UPI Integration

Prerequisites

Merchant Hosted or S2S (Seamless) integration has to be done as per the standard kit. For more information, refer to UPI Integration.

Step 1: Validate VPA

When your customer makes payment through UPI, you can validate the customer’s Virtual Payment Address (VPA) and then initiate payment. The validateVpa API is used to validate the UPI handle. Validate the VPA (UPI handle) using the validateVpa API. For more information, refer to Validate VPA Handle API.

Step 2: Post the payment request with PayU

Environment


Test Environment	https://apitest.payu.in/v2/payments
Production Environment	https://api.payu.in/v2/payments>

Request header

Request headers

Parameter	Description
date	The current date and time. For example, format of the date is Wed, 28 Jun 2023 11:25:19 GMT.
authorization	The actual HMAC signature generated using the specified algorithm (sha512) and includes the hashed data. For more information, refer to authorization fields description.

authorization fields description

Field	Description
username	Represents the username or identifier for the client or merchant, for example smsplus.
algorithm	Use SHA512 algorithm for hashing and send this as header value.
headers	Specifies which headers have been used in generating the hash, for example date.
signature	The HMAC signature generated using the specified algorithm. For more information, refer to hashing algorithm.

hashing algorithm

You must hash the request parameters using the following hash logic:

Hash logic: sha512(<Body data> + '|' + date + '|' + merchant_secret)

Where <Body data> contains the request body posted with the request.

Sample header code

var merchant_key = 'smsplus';
var merchant_secret = 'izF09TlpX4ZOwmf9MvXijwYsBPUmxYHD';
// date
var date = new Date();
date = date.toUTCString();

// authorization
var authorization = getAuthHeader(date);

function getAuthHeader(date) {
    var AUTH_TYPE = 'sha512';
    var data = isEmpty(request['data']) ? "" : request['data'];
    var hash_string = data + '|' + date + '|' + merchant_secret;
    var hash = CryptoJS.SHA512(hash_string).toString(CryptoJS.enc.Hex);
    return `hmac username="${merchant_key}", algorithm="${AUTH_TYPE}", headers="date", signature="${hash}"`;
}

Request parameters

Parameter	Description	Example
accountId `mandatory`	`String` Merchant key provided by PayU. Character limit: 50	`"smsplus"`
txnId `mandatory`	`String` Unique transaction ID for the transaction. Character limit: 50	`"REF_123456789"`
order `paymentMethod`	`Object` JSON object contains payment method details. Refer to paymentMethod object	`{"name": "UPI", "bankCode": "UPI"}`
order `mandatory`	`Object` Order details containing product information and pricing. See order object	`{"productInfo": "Product Name", "paymentChargeSpecification": {"price": 1000.00}}`
billingDetails `mandatory`	`Object` Customer billing information. See billingDetails object	`{"firstName": "John", "email": "[email protected]", "phone": "9876543210"}`
callBackActions `mandatory`	`Object` Callback URLs for different payment outcomes. See callBackActions object	`{"successAction": "https://merchant.com/success", "failureAction": "https://merchant.com/failure"}`
additionalInfo `mandatory`	`Object` Additional transaction parameters including flow type. For more information, refer to additionalInfo object	`{"txnS2sFlow": "seamless", "vpa": "test@payu", "enforcePaymethod": "UPI"}`

paymentMethod Object

Parameter	Description
name `mandatory`	`String` Payment method type. Must be set to `"UPI"`. Character limit: 10
bankCode `mandatory`	`String` Specify "UPI" for UPI. Character limit: 10.

#####order object

order Object

Parameter	Description	Example
productInfo `mandatory`	Product details.	Product details
orderedItem `optional`	Details about the items ordered.	Array of Objects
userDefinedFields `optional`	Custom fields for additional information. Fields: udf1, udf2, udf3, udf4, udf5, udf6, udf7, udf8, udf9, udf10. For more information, refer to	Object
paymentChargeSpecification `mandatory`	Includes amount and charges. For more information, refer to paymentChargeSpecification object fields description	Object

paymentChargeSpecification object fields description

Parameter	Description	Example
price `mandatory`	The transaction amount.	1000
netAmountDebit `optional`	Net amount to be debited.	1000
taxSpecification `optional`	Tax details of the product/order.	Object
convenienceFee `optional`	Fees format (e.g., CC:12).	CC:12
offers `optional`	Offers applied or available for the payment.	Object

userDefinedFields object fields description

Field	Description
udf1	User defined field.
udf2	User defined field.
udf3	User defined field.
udf4	User defined field.
udf5	User defined field.
udf6	User defined field.
udf7	User defined field.
udf8	User defined field.
udf9	User defined field.
udf10	User defined field.

billingDetails object object

billingDetails Object

Parameter	Description	Example
firstName `mandatory`	First name of the billing contact.	Ashish
lastName `optional`	Last name of the billing contact.	Kumar
address1 `mandatory`	Primary billing address.	123 Main Street
address2 `optional`	Secondary billing address.	Apt 4B
phone `optional`	Phone number of the billing contact.	9123456789
email `mandatory`	Email address of the billing contact.	[email protected]
city `optional`	City of the billing address.	Bharatpur
state `optional`	State of the billing address.	Rajasthan
country `optional`	Country of the billing address.	India
zipCode `optional`	Postal/Zip code of the billing address.	321028

callBackActions object

callBackActions Object

Parameter	Description	Example
successAction `mandatory`	URL to be called on payment success.	https://example.com/success
failureAction `mandatory`	URL to be called on payment failure.	https://example.com/failure
cancelAction `mandatory`	URL to be called if user cancels the payment.	https://example.com/cancel
codAction `optional`	URL for Cash on Delivery (COD) action.	https://example.com/cod

additionalInfo object

additionalInfo Object

Parameter	Description	Example
enforcePaymethod `optional`	Force a transaction with a specified method..	UPI
createOrder `optional`	A flag to store the order details (true/false).	true
txnFlow `optional`	For defining seamless/non-seamless flows in handling payments.	seamless
vpa `optional`	The UPI handle of the customer	test@payu

Sample request

curl -X POST \
  https://apitest.payu.in/v2/payments \
  -H 'date: Mon, 05 Oct 2024 11:00:00 GMT' \
  -H 'authorization: HMAC smsplus:4d1ea4e74243ea5b2b5b8b1d8a7b1a2e3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9' \
  -H 'content-type: application/json' \
  -d '{
  "accountId": "smsplus",
  "referenceId": "REF_" + Math.random().toString(36).substring(7),
  "paymentMethod": {
    "name": "UPI",
    "bankCode": "UPI"
  },
  "order": {
    "productInfo": "UPI Payment",
    "paymentChargeSpecification": {
      "price": 10000.00,
      "convenienceFee": "NB:15"
    },
    "userDefinedFields": {
      "udf1": "NEFT/RTGS Transaction",
      "udf2": "Seamless Payment"
    }
  },
  "billingDetails": {
    "firstName": "John",
    "lastName": "Doe",
    "email": "[email protected]",
    "phone": "9876543210",
    "address": "123 Main Street",
    "city": "New Delhi",
    "state": "Delhi",
    "country": "India",
    "zipCode": "110001"
  },
  "callBackActions": {
    "successAction": "https://merchant.com/success",
    "failureAction": "https://merchant.com/failure",
    "cancelAction": "https://merchant.com/cancel"
  },
  "additionalInfo": {
    "txnFlow": "seamless",
    "enforcePaymethod": "UPI",
    "vpa": "test@payu",
    "txnS2sFlow": "2"
  }

Step 3: Check the response from PayU

Response parameters

Parameter	Description
txnId	This parameter contains the transaction ID of the transaction.
paymentId	This parameter contains the payment ID of the transaction.
message	This parameter contains the status message of the transaction.

Sample response

Array
(
    [txnId] => b5f2d8785768087678fm9
    [paymentId] => 1999110000001769
    [message] => Please call verify api to get the transaction status
)

Verify Payment

⚠️
Important
After creating a payment, you must call the Verify Payment API to get the final transaction status. Net Banking transactions may require additional verification steps.