BNPL Integration
Buy Now Pay Later (<<glossary:BNPL>>) allows your customers to spread their payments over a relatively short period instead of paying upfront. You can collect payments from customers with BNPL using the Merchant Hosted Checkout integration.
You need to ensure that BNPL for the paymentMethod.name parameter and BNPL code based on the provider and tenure for the paymentMethod.bankcode parameter is posted.
Before you begin:PayU recommends you to integrate with Test environment initially. For more information, contact you PayU Key Account Manager (KAM) or PayU Support.
Environment
Test Environment | https://apitest.payu.in/v2/payments |
Production Environment | https://api.payu.in/v2/payments> |
Request header
Parameter | Description |
---|---|
date | The current date and time. For example, format of the date is Wed, 28 Jun 2023 11:25:19 GMT. |
authorization | The actual HMAC signature generated using the specified algorithm (sha512) and includes the hashed data. For more information, refer to authorization fields description. |
authorization fields description
Field | Description |
---|---|
username | Represents the username or identifier for the client or merchant, for example smsplus. |
algorithm | Use SHA512 algorithm for hashing and send this as header value. |
headers | Specifies which headers have been used in generating the hash, for example date. |
signature | The HMAC signature generated using the specified algorithm. For more information, refer to hashing algorithm. |
hashing algorithm
You must hash the request parameters using the following hash logic:
Hash logic: sha512(<Body data>
+ '|' + date + '|' + merchant_secret)
Where <Body data>
contains the request body posted with the request.
Sample header code
var merchant_key = 'smsplus';
var merchant_secret = 'izF09TlpX4ZOwmf9MvXijwYsBPUmxYHD';
// date
var date = new Date();
date = date.toUTCString();
// authorization
var authorization = getAuthHeader(date);
function getAuthHeader(date) {
var AUTH_TYPE = 'sha512';
var data = isEmpty(request['data']) ? "" : request['data'];
var hash_string = data + '|' + date + '|' + merchant_secret;
var hash = CryptoJS.SHA512(hash_string).toString(CryptoJS.enc.Hex);
return `hmac username="${merchant_key}", algorithm="${AUTH_TYPE}", headers="date", signature="${hash}"`;
}
Request body
Parameter | Description | Example |
---|---|---|
accountId |
|
MERCHANT123 |
txnId |
|
REF123456 |
paymentMethod |
|
{ |
order |
|
|
additionalInfo |
|
|
callBackActions |
|
|
billingDetails |
|
paymentMethod object fields description
paymentMethod object
Field | Description |
---|---|
name |
|
bankCode |
|
order object
order object
Parameter | Description | Example |
---|---|---|
productInfomandatory |
Product details. | Product details |
orderedItemoptional |
Details about the items ordered. | Array of Objects |
userDefinedFieldsoptional |
Custom fields for additional information. Fields: udf1, udf2, udf3, udf4, udf5, udf6, udf7, udf8, udf9, udf10. For more information, refer to | Object |
paymentChargeSpecificationmandatory |
Includes amount and charges. For more information, refer to paymentChargeSpecification object fields description | Object |
paymentChargeSpecification object fields description
Parameter | Description | Example |
---|---|---|
pricemandatory |
The transaction amount. | 1000 |
netAmountDebitoptional |
Net amount to be debited. | 1000 |
taxSpecificationoptional |
Tax details of the product/order. | Object |
convenienceFeeoptional |
Fees format (e.g., CC:12). | CC:12 |
offersoptional |
Offers applied or available for the payment. | Object |
userDefinedFields object fields description
Field | Description |
---|---|
udf1 | User defined field. |
udf2 | User defined field. |
udf3 | User defined field. |
udf4 | User defined field. |
udf5 | User defined field. |
udf6 | User defined field. |
udf7 | User defined field. |
udf8 | User defined field. |
udf9 | User defined field. |
udf10 | User defined field. |
callBackActions object
callBackActions object
Parameter | Description | Example |
---|---|---|
successActionmandatory |
URL to be called on payment success. | https://example.com/success |
failureActionmandatory |
URL to be called on payment failure. | https://example.com/failure |
cancelActionmandatory |
URL to be called if user cancels the payment. | https://example.com/cancel |
codActionoptional |
URL for Cash on Delivery (COD) action. | https://example.com/cod |
billingDetails object
billingDetails object
Parameter | Description | Example |
---|---|---|
firstNamemandatory |
First name of the billing contact. | Ashish |
lastNameoptional |
Last name of the billing contact. | Kumar |
address1mandatory |
Primary billing address. | 123 Main Street |
address2optional |
Secondary billing address. | Apt 4B |
phoneoptional |
Phone number of the billing contact. | 9123456789 |
emailmandatory |
Email address of the billing contact. | [email protected] |
cityoptional |
City of the billing address. | Bharatpur |
stateoptional |
State of the billing address. | Rajasthan |
countryoptional |
Country of the billing address. | India |
zipCodeoptional |
Postal/Zip code of the billing address. | 321028 |
additionalInfo object
Additional Info Object
Parameter | Description | Example |
---|---|---|
partnerHoldTimeoptional |
Time held by the partner for the transaction. | 60 |
createOrderoptional |
A flag to store the order details (true/false). | true |
txnFlowoptional |
For defining seamless/non-seamless flows in handling payments. | seamless |
Sample request
curl --location 'https://apitest.payu.in/v2/payments' \
--header 'date: Thu, 27 Mar 2025 10:12:27 GMT' \
--header 'authorization: hmac username="smsplus", algorithm="sha512", headers="date", signature="ec84843a663143bb89391f6fa2d4b9404bab1543a3eee81263b4a507ebf5d289d8fad1fbcdd59da820951e3e0f9b0b0b3d1bad9b41338804e7c42a8a6197c6e9"' \
--header 'Content-Type: application/json' \
--header 'Cookie: PHPSESSID=sclorpmpb4ngion5e996os22ao' \
--data-raw '{
"accountId": "smsplus",
"referenceId": "b5f2d8785768087678fn4",
"amount": 10,
"currency": "INR",
"paymentSource": "WEB",
"paymentMethod": {
"name": "BNPL",
"bankCode": "LAZYPAY"
},
"order": {
"productInfo": "qwertyuiopasdfghjkl",
"userDefinedFields": {
"udf1": "",
"udf2": "",
"udf3": "",
"udf4": "",
"udf5": "",
"udf6": "",
"udf7": "",
"udf8": "",
"udf9": "",
"udf10": ""
},
"paymentChargeSpecification": {
"price": 10
}
},
"additionalInfo": {
"txnS2sFlow": "4",
"createOrder": "false"
},
"callBackActions": {
"successAction": "https://apitest.payu.in/test_response",
"failureAction": "https://apitest.payu.in/test_response",
"cancelAction": "https://apitest.payu.in//test_response"
},
"billingDetails": {
"firstName": "sartaj",
"lastName": "",
"phone": "9876543210",
"email": "[email protected]",
"city": "Bharatpur",
"state": "Rajasthan",
"country": "India",
"zipCode": "321028"
}
}'
Response parameters
Parameter | Description |
---|---|
referenceId |
This parameter contains the reference ID of the transaction. |
paymentId |
This parameter contains the payment ID of the transaction. |
message |
This parameter contains the status message of the transaction. |
Sample response
Note:Reverse hashing of the response is not required with that of v2/payment API.
Array
(
[referenceId] => b5f2d8785768087678fm9
[paymentId] => 1999110000001769
[message] => Please call verify api to get the transaction status
)
Step 2: Verify the payment
Verify the transaction details using the Verification APIs. For API reference, refer to Verify Payment API under API Reference.
TipThe transaction ID that you posted in Step 1 with PayU must be used here.
Updated 5 days ago