API Reference

Collect Payment API - BNPL Link & Pay

You can collection payments with BNPL using Link and Pay. This section provides the request and response parameter with sample request and response..For more information on integration, refer to Collect Payments with BNPL using Link and Pay.

Environment

Test Environmenthttps://test.payu.in/_payment
Production Environmenthttps://secure.payu.in/_payment

Request parameters

πŸ“˜

Reference

For the character limit of each parameter and detailed description, refer to Additional Info for Payment APIs.

ParameterDescriptionExample
key
mandatory		String This parameter is the unique merchant key provided by PayU for your merchant account. For more information, refer to Generate Merchant Key and Salt.8488225
txnid
mandatory		varchar This parameter is known as Transaction ID (or OrderID). It is the order reference number generated at your (Merchant’s) end. It is an identifier which you(merchant) would use to track a particular order. If a transaction using a particular transaction ID has already been successful at PayU, the usage of same Transaction ID again would fail. Hence, it is essential that you post us a unique transaction ID for every new transaction (Please make sure that the transaction ID being sent to us hasn’t been successful earlier. In case of this duplication, the customer would get an error of β€˜duplicate Order ID’).fd3e847h2
amount
mandatory		float This parameter should contain the payment amount of the particular transaction. Note: Type-cast the amount to float type10
productinfo
mandatory		varchar This parameter should contain a brief product description. It should be a string describing the product (The description type is entirely your choice). T-shirt
firstname
mandatory		varchar This parameter must contain the first name of the customer.Ankit
email
mandatory		varchar This parameter must contain the email of the customer)[email protected]
phone
mandatory		integer Merchant needs to take the customer’s GPay registered phone number and pass in this field. This field will be used for further mapping the customer VPA and initiate a collect request.
pg
mandatory		string The payment gateway is specified in this parameter. For BNPL, specifiy BNPL.QR
bankcode
mandatory		string Each payment option is identified with a unique bank code at PayU. You must use any of the following bank code for BNPL:

- LAZYPAY for accepting payments with LAZYPAY card.
- SIMPL for accepting payments with Simpl		UPIQR
surl
mandatory		string The "surl" field is the success URL, which is the page PayU will redirect to if the transaction is successful. The merchant can handle the response at this URL after the customer is redirected there.https://apiplayground-response.herokuapp.com/
furl
mandatory		stringThe "furl" field is the Failure URL, which is the page PayU will redirect to if the transaction is failed. The merchant can handle the response at this URL after the customer is redirected there.https://apiplayground-response.herokuapp.com/
storecard_token_type
mandatory for Saved cards		stringThis parameter is used to specify the store card token type. For this scenario, you must include 0.
store_card_token
mandatory for Saved cards		string This must include the token generated by PayU for the payment instrument.
Note: Either pass PayU token or user credentials with mobile number for customer identification
txn_s2s_flow
mandatory		stringThis parameter must contain the value as 4 for Link & Pay
LinkAndPayFlowType
mandatory		stringThis parameter must contain any of the following:

- 1: auto-debit will be preferred if customer is found already linked for the payment instrument basis result of the API and final captured / failure response will be returned
- 0: the request will be considered as a standard native OTP request and transaction in progress response will be returned with OTP sent to the customer by the issuer
LinkAndPayFlowDetails
mandatory		This field is to include additional details are required from merchant for any payment instrument.
user_credentials
mandatory		stringThis parameter must contain an unique user credential mapped against each user, to be passed by the merchant.
hash
mandatory		string The hash calculated by the merchant using the key and salt provided by PayU. The format for calculating the hash: sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||SALT) For more information, refer to Generate Hash.
lastname
optional		stringThe last name of the customer.
address1
optional		stringThe first line of the billing address.
address2
optional		stringThe second line of the billing address.
city
optional		stringThe city where your customer resides as part of the billing address.
state
optional		stringThe state where your customer resides as part of the billing address,
country
optional		stringThe country where your customer resides.
zipcode
optional		stringBilling address zip code is mandatory for the cardless EMI option.
udf1stringThis parameter has been made for you to keep any information corresponding to the transaction.
udf2
optional		string This parameter has been made for you to keep any information corresponding to the transaction.
udf3
optional		string This parameter has been made for you to keep any information corresponding to the transaction.
udf4
optional		string This parameter has been made for you to keep any information corresponding to the transaction.
udf5
optional		string This parameter has been made for you to keep any information corresponding to the transaction.

πŸ“˜

Note:

Collecting the information for the following parameters from customers is helpful when it comes to issues related to fraud detection and chargebacks. Hence, it is must to provide the correct information:

  • email
  • phone
  • address1
  • s2s_client_ip
  • s2s_device_info

Sample request

curl --request POST \
     --url https://test.payu.in/_payment \
     --header 'accept: application/json' \
     --header 'content-type: application/x-www-form-urlencoded' \
     --data key=JPM7Fg \
     --data pg=BNPL \
     --data txn_s2s_flow=4 \
     --data LinkAndPayFlowType=1 \
     --data LinkAndPayFlowDetails=1 \
     --data txnid=951bccfde0ac54f75612 \
     --data amount=100 \
     --data productinfo=Product Info \
     --data firstname=Ashish \
     --data '[email protected],' \
     --data phone=9123412345 \
     --data surl=https://apiplayground-response.herokuapp.com/ \
     --data furl=https://apiplayground-response.herokuapp.com/ \
     --data hash=02647d079d45737aede205a5bf0060ffcf32b5104facebaf901b479b958d80a0e0e88c9edd4f5c9a0576c7bc1688cce15957759029a0e58f5699b8a696c98d10 \
     --data user_credentials=abc:xyz

Response parameters

First Time User Flow

This is the case where customer has not linked his payment instrument to your user account and will need to authenticate to complete the linking:

{ "metaData": { "message": null, "referenceId": "748e033af87f1bb7b6aefd405bec9473", "statusCode": null, "txnId": "951bccfde0ac54f75612", "txnStatus": "pending", "unmappedStatus": "pending" }, "result": { "acsTemplate": "PGh0bWw+PGJvZHk+PGZvcm0gbmFtZT0icGF5bWVudF9wb3N0IiBpZD0icGF5bWVudF9wb3N0IiBhY3Rpb249Imh0dHBzOi8vc2VjdXJlLnBheXUuaW4vX3BheW1lbnRfb3B0aW9ucz9taWhwYXlpZD03NDhlMDMzYWY4N2YxYmI3YjZhZWZkNDA1YmVjOTQ3MyZyZXNlbmRFbGlnaWJpbGl0eVJlcz0zNTk0YzczYjE4ZjdjYTllODE0NmYwYmIzZDBiZDg0MjllNWEyMGMyZjYxZDc3OGJmZDBmYjRiMGQ0MzBlYmQyMWE4ZDhmZjIwZTc3NzU4YzkwM2E3MWZlMjJkMzlkMTQ5NDEyNzAzNGVkN2Q1MDUyMzdjYjZmN2JmODBjYzMxMDdhMDJjYmQyMjIxN2MxOWY2NjYyZWZhYzhlOGY4M2RjYTkwMjQ3MGE5ODFiZGQwYTBjMDM4NDdkNTQ2ZjQxYWQ4ZjMwNjZiMmNjYzhhMzU5ZTAzMDMyOTUzZjM2MTEyZDBlNTUxZWMxOWJhNzE5NTRkZmU3ODhkMThhMjhhYzc2MDliYTUzYmQ3NzU0OGNmZmI4MTg4MjM0N2ZjOGI5NzMxNTUwOWFmZGY4YTA4OTQ0NDNjZjkxZTBiMWZkZTg0NTk0YmVlNmZjOWQzOWRhODg0ZjMwMjFlYjIyMjQ2MThlMmM3ZjExNWEwMjA1NzA1MTk4NzIyMGVjNzg2NGVjYzQ0YTAxMjQxN2U0ODgwYjE4N2VlMWYxMjM2M2EyNWE0YmEzNmQ3YjI5MjcxNmUyYjNiNDkzZDhlNzAxNGNiOTIyM2Q1YmUzNjg4N2YyYzViNTNkNTI1MjM1NWU4MjA5NTBiMzllZDk3OWNiMzY3ZTVlNDc0YzBiMTVjOTJjNzJiOWE2Y2E3MTk0OWQ2YTYyYTNjYTlmNDMyY2VjMDY0MWY5ODIyYmM4OGI2NTUwODcwZGU5ZTE4MzQxMGY3YzI0YmVlYjk1ZjNjMTkzN2ZjN2U4N2YzZDRjYmVjNWEyYTFmNiIgbWV0aG9kPSJwb3N0Ij48L2Zvcm0+PHNjcmlwdCB0eXBlPSd0ZXh0L2phdmFzY3JpcHQnPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgd2luZG93Lm9ubG9hZD1mdW5jdGlvbigpewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRvY3VtZW50LmZvcm1zWydwYXltZW50X3Bvc3QnXS5zdWJtaXQoKTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgPC9zY3JpcHQ+PC9ib2R5PjwvaHRtbD4=", "otpPostUrl": "https:\\/\\/secure.payu.in\\/ResponseHandler.php" } }

Handling Payment Response

This sub-section describes the components of the payment response received with Native OTP or Zero Redirection flow. It contains the metaData and result JSON as described in this subsection:

metaData JSON Fields Description

FieldDescription
messageThis field contains any additional message about the transaction.
referenceIdThis field contains the reference ID of the transaction.
statusCodeThis field contains the status code for the transaction.
txnIdThis field contains the transaction ID of the transaction that was posted in the request.
unmappedStatusThis field contains the unmapped status of the transaction. For more information, refer to Status Explanations.

Decrypted ACS template

The result JSON contains the acsTemplate with base64 encoding.

FieldDescription
mihpayidIt is a unique reference number created for each transaction at PayU’s end. You must note this transaction ID as this will be used as a reference for all the future actions on this transaction like Inquiry or Refund.
modeThis parameter describes the payment category by which the transaction was completed or attempted by the customer. For the payment categories, refer to Payment Mode Codes.
statusThis parameter gives the status of the transaction as either success, failed or pending.
Possible values: success, failure, pending
If the value of the β€˜status’ parameter is ’success’, the transaction is successful.
If the value of β€˜status’ is β€˜failure’ or β€˜pending’, must be treated as a failed transaction only.
keyThis parameter contains the merchant key for the merchant’s account at PayU. It would be the same as the key used while the transaction request is being posted from the merchant’s end to PayU.
txnidThis parameter would contain the transaction ID value posted by the merchant during the transaction request.
amountThis parameter would contain the original amount which was sent in the transaction request by the merchant.
productinfoThis parameter would contain the same value of product information which was sent in the transaction request from the merchant’s end to PayU.
firstnameThis parameter would contain the same value of first name which was sent in the transaction request from the merchant’s end to PayU.
lastnameThis parameter would contain the same value of last name which was sent in the transaction request from the merchant’s end to PayU.
emailThis parameter would contain the same value of email which was sent.
phoneThis parameter would contain the same value of phone which was sent in the transaction request from the merchant’s end to PayU.
udfThis parameter would contain the same value of udf values that were sent in the transaction request from the merchant’s end to PayU. It ranges from udf1 to udf5.
hashPayU calculates the hash using a string of other parameters and returns it to the merchant. The merchant must verify the hash, and only then mark a transaction as success/failure. This is to make sure that the transaction hasn’t been tampered with.
The calculation is as follows:
sha512(SALT|status|udf5|udf4|udf3|udf2|udf1|email|firstname|productinfo|amount|txnid|key)
 
Note: The handling of udf1 – udf5 parameters remains similar to the hash calculation when the merchant sends it in the transaction request to PayU. If any of the udf (udf1-udf5) was posted in the transaction request, it must be taken in hash calculation also.
If none of the udf parameters were posted in the transaction request, they should be left empty in the hash calculation too.
errorFor the failed transactions, this parameter provides the reason for 
failure.
 
Note: The reason for failure depends upon the error codes provided by different banks and hence the detailing of error reasons may differ from one transaction to another. The merchant can use this parameter to retrieve the reason for failure for a particular transaction.
bankcodeThis parameter contains the code indicating the payment option used for the transaction. For example, in the Debit Card mode, there are different options like Visa Debit Card, Mastercard, Maestro etc. For each option, a unique bank code exists. It would be returned in this bank code parameter. For example, Visa Debit Card – VISA, Master Debit Card – MAST.
PG_TYPEThis parameter gives information on the payment gateway used for the transaction. For example, if CC PG was used, it would contain the value CC-PG. Similarly, it would have a unique value for all different types of payment gateways.
bank_ref_numFor each successful transaction – this parameter would contain the bank reference number generated by the bank.
unmappedstatusThis parameter contains the status of a transaction as per the internal database of PayU. PayU’s system has several intermediate status which are used for tracking various activities internal to the system. For more information, refer to Status Explanations.
customerLinkedThis parameter contains the status of the customer linking on the merchant. The values can be:Β 

True: If customer is linkedΒ Β 

False: If customer is not linked
payuTokenThis is the value of the payu token which is mapped against a payment instrument

πŸ“˜

Requesting OTP:

To request OTP on a page, you can utilize the URLs in the response itself. There are two URLs to use:

  • otpPostUrl (Merchant Hosted OTP page)
  • acsTemplate (PayU Hosted OTP page) which acts as a fallback

If you are getting a URL in otpPostUrl, use otpPostUrl, otherwise, you can use acsTemplate, which acts as a fallback. In this scenario, use PayU (or WebView or Checkout) OTP page as this is a fallback case.

Hence, for cases where the above response is not successful, it could either be Failed or Pending. In the Pending state, you can send a fallback URL (as above) which can be shown to the customer.

Sample response

Success scenario

🚧

Error Handling:

A list of error_message with corresponding error code and reason for the error is listed in . PayU recommends you to handle these errors when you process the transactions. For more information, refer to Error Codes for - S2S Link and Pay.

  • Repeat User Flow: Auto-debit Successful

This is the case where Customer’s account is liked & Auto debit is also successful

{
  "metaData": {
    "message": "No Error",
    "referenceId": "748e033af87f1bb7b6aefd405bec9473",
    "statusCode": "E000",
    "txnId": "951bccfde0ac54f75612",
    "unmappedStatus": "success",
    "submitOtp": {
      "status": "success"
    }
  },
  "result": {
    "link_and_pay": {
      "customerLinked": "true",
      "payuToken": "token12345"
    },
    "mihpayid": "18828133385",
    "mode": "BNPL",
    "status": "success",
    "key": "smsplus",
    "txnid": "951bccfde0ac54f75612",
    "amount": "2.00",
    "addedon": "2023-12-27 18:13:41",
    "productinfo": "Product Info",
    "firstname": "Ashish",
    "lastname": "",
    "address1": "",
    "address2": "",
    "city": "",
    "state": "",
    "country": "",
    "zipcode": "",
    "email": "[email protected]",
    "phone": "9123412345",
    "udf1": "",
    "udf2": "",
    "udf3": "",
    "udf4": "",
    "udf5": "",
    "udf6": "",
    "udf7": "",
    "udf8": "",
    "udf9": "",
    "udf10": "",
    "card_token": "",
    "card_no": "",
    "field0": "",
    "field1": "9582567614",
    "field2": "EMI1014338639070843702",
    "field3": "Transaction is successful",
    "field4": "bnpl",
    "field5": "VFhOMzk2MjA3ODY2",
    "field6": "TXN396207866",
    "field7": "PAYMENT_SUCCESSFUL",
    "field8": "SUCCESS",
    "field9": "Transaction is successful",
    "payment_source": "payuPureS2S",
    "PG_TYPE": "BNPL-PG",
    "error": "E000",
    "error_Message": "No Error",
    "net_amount_debit": "2.07",
    "discount": "0.00",
    "offer_key": "",
    "offer_availed": "",
    "additionalCharges": "0.07",
    "unmappedstatus": "captured",
    "hash": "3a7742e5d9284e4f43d349bf1a5ff04353a099920ced98330fab15728841b6c772f00f83163c491d8954ead0c9a1dee7af94d67ddc539ff6cb2d0246baed8148",
    "bank_ref_no": "TXN396207866",
    "bank_ref_num": "TXN396207866",
    "bankcode": "LAZYPAY",
    "surl": "https://admin.payu.in/test_response",
    "curl": "https://admin.payu.in/test_response",
    "furl": "https://admin.payu.in/test_response"
  }
}

Failure scenario

  • Repeat User Flow: Auto-debit Failed
{
  "metaData": {
    "message": "The customer is not eligible for this transaction",
    "referenceId": "423fe9bfebdb2f92b8ae95a125aff397",
    "statusCode": "E2401",
    "txnId": "4223974b64f88ab4e3a1",
    "txnStatus": "failed",
    "unmappedStatus": "failure"
  },
  "result": {
    "link_and_pay": {
      "customerLinked": "true",
      "payuToken": "token12345"
    }
  }
}
  • Failed at Payment option’s end
{
  "metaData": {
    "message": "Transaction Failed at bank end.",
    "referenceId": "ea68a970115a9d87c6ece8d0218e6c2a",
    "statusCode": "E308",
    "txnId": "54d2d883f8e4a3fff6ba",
    "txnStatus": "failed",
    "unmappedStatus": "failure"
  },
  "result": {
    "link_and_pay": {
      "customerLinked": "true",
      "payuToken": "token12345" // can be null or "" <empty string>
    }
  }
}