This section describes how to use the _payment API with to cancel a recurring payment registration for AMEX and RuPay cards.

📘
Notes:

This API is mandatory for merchants to go live with all cards.

The 2FA is required for cancelling recurring payment with AMEX and RuPay cards.

Method: POST

Environment


Test Environment	https://test.payu.in/_payment
Production Environment	https://secure.payu.in/_payment

Request parameters

The following table describes the parameters for delete the recurring payment details for a card.

Parameter	Description
key `mandatory`	`varchar` This parameter is the unique Merchant Key provided by PayU for your merchant account.
txnid `mandatory`	`varchar` This parameter is known as Transaction ID (or Order ID). It is the order reference number generated at your (Merchant's) end. It is an identifier that you (merchant) would use to track a particular order. If a transaction using a particular transaction ID has already been successful at PayU, the usage of the same Transaction ID again would fail. Hence, you must post us a unique transaction ID for every new transaction. `Character limit`: 25 Note: Ensure that the transaction ID sent to us has not been successful earlier. In case of this duplication, the customer would get an error of 'duplicate Order ID.'
amount `mandatory`	`float` This parameter should contain the payment amount of the particular transaction. Note: Type-cast the amount to float type Depending upon the merchant use case, this value will vary. - It can be either 0 INR (for Net Banking) or min 1 INR (for Cards & UPI) in penny transaction use case. - In the case of first instalment use cases, this amount can be equal to initiate setup amount, but this use case will be supported only against selected Net Banking (ICICI and HDFC), all Credit / Debit Cards, and UPI
productinfo `mandatory`	`varchar` This parameter should contain a brief product description. It should be a string describing the product. `Character limit`: 100
firstname `mandatory`	`varchar` Must contain the first name of the customer. `Character limit`: 60
email `mandatory`	`varchar` Must contain the email of the customer. This information is helpful when it comes to issues related to fraud detection and chargebacks. Hence, it is a must to provide the correct information. Also, MIS reporting is shared with few issuing banks where email and mobile number is used to keep track of users using SI transactions. `Character limit`: 50
phone `mandatory`	`varchar` Must contain the phone number of the customer. This information is helpful when it comes to issues related to fraud detection and chargebacks. Hence, it is must to provide the correct information Also, MIS reporting is shared with few issuing banks where email and mobile number is used to keep track of users using SI transactions. `Character limit`: 50
api_version `mandatory`	This parameter must always needs to be passed as 7.
si `mandatory`	This parameter must be passed with the value as 3 to cancel an already existing subscription/consent.
pg `mandatory`	`String` Indicates the payment category that the merchant wants the customer to see by default on the PayU's payment page. Possible values: `DC`: For debit cards `CC`: For credit cards
bankcode `mandatory`	`string` A unique bank code of a payment option. Possible values: `AMEX`: For American Express credit and debit cards `RUPAYCC`: For RuPay credit cards `RUPAY`: For RuPay debit cards
ccnum `mandatory`	This parameter must contain the 13 to 19-digit card number for credit or debit cards in general.
ccname `mandatory`	This parameter must contain the name on card – as entered by the customer for the transaction.
ccvv `mandatory`	This parameter must contain the 3-digit CVV number for credit cards or debit cards. For AMEX cards, 4-digit security code (4DBC) number of the card must be posted. Also, known as CID (Card Identification) number.
ccexpmon `mandatory`	This parameter must contain the card's expiry month – as entered by the user for the transaction. It must always be in 2 digits or in MM format. For months 1-9, this parameter must be appended with 0 – like 01, 02…09. For months 10-12, this parameter must not be appended – It should be 10,11 and 12 respectively.
ccexpyr `mandatory`	This parameter must contain the card's expiry year – as entered by the customer for the transaction. It must be of four digits.
si_details `mandatory`	This parameter represents mandatory details which need to be passed to during registration transaction from merchant system to PayU. Note: It is mandatory as per the latest RBI guidelines to pass this information to the payment processor so that same can be forwarded to acquirers and issuers (for more details refer – RBI Notification). This is a JSON object and it includes a set of parameters are described in the si_details Parameter – JSON Details table.
Storecard_token `mandatory for SITokenRequestor 2 flow and tokenized flow`	`varchar` This parameter contains the network token value. For more information on SITokenRequestor 2 flow, refer to Cards Consent Transaction > Request Parameters
TokenFlowType `mandatory for SITokenRequestor 2 flow and tokenized flow`	`integer` This parameter must be set to 1. For more information on SITokenRequestor 2 flow, refer to Cards Consent Transaction > Request Parameters
Additional info for tokenized flow `mandatory for tokenized flow`	`json` Contains additional information needed for token processing. For more information on tokenized flow, refer to Cards Consent Transaction > Request Parameters
token_expiry `mandatory for SITokenRequestor 2 flow and tokenized flow`	`varchar` Contains the expiry date of the token. For more information on SITokenRequestor 2 flow, refer to Cards Consent Transaction > Request Parameters
hash `mandatory`	Hash is a crucial parameter used to ensure that any date is not tampered while redirecting customer from the merchant website to PayU's payment interface while registration transactions. It is SHA512 hash generated by encrypting values of merchant key, txnid, amount, productinfo, firstname, email, udf and si_details by merchant salt. In the case of registration transaction, the formula is used to calculate this hash is similar to the following: `SHA512(key

si_details JSON fields description

The description for the si_details parameter (JSON format):

📘
Note:
If the request was to modify a subscription, si_consent_action parameter needs to be validated in the response. The field must return values modify based on the action sent in billing details JSON. Also, the payment source returned in such cases will be payu.

JSON Field	Description	Example
authpayuid `mandatory`	This parameter is used to cancel an existing subscription/consent.
action `mandatory for cards`	This parameter is used to cancel an existing subscription. Pass the values as delete to cancel an existing subscription or consent.	delete

si_details Parameter Example Values

Token requestor 1 flow

{"action":"delete","authPayuId":83674692837}

Token requestor 2 flow

{"action":"delete","authPayuId":83674692837,"siTokenRequestor":2}

Sample request

curl --location 'https://secure.payu.in/_payment' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Cookie: PHPSESSID=jp38t4gvop7ami1ksncksj398v; USERTXNINFO=68ed4df291d9b7.27710642; PHPSESSID=68edd726c95b4' \
--data-urlencode 'key=BmTY3G' \
--data-urlencode 'txnid=my_order_96977' \
--data-urlencode 'amount=1' \
--data-urlencode 'firstname=Payu-Admin' \
--data-urlencode 'email=test@example.com' \
--data-urlencode 'phone=1234567890' \
--data-urlencode 'productinfo=my_order_96977' \
--data-urlencode 'api_version=1' \
--data-urlencode 'si=3' \
--data-urlencode 'pg=CC' \ -- CC/DC
--data-urlencode 'bankcode=CC' \ -- RUPAYCC/RUPAY
--data-urlencode 'surl=https://admin.payu.in/test_response' \
--data-urlencode 'furl=https://admin.payu.in/test_response' \
--data-urlencode 'ccnum=' \
--data-urlencode 'ccname=Test User' \
--data-urlencode 'ccexpmon=05' \
--data-urlencode 'ccexpyr=2025' \
--data-urlencode 'ccvv=123' \
--data-urlencode 'si_details={"action":"delete","authPayuId":25630224100}' \
--data-urlencode 'hash={{hash_value}}'

Response parameters

Parameter	Description
mihpayid	It is a unique reference number created for each transaction at PayU's end which is used to identify a transaction in case of a refund.
mode	This parameter describes the payment category by which the transaction was completed/attempted by the customer. Possible values: `DC`: For debit cards `CC`: For credit cards
bankcode	This parameter contains the code indicating the payment option used for the transaction. Possible values: `AMEX`: For American Express credit and debit cards `RUPAYCC`: For RuPay credit cards `RUPAY`: For RuPay debit cards
status	This parameter returns the status of the transaction and must be used to map the order status. Possible values are success, failure, or pending. The significance of the values for these values are: • Success: If the value of status parameter is 'success', the transaction is successful. • Failed: If the value of status parameter is 'failure' or 'pending', must only be treated as a failed transaction.
unmappedstatus	This parameter holds the status of a transaction in PayU's internal database, which can include intermediate states. Possible values include: dropped, bounced, captured, auth, failed, usercancelled, or pending. For information on status description, refer to Payment State Explanations.
key	This parameter contains the merchant key.
error	For the failed transactions, this parameter provides the reason for failure.
error_message	This parameter contains the error message. For the list of error message, refer to Error Codes.
bank_ref_num	For each successful transaction – this parameter contains the bank reference number generated by the bank.
txnid	This parameter contains the transaction ID value posted by the merchant during the transaction request.
amount	This parameter contains the original amount which was sent in the transaction request by the merchant.
cardCategory	This parameter contains the card category to indicate whether it is domestic or international.
discount	This parameter contains the discount amount by the merchant.
net_amount_debit	This parameter contains the net amount debited.
addedon	The transaction date and time of the transaction.
productinfo	This parameter contains the same value of product information which was sent in the transaction request from the merchant's end to PayU.
firstname	This parameter contains the same value of first name which was sent in the transaction request from the merchant's end to PayU.
lastname	This parameter contains the same value of last name which was sent in the transaction request from the merchant's end to PayU.
email	This parameter contains the same value of email which was sent in the transaction request from the merchant's end to PayU.
phone	This parameter contains the same value of phone which was sent in the transaction request from the merchant's end to PayU.
hash	This parameter is crucial and is similar to the hash parameter used in the transaction request. For more information, refer to Generate Hash.
PG_TYPE	This parameter gives information on the payment gateway used for the transaction.
udf1	This parameter contains the same value of udf1, udf2, udf3, udf4, or udf5, which was sent in the transaction request from the merchant's end to PayU.
udf2	This parameter contains the same value of udf1, udf2, udf3, udf4, or udf5, which was sent in the transaction request from the merchant's end to PayU.
udf3	This parameter contains the same value of udf1, udf2, udf3, udf4, or udf5 which was sent in the transaction request from the merchant's end to PayU.
udf4	This parameter contains the same value of udf1, udf2, udf3, udf4, or udf5, which was sent in the transaction request from the merchant's end to PayU.
udf5	This parameter contains the same value of udf1, udf2, udf3, udf4, or udf5, which was sent in the transaction request from the merchant's end to PayU.
udf6	This parameter contains the same value of udf1, udf2, udf3, udf4, or udf5, which was sent in the transaction request from the merchant's end to PayU.
udf7	This parameter contains the same value of udf1, udf2, udf3, udf4, or udf5, which was sent in the transaction request from the merchant's end to PayU.
udf8	This parameter contains the same value of udf1, udf2, udf3, udf4, or udf5, which was sent in the transaction request from the merchant's end to PayU.
udf9	This parameter contains the same value of udf1, udf2, udf3, udf4, or udf5, which was sent in the transaction request from the merchant's end to PayU.
success_at	This parameter contains the date and timestamp when the transaction was successful.
cardnum	The parameter contains the card number masked and only last 4 digits are returned.
issuing_bank	The parameters contains the card issuing bank.
si_consent_action	This parameter will be returned only if a modify subscription request has been received. In other cases, this field will not be returned. Values can be modify cancel If, in billing details, the action was to modify, then to validate whether the subscription was modified, this fields need to be validated in response. If this field is not sent in response of modify request, then even if transaction is success, then money would have got deducted but the subscription would not have been modified.

Sample response

Sample response for successful cancellation of a card mandate:

Array
(
    [mihpayid] => 28191285790
    [mode] => DC
    [status] => success
    [unmappedstatus] => cancelled
    [key] => BmTY3G
    [txnid] => bab0b573ae32cf4677ee
    [amount] => 1.00
    [cardCategory] => domestic
    [discount] => 0.00
    [net_amount_debit] => 1
    [addedon] => 2026-04-15 21:50:44
    [productinfo] => Product Info
    [firstname] => Payu-Admin
    [lastname] => 
    [address1] => 
    [address2] => 
    [city] => 
    [state] => 
    [country] => 
    [zipcode] => 
    [email] => test@example.com
    [phone] => 1234567890
    [udf1] => 
    [udf2] => 
    [udf3] => 
    [udf4] => 
    [udf5] => 
    [udf6] => 
    [udf7] => 
    [udf8] => 
    [udf9] => 
    [udf10] => 
    [hash] => {{hash_value}}
    [field1] => 
    [field2] => 
    [field3] => 
    [field4] => 
    [field5] => 
    [field6] => 05
    [field7] => AUTHPOSITIVE
    [field8] => SUCCESS
    [field9] => Transaction is Successful
    [payment_source] => payu
    [meCode] => {"MID":"hdfc_89052104","TKey":"u2+JwlMyPmC+VkPEeAqBmiinElUkgQw0TeOYOjujBQOG+uVlXBphmVAzXcUgejbxdCwUSNBv72SdwUUQDcQQ4k9XZShrpgOL29fqAyY5GyPQ/iLmyWd9Z6lJeU8fnl+9ZTuz3+cy/SLSTOpLACc/anStKOaMY9DjvwEdkAZACu2wgxvwvS8ORFvQhXuJI9CRmDxAQP/CYOj469P7PFVzN8MlUaBxTt1104zOEjE4M/2Tw7w+541attHFZQgSEhQLRVB7ANgwRmV3GZR4xlgYd0DtgJcNplJAO+AWUN0VkQku/2g2vd/XFCFJFj0NrzleIzI9FXe9r6I9N/p5nf+muw=="}
    [PG_TYPE] => DC-PG
    [bank_ref_num] => 7762700774896643105912
    [bankcode] => RUPAY
    [error] => E000
    [error_Message] => No Error
    [cardnum] => XXXXXXXXXXXX2656
    [cardhash] => This field is no longer supported in postback params.
)

EXAMPLE QUESTIONS