The current date and time. For example, format of the date is Wed, 28 Jun 2023 11:25:19 GMT.
authorization
The actual HMAC signature generated using the specified algorithm (sha512) and includes the hashed data. For more information, refer to authorization fields description table below.
authorization fields description
Parameter
Description
username
Represents the username or identifier for the client or merchant, in this case, it's "smsplus".
algorithm
Use SHA512 algorithm for hashing and send this as header value.
headers
Specifies which headers have been used in generating the hash. In this case, only the "date" header is used.
signature
The actual HMAC signature generated using the specified algorithm (sha512) and includes the hashed data. For more information, refer to hashing algorithm.
hashing algorithm
You must hash the request parameters using the following hash logic:
sha512(<Body data> + '|' + date + '|' + merchant_secret}
Where, <Body data> contains the request Body posted with the request.
Sample authorization header code
var merchant_key = pm.environment.get('merchantKey') || 'PRiQvJ';
var merchant_secret = pm.environment.get('merchantSalt') || 'mGHSxpD2iBVywParGQrGBlaXjnwkGJMQ';
// Generate current date in RFC 1123 format
var date = new Date().toUTCString();
// Get request body data (empty for GET/DELETE)
var data = "";
if (pm.request.method === "POST" && pm.request.body && pm.request.body.raw) {
data = pm.request.body.raw;
}
// Generate authorization header
var hash_string = data + '|' + date + '|' + merchant_secret;
var hash = CryptoJS.SHA512(hash_string).toString(CryptoJS.enc.Hex);
var authorization = 'hmac username="' + merchant_key + '", algorithm="sha512", headers="date", signature="' + hash + '"';
// Set environment variables
pm.environment.set('date', date);
pm.environment.set('authorization', authorization);
Header parameters
Parameter
Description
mid mandatory
Merchant ID provided by PayU. Use the value provided in your PayU dashboard.
date mandatory
The current date and time. For example, format of the date is Wed, 28 Jun 2023 11:25:19 GMT.
Query parameters
Parameter
Description
userCredential mandatory
String Encrypted user credentials, typically <username>:<password>.
cardToken mandatory
String Token for the card whose payment details are being fetched.
amount mandatory
Number Amount to validate or process for this payment.
currency_type mandatory
String Currency in which the payment is being processed (for example, INR).
tokenType optional
String Type of token. Possible values include PAYU, NETWORK, ISSUER, or null.
A one-click flow in a saved card system is a fast, secure payment checkout experience that allows returning customers to finalize purchases with a single click or tap, without re-entering card details, CVV, or authentication codes like OTP.
oneClickStatus
Indicates whether the saved card allows the customer to complete a purchase with a single click or tap, without re-entering card details (card number, CVV, or expiry date) or undergoing additional 3D Secure authentication for every transaction.
Card mode (for example, CC for Credit Card or DC for Debit Card).
par
Payment Account Reference – unique identifier for the card across environments.
ZCLY85YBYQ4Q8D6162O8M0V414GK7
tokenReferenceId
Reference ID associated with the token.
3dc50cce023cf4d7dd243c9af272c5c6
cardNo
Masked card number.
XXXXXXXXXXXX1258
oneClickCardAlias
Non-sensitive, unique identifier (or token) that represents a customer's actual credit or debit card number (PAN), allowing them to make future purchases with a single click without re-entering card details.
cardToken
Card token.
9350516de374f7bab4cd2
cardName
Nickname assigned to the card at the time of saving.
cryptogram
Generated encrypted string used for payment security.
AgAAAGQBdCZtW8sAmbHTg0UAAAA=
Updated 29 days ago
Updated 29 days ago
Ask AI
Beta
Hi! I am an AI Assistant. Ask me about PayU and get help with your integration.
