This API allows merchants to capture an authorized transaction.
HTTP Method: POST
Environment
| Production Environment | https://test.payu.in/v2/refund |
| Test Environment | https://info.payu.in/v2/refund |
Request headers
| Parameter | Description |
|---|---|
| date | The current date and time. For example, format of the date is Wed, 28 Jun 2023 11:25:19 GMT. |
| authorization | The actual HMAC signature generated using the specified algorithm (sha512) and includes the hashed data. For more information, refer to authorization fields description. |
authorization fields description
| Field | Description |
|---|---|
| username | Represents the username or identifier for the client or merchant, for example smsplus. |
| algorithm | Use SHA512 algorithm for hashing and send this as header value. |
| headers | Specifies which headers have been used in generating the hash, for example date. |
| signature | The HMAC signature generated using the specified algorithm. For more information, refer to hashing algorithm. |
hashing algorithm
You must hash the request parameters using the following hash logic:
Hash logic: sha512(<Body data> + '|' + date + '|' + merchant_secret)
Where <Body data> contains the request body posted with the request.
Sample header code
var merchant_key = 'smsplus';
var merchant_secret = 'izF09TlpX4ZOwmf9MvXijwYsBPUmxYHD';
// date
var date = new Date();
date = date.toUTCString();
// authorization
var authorization = getAuthHeader(date);
function getAuthHeader(date) {
var AUTH_TYPE = 'sha512';
var data = isEmpty(request['data']) ? "" : request['data'];
var hash_string = data + '|' + date + '|' + merchant_secret;
var hash = CryptoJS.SHA512(hash_string).toString(CryptoJS.enc.Hex);
return `hmac username="${merchant_key}", algorithm="${AUTH_TYPE}", headers="date", signature="${hash}"`;
}Request parameters
Sample request
curl --location 'https://info.payu.in/v1/transaction/capture' \
--header 'Content-Type: application/json' \
--header 'date: Tue, 17 Jun 2025 06:48:55 GMT' \
--header 'authorization: hmac username="smsplus", algorithm="sha512", headers="date", signature="b4db4b20d1d9146edfd846fc11c2145ab1ac99c001df5923e3a412672f577b73f3b2cee4dc492f18ea55a0be8a4ec9f0df4475ad6eb03bedc0c6ef46235f0ed7"' \
--data '{
"amount": 1.0,
"payuId": "22919645299",
"referenceId": "5ea2ed7ac7756f12a0a1"
}'Sample response
{
"message": "Transaction captured successfully",
"status": 1,
"result": {
"payuId": "22919645299",
"amount": 1.0,
"merchantRefId": "5ea2ed7ac7756f12a0a1",
"captureId": "CAP123456789",
"status": "success"
}
}Response Parameters
| Parameter | Description | Example |
|---|---|---|
| message | String Response message indicating the operation result. | Transaction captured successfully |
| status | Integer Status code for the operation. 1 for success, 0 for failure. | 1 |
| result | String Result of the response in JSON format. For more information, refer to result JSON field descriptions. | 22919645299 |
result JSON field descriptions
| Field | Description | Example |
|---|---|---|
| payuId | PayU payment ID that was provided in the request. | 22919645299 |
| amount | Captured amount as provided in the request. | 1.0 |
| merchantRefId | Merchant reference ID that was provided in the request. | 5ea2ed7ac7756f12a0a1 |
| captureId | Unique ID generated by PayU for the capture transaction. This can be used for tracking the capture operation. | CAP123456789 |
| status | Status of the capture operation. Possible values are 'success', 'failure', or 'pending'. | success |