompanied by a hash that is appended at the end of the request. While posting parameters for an API, the hash parameter in each API must contain the hash value to be calculated at your end. The following hash logic used in PayU India APIs:
- Payment APIs or _payment API: The string used for calculating the hash:
sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||SALT)
- General APIs (listed under General): The string used for calculating the hash:
sha512(key|command|var1|salt)
- TPV Integration: The string used calculating the hash:
sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||beneficiarydetail|SALT)
- Split Settlements Integration: The string used calculating the hash:
sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||SALT|splitRequest)
Here, sha512 is the encryption method used. For more information on SHA, refer to Wikipedia 1.
Hash logic for _payment API version 19:
The following hash logic must be used for _payment API with api_version=19:
key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5|udf6|udf7|udf8|udf9|udf10|user_token|offer_key|offer_auto_apply|cart_details|extra_charges|phone
Reverse Hashing
To perform reverse hashing, you can use the Hash API of the PayU node SDK on Github. Refer to the PayU node SDK Readme, download and install the PayU node SDK from the PayU node SDK Github location 1.
Reference
For hashing or reverse hashing, refer to Generate Hash