Request URL:
UAT: https://uat.pay10.com/pgws/upi/collectpay
PROD: https://secure.pay10.com/pgws/upi/collectpay
Please note, endpoints are same for collect and intent/qr; only difference is you will send an additional param UPI_INTENT with a value of 1 for intent and DQR
Request Format
Please refer the table below for details of the required and optional parameters that need to be included in request. Request is in JSON format.
Field | Description | Required |
|---|---|---|
PAY_ID | Pay ID is provided by Pay10 | Y |
ORDER_ID | Generate Dynamic Id | Y |
AMOUNT | Amount in Paisa | Y |
CURRENCY_CODE | Currency Code (356 for INR) | Y |
TXNTYPE | SALE | Y |
MOP_TYPE | UP | Y |
PAYMENT_TYPE | UP | Y |
CUST_EMAIL | User email id | Y |
CUST_PHONE | User phone number | Y |
UPI_INTENT | Pass value 1 for upi intent and DQR, field is not required for collect flow | Y |
PAYER_ADDRESS | User UPI address Applicable and Mandatory only in case of Collect Flow | Y |
Additional Parameters:
For TPV -
| Field | Description | Type | Example |
|---|---|---|---|
| TPV | For TPV pass: Ifsc code|Account no | AN | TPV=UBIN0560430|7C7C604302010010 |
Method of generating hash
To generate a hash, you need to make a request of all the required parameters
- For example, if you have to pass the following name value pairs in your Request:
Collect flow sample-
Array ( [PAY_ID][PAY_ID] => 1189120620120322 [ORDER_ID][ORDER_ID] => PAY100907220801 [AMOUNT] => 100 [CURRENCY_CODE][CURRENCY_CODE] => 356 [TXNTYPE] => SALE [MOP_TYPE][MOP_TYPE] => UP [PAYMENT_TYPE][PAYMENT_TYPE] => UP [CUST_EMAIL][CUST_EMAIL] =>[email protected] [CUST_PHONE][CUST_PHONE] => 9999999999 [PAYER_ADDRESS][PAYER_ADDRESS] => work@yesb )
Intent flow sample-
Array ( [PAY_ID][PAY_ID] => 1494530406101214 [ORDER_ID][ORDER_ID] => DB1677737536977 [AMOUNT] =>
100 [CURRENCY_CODE][CURRENCY_CODE] => 356 [TXNTYPE] => SALE [MOP_TYPE][MOP_TYPE] => UP
[PAYMENT_TYPE][PAYMENT_TYPE] => UP [CUST_EMAIL][CUST_EMAIL] => [email protected] [CUST_PHONE][CUST_PHONE] =>
999999999[UPI_INTENT][UPI_INTENT]=>1
Dynamic QR
Array ( [PAY_ID][PAY_ID] => 1494530406101214 [ORDER_ID][ORDER_ID] => DB1677737536977 [AMOUNT] =>
100 [CURRENCY_CODE][CURRENCY_CODE] => 356 [TXNTYPE] => SALE [MOP_TYPE][MOP_TYPE] => QR
[PAYMENT_TYPE][PAYMENT_TYPE] => QR [CUST_EMAIL][CUST_EMAIL] => [email protected] [CUST_PHONE][CUST_PHONE] =>
999999999[UPI_INTENT][UPI_INTENT]=>1
- Then you need to sort all the parameters in ascending order and add “Tilde” symbol as separator
Collect flow sample-
AMOUNT=100~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=9999999999~MOP_TYPE=UP~ORDER_ID=PAY100907220801~PAYER_ADDRESS=work@yesb~PAYMENT_TYPE=UP~PAY_ID =1189120620120322~TXNTYPE=SALE
Intent flow sample-
AMOUNT=700~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=89897
85536~MOP_TYPE=UP~ORDER_ID=DB18120005056909~PAYMENT_TYPE=UP~PAY_ID=1494
530406101214~TXNTYPE=SALE~UPI_INTENT=1
Dynamic QR sample
AMOUNT=700~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=89897
85536~MOP_TYPE=QR~ORDER_ID=DB18120005056909~PAYMENT_TYPE=QR~PAY_ID=1494
530406101214~TXNTYPE=SALE~UPI_INTENT=1
- Next step is to append the Secret Key at the end of the parameter string given by Pay10. After adding you will get the following output:
Collect flow sample-
AMOUNT=100~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=9999999999~MOP_TYPE=UP~ORDER_ID=PAY100907220801~PAYER_ADDRESS=work@yesb~PAYMENT_TYPE=UP~PAY_ID =1189120620120322~TXNTYPE=SALE910d73cfd7eb4785
Intent flow
AMOUNT=700~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHON
E=8989785536~MOP_TYPE=UP~ORDER_ID=DB18120005056909~PAYMENT_TYPE=
UP~PAY_ID=1494530406101214~TXNTYPE=SALE~UPI_INTENT=159e04653d7ee499
Dynamic QR sample-
AMOUNT=700~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHON
E=8989785536~MOP_TYPE=QR~ORDER_ID=DB18120005056909~PAYMENT_TYPE=
QR~PAY_ID=1494530406101214~TXNTYPE=SALE~UPI_INTENT=159e04653d7ee499
- After completing the above mentioned process you will have to call SHA256 algorithm and pass the parameter string to the same and the SHA256 will return the desired result as given below:
Hash value= 2e2211add345e0756ed6a3650c1ddb3160be2bcef661c8d1efd2c6029804ea4f
Now you have to convert the generated value to the Uppercase and you will get the final result as hash value:
Hash value= 2E2211ADD345E0756ED6A3650C1DDB3160BE2BCEF661C8D1EFD2C6029804EA4F
The purpose of the SHA256 signature field is to ensure the integrity of the data posted back to your server. You should always compare the SHA256 signature field's value posted by Pay10 servers with the one you calculated.
Encrypting the request
Encryption Key: The encryption key will be sent over email to the registered email id when the merchant is proceeding to live mode.
Encryption mechanism
After the plain text request is prepared the hash is also appended to the request string:
For collect flow-
{AMOUNT=100~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=9999999999~MOP_TYPE=UP~ORDER_ID=PAY100907220801~PAYER_ADDRESS=work@yesb~PAYMENT_TYPE=UP~PAY_ID=1189120620120322~TXNTYPE=SALE~HASH=2E2211ADD345E0756ED6A3650C1DDB3160BE2BCEF661C8D1 EFD2C6029804EA4F }
For Intent flow sample-
AMOUNT=700~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=89
89785536~HASH=18ECA5E13934D54231AECA2D996423E1C2C19CA1EF6A61568EF754E
B45F997F1~MOP_TYPE=UP~ORDER_ID=DB18120005056909~PAYMENT_TYPE=UP~PAY
_ID=1494530406101214~TXNTYPE=SALE~UPI_INTENT=1
Dynamic QR sample-
AMOUNT=700~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=89
89785536~HASH=18ECA5E13934D54231AECA2D996423E1C2C19CA1EF6A61568EF754E
B45F997F1~MOP_TYPE=QR~ORDER_ID=DB18120005056909~PAYMENT_TYPE=QR~PAY
_ID=1494530406101214~TXNTYPE=SALE~UPI_INTENT=1
After the hash is appended the request string is encrypted using AES algorithm with “/CBC/PKCS5PADDING” and then posted over to the PAY10 PG with parameter name ENCDATA
ENCDATA=”UIpawSNkoaomx3+BtZdcoH996DvZ+zJPhMYPQwrQiOsMFJcMGa7HgCt8cZeIqwCXqeUJrSQrP0FSjPOimgy1Q0Ix3uj1o5+wxn9pVyLKYpe00YAp6O4WJ6kj1i2pU9BozMi8phPj4ADYkfFmWNpbIZbXAgK2y2E199t8hIQggfuT1g50rsZn9ktL9sVyXtWQ3CKxHe1BYlU8mkNbjtxPrFo5zsFWBhVshUhpVk+F2S/zMj9aj9dTmikTQ7YbeJ20j/a5VWR9jm2UA3l3GefaIRXY+tzV8+LujPSzAMp8sRIUrUZgm8Xz/hwzeFvi9d/EzG4k9Q2sj9HksOo7UMPPGA6wCiSP9IXdn6TGWc3xZ3iOgg5NWyCdXvRxAT0LPsPTlAuy027nm2PYMjJUANebQW==”
Note: Please do not append the salt key with the request String before encryption.
Sending request and Getting Response
Request Url:
UAT: https://uat.pay10.com/pgws/upi/collectpay
PROD: https://secure.pay10.com/pgws/upi/collectpay
After the hashing and encryption is done the encrypted request is posted to PAY10 PG via curl
and a response is received.
Headers are required to post a request:
Headers = [
"Content-Type: application/json",
][
"Content-Type: application/json",
];
Request format:
{"PAY_ID":"1189120620120322","ENCDATA":"kLAsIKFSawwAfR3ohprTUIZlzXESUPDXIYf+Y4270XqJSroGn12gKwryvjtpp51pq50fF5R1H458/zvNmfjM593aGNFTQYsIfxusB7FO8YEr8yL3f3t8Cu+iFeZcP62T33nRPCD6hR9nW7CcyXwtbHxIlOELNO+LttcBSO094GFoxnF50HY0zrzcdqAgBFRejoN8H1BTCt5wTix2ojU96yvkjtQ0m3O8lQSZo/TLX9lbnxbHJ4MOLgSySyxUdBkOC7PvvygD61pMy6mBqlh/A5TxNeaV6/6IKK8ssU4+n370RlQoLFCR84T8D2kYFDvxQ5oj+3T2riULjDWaXVy6IoWxQ8NN/5G+eYJ113e944=" }
Response
For example, Encrypted data received
{"PAY_ID":"1189120620120322","ENCDATA":"LbiWtb65eRQUNONoVa5AbXSyGwLFijp51r7wRi088Q/kc+qoKukjiSqedsXGuPGykZVisNXdHAvs5J1QI4taIXa/cPgMyBy+ZHDKgPz0wBaY4z+LYv+leAVRgnuFnbpkqUEKOpBIYshY6WyO5GFQcLJS1++Zv3C5rw16qcI+t7Bqxzvx14KJ2UqncLXH/y+pk0/xZm1MPK/9k4nOv0mZRNzIWeNpGjVzSp/dFtKCX05SjknXo5R2Bnv0ktzAsd4Sbqsr8TpHy0rdsWmr7lN3SYjYjt/Jc4G/kumSdg41w8aFDRNxjM0ROxqkgLenqlJQN5jiUsEBXpkEN7FkZU6MUgSMugwVt2p+qiEAgpkMX6fKmYBWzua5GRJ1UlA4bmKox+1gXOEmaRQ3tswSqveGYz4JX/Epgg/LpE5JX5Cjf1aYRA5LEWI6TD7RTwHBMUdxkJkdzk2wUgkXeDwJfta6WvP2nWXct6KXVUjTZaaQPyQ2DQ2SyE+tf+uulTkMfvnOsPks9TRdQip/HObttz5IqGT+UnHFBG5PM60ykQ3FNtPmjSMAXiuNC+ZCuU10uLhDwOjmAtF4IlE+l4cVcOLF3xwY/CgMptinctDy+q1t0UipGG8udxJcpKwaiy3XHGMp86/IFnBcgkOhl5rQxA5e64NgiyEjuO33e8d85mcASSOBj+f3Nyaoj2TgoO1Zlk75wcurTosqAPxVMdoxtesmFqkmCutWoZ7A5TJ9kWMqaEY"}
The response received to the merchant in the same format with ENCDATA and PAY_ID as the parameters. ENCDATA is decrypted using the same encryption key.
After Decryption, this is how decrypted data will be like:
For collect flow-
RESPONSE_CODE=000~PAYER_NAME=PUNEET KAPOOR~TXN_ID=1699120709113138~IS_MERCHANT_HOSTED=Y~CUST_PHONE=9999999999~MOP_TYPE=UP~ACQ_ID=YESBE34AC8849825190DE05400144FF8FE4~TXNTYPE=SALE~CURRENCY_CODE=356~RRN=219010077434~SURCHARGE_FLAG=N~HASH=3E5736BCC0435E9D9E349BAD269C2BF4A6454B108CA83B3FD5E3F885040C738~PAYMENT_TYPE=UP~PG_TXN_MESSAGE=SUCCESS~STATUS=Sent to Bank~PG_REF_NUM=1689120709113137~PAY_ID=1189120620120322~PAYER_ADDRESS=work@yesb~ORDER_ID=PAY100907220801~AMOUNT=100~RESPONSE_MESSAGE=SUCCESS~CUST_EMAIL=rohit.singh@gmail .com~TOTAL_AMOUNT=100
Now for collect flow, you can split the decrypted string to get a plain text.
For Intent flow & dynamic QR sample-
RESPONSE_CODE=000~UPI_INTENT=1~PAYER_NAME=NA~TXN_ID=2164940701224651~IS_MERCHANT_HOSTED=Y~CUST_PHONE=8989785536~MOP_TYPE=UP~TXNTYPE=SALE~CURRENCY_CODE=356~SURCHARGE_FLAG=N~HASH=1
98577F35CB21370323C917A2593FC5450BF47498BE7AD275292C4F24EA9FC24~PAYMENT_TYPE=UP~STATUS=Sent to Bank~PG_REF_NUM=2164940701224651~PAY_ID=1494530406101214~PAYER_ADDRESS=NA~QRSTRING=upi://paypa=pay10razorpay@yesbank&pn=&m=&tr=2164940701224651&tn=Invoice&am=7.00&cu=IR&mam=2~ORDER_ID=DB18120005056909~AMOUNT=700~RESPONSE_MESSAGE=Request Accepted~CUST_EMAIL=[email protected]~TOTAL_AMOUNT=700
And Now for Intent,
In HTML code add this string
upi://pay?pa=pay10razorpay@yesbank&pn=&m=&tr=2164940701224651&tn=Invoice&am=7.00&cu=INR&mam=2Please Note: For QR, you would have to use the same string you get in Intent response and generate QR in your end