Set up WebHook to Receive Cancellation or Modification Update from the Issuer Bank

When an action is taken on the mandate for SI by the issuing bank for cards, such as canceling or Modifying the mandate, PayU sends an HTTP payload to the webhook URL ( shared by the merchant) which contains a payload of information that describes the action that was taken. For more information on what is webhooks and the IP address to be whitelisted for the PayU webhooks, refer to Webhooks.

API Request TypePOST
Content-Typeapplication/json
URLURL that you have shared with PayU

Mandate for Cards

Payload of Mandate

ParameterDescriptionExample
statusThe status of the SI. The status can be any of the following:
- active
- deleted
active
authpayuid
mandatory
The value of mihpayid returned in the response of mandate registration transaction once the transaction is successfully completed.6611192557
notificationTypeThe action that is taken on the mandate by the bank. The action can be either of the following:
MANDATE_MODIFICATION: Indicates that the mandate is modified .
MANDATE_CANCELLATION: Indicates that the mandate is cancelled.
MANDATE_CANCELLATION_TOKEN_DELETION: Indicates that the mandate token is deleted.
MANDATE_MODIFICATION
si_detailsContains the following fields about the SI in a JSON format:
billingAmount: Billing amount of the SI transaction.
paymentStartDate: Start date of SI
paymentEndDate: : End date of SI
 {
“billingAmount”:”10”,
“paymentStartDate”:”20-06-2022”,
“paymentEndDate”:”30-06-2023”
}
eventDateEvent date of the modification.30-11-2022
messageMessage for the webhookRequest Successful
hash mandatoryUnique hash string to validate the authenticity of the Webhook payload. The hash logic is as follows: status|action|authpayuid|dateTime|amount|endDate|salt

Verify the WebHook Payload

The ensure that you are receiving the payload from PayU, you must hash the parameters using the following algorithm and check whether the hash that is sent in the payload matches with it.

sha512(status|authpayuId|notificationType|billingAmount|paymentStartDate|paymentEndDate|message|eventDate|key|udf1|udf2|udf3|udf4|udf5|salt)

📘

Note:

PayU recommends you to generate the hash at your server for security purposes.

Sample Payloads

Modify SI Mandate

{
  "status": “active”,
  "authPayuId": "16538344237",
  "si_details": {
    "billingAmount": 101,
    "paymentStartDate": "2023-01-06",
    "paymentEndDate": "2030-01-03"
  },
  "message": "Mandate modified",
  "eventDate": "2023-01-24",
  "notificationType": "MANDATE_MODIFICATION",
  "key": "Merchant_KEY",
  "udf1": "",
  "udf2": "",
  "udf3": "",
  "udf4": "",
  "udf5": "",
  "hash": "3913bec8ea34394844ffeb94cf59938b659102223bc0f1eae5a1c954cXXXXXXXXXXXX278745aea4b44fcccd12af085f4a24cc7e493849b5b38190ff30f444b87db"
}

Delete SI Mandate

{
  "status": “deleted”,
  "authPayuId": "16538344237",
  "si_details": {
    "billingAmount": 101,
    "paymentStartDate": "2023-01-06",
    "paymentEndDate": "2030-01-03"
  },
  "message": "Mandate Deleted",
  "eventDate": "2023-01-24",
  "notificationType": "MANDATE_DELETION",
  "key": "Merchant_KEY",
  "udf1": "",
  "udf2": "",
  "udf3": "",
  "udf4": "",
  "udf5": "",
  "hash": "3913bec8ea34394844ffeb94cf59938b659102223bc0f1eae5a1c954cXXXXXXXXXXXX278745aea4b44fcccd12af085f4a24cc7e493849b5b38190ff30f444b87db"
}

Webhook for Token Deletion

{
  "status": “deleted”,
  "authPayuId": "16538344237",
  "si_details": {
    "billingAmount": 101,
    "paymentStartDate": "2023-01-06",
    "paymentEndDate": "2030-01-03"
  },
  "message": "Mandate Deleted",
  "eventDate": "2023-01-24",
  "notificationType": "MANDATE_CANCELLATION_TOKEN_DELETION",
  "key": "Merchant_Key",
  "udf1": "",
  "udf2": "",
  "udf3": "",
  "udf4": "",
  "udf5": "",
  "hash": "3913bec8ea34394844ffeb94cf59938b659102223bc0f1eae5a1c954cXXXXXXXXXXXX278745aea4b44fcccd12af085f4a24cc7e493849b5b38190ff30f444b87db"
}

Mandate for UPI

Merchant needs to expose a webhook and needs to request Integration team/PayU team. If this webhook is configured, merchant will receive the response object over HTTP form:

📘

Notes:

  • This webhook is crucial and it’s mandatory to implement the same to get the latest updates about the consumer actions.
  • The webhook does not support a retry mechanism

Status defines acknowledgement from PayU. Possible values are:

ParameterDescriptionExample
statusReturns the status of the transactions and can be any of the following:
- active –Mandate is in active state
- revoked – Mandate is cancelled
- pause – Mandate is paused
- unpause –Mandate is un-paused
paused
authpayuidThis parameter returns the consent transaction Id700010006213657
actionThis parameter returns the action of the mandate and can be any of the following:
- MANDATE_UPDATE: Indicates that the mandate is modified .
- MANDATE_PRE_DEBIT: Indicates that the mandate pre-debit notification is modified.
- MANDATE_REVOKE: Indicates that the mandate is cancelled.
- MANDATE_STATUS: Indicates the current mandate status.
 
dateTimeThis parameter returns the start date of the mandate"2020-09-16 18:18:21"
amountThis parameter returns the amount of the mandate created159.00
endDateThis parameter returns the last date of the mandate"2021-09-16 18:18:21"
mandateNumberThis parameter returns the unique mandate number (UMN)700010006213657@mybank
hash Unique hash string to validate the authenticity of the Webhook payload. The hash logic is as follows: status|action|authpayuid|dateTime|amount|endDate|salt 

Sample Payload

{
  "status": "pause",
  "authpayuid": "700010006213657",
  "action": "MANDATE_PAUSE",
  "key": "485nghu",
  "udf1": "",
  "udf2": "",
  "udf3": "",
  "udf5": "",
  "udf6": "",
  "dateTime": "2020-09-1618: 18: 21",
  "amount": "159.00",
  "endDate": "2022-10-0600: 00: 00",
  "mandateNumber": "700010006213657@mybank",
  "hash": "f94e3af697dc09879997ae0040d03b612abe739f701b5e1a3c4d7b5cecaddc7c446e7bb9fc44a854727e39e63c2059d1ba5d31defaff305a7627c7c4b1907044"
}