API Documentation

Request URL:

UAT: https://uat.pay10.com/pgws/upi/collectpay

PROD: https://secure.pay10.com/pgws/upi/collectpay

📘

Please note, endpoints are same for collect and intent/qr; only difference is you will send an additional param UPI_INTENT with a value of 1 for intent and DQR

Request Format
Please refer the table below for details of the required and optional parameters that need to be included in request. Request is in JSON format.

Field

Description

Required

PAY_ID

Pay ID is provided by Pay10

Y

ORDER_ID

Generate Dynamic Id

Y

AMOUNT

Amount in Paisa

Y

CURRENCY_CODE

Currency Code (356 for INR)

Y

TXNTYPE

SALE

Y

MOP_TYPE

UP

Y

PAYMENT_TYPE

UP

Y

CUST_EMAIL

User email id

Y

CUST_PHONE

User phone number

Y

UPI_INTENT

Pass value 1 for upi intent and DQR, field is not required for collect flow

Y

PAYER_ADDRESS

User UPI address

Applicable and Mandatory only in case of Collect Flow

Y


Additional Parameters:

For TPV -

FieldDescriptionTypeExample
TPVFor TPV pass: Ifsc code|Account noANTPV=UBIN0560430|7C7C604302010010

Method of generating hash


To generate a hash, you need to make a request of all the required parameters

  1. For example, if you have to pass the following name value pairs in your Request:

📘

Collect flow sample-

Array ( [PAY_ID][PAY_ID] => 1189120620120322 [ORDER_ID][ORDER_ID] => PAY100907220801 [AMOUNT] => 100 [CURRENCY_CODE][CURRENCY_CODE] => 356 [TXNTYPE] => SALE [MOP_TYPE][MOP_TYPE] => UP [PAYMENT_TYPE][PAYMENT_TYPE] => UP [CUST_EMAIL][CUST_EMAIL] =>[email protected] [CUST_PHONE][CUST_PHONE] => 9999999999 [PAYER_ADDRESS][PAYER_ADDRESS] => work@yesb )


📘

Intent flow sample-

Array ( [PAY_ID][PAY_ID] => 1494530406101214 [ORDER_ID][ORDER_ID] => DB1677737536977 [AMOUNT] =>
100 [CURRENCY_CODE][CURRENCY_CODE] => 356 [TXNTYPE] => SALE [MOP_TYPE][MOP_TYPE] => UP
[PAYMENT_TYPE][PAYMENT_TYPE] => UP [CUST_EMAIL][CUST_EMAIL] => [email protected] [CUST_PHONE][CUST_PHONE] =>
999999999[UPI_INTENT][UPI_INTENT]=>1

📘

Dynamic QR

Array ( [PAY_ID][PAY_ID] => 1494530406101214 [ORDER_ID][ORDER_ID] => DB1677737536977 [AMOUNT] =>
100 [CURRENCY_CODE][CURRENCY_CODE] => 356 [TXNTYPE] => SALE [MOP_TYPE][MOP_TYPE] => QR
[PAYMENT_TYPE][PAYMENT_TYPE] => QR [CUST_EMAIL][CUST_EMAIL] => [email protected] [CUST_PHONE][CUST_PHONE] =>
999999999[UPI_INTENT][UPI_INTENT]=>1

  1. Then you need to sort all the parameters in ascending order and add “Tilde” symbol as separator

📘

Collect flow sample-

AMOUNT=100~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=9999999999~MOP_TYPE=UP~ORDER_ID=PAY100907220801~PAYER_ADDRESS=work@yesb~PAYMENT_TYPE=UP~PAY_ID =1189120620120322~TXNTYPE=SALE

📘

Intent flow sample-

AMOUNT=700~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=89897
85536~MOP_TYPE=UP~ORDER_ID=DB18120005056909~PAYMENT_TYPE=UP~PAY_ID=1494
530406101214~TXNTYPE=SALE~UPI_INTENT=1

📘

Dynamic QR sample

AMOUNT=700~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=89897
85536~MOP_TYPE=QR~ORDER_ID=DB18120005056909~PAYMENT_TYPE=QR~PAY_ID=1494
530406101214~TXNTYPE=SALE~UPI_INTENT=1

  1. Next step is to append the Secret Key at the end of the parameter string given by Pay10. After adding you will get the following output:

📘

Collect flow sample-

AMOUNT=100~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=9999999999~MOP_TYPE=UP~ORDER_ID=PAY100907220801~PAYER_ADDRESS=work@yesb~PAYMENT_TYPE=UP~PAY_ID =1189120620120322~TXNTYPE=SALE910d73cfd7eb4785

📘

Intent flow

AMOUNT=700~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHON
E=8989785536~MOP_TYPE=UP~ORDER_ID=DB18120005056909~PAYMENT_TYPE=
UP~PAY_ID=1494530406101214~TXNTYPE=SALE~UPI_INTENT=159e04653d7ee499

📘

Dynamic QR sample-

AMOUNT=700~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHON
E=8989785536~MOP_TYPE=QR~ORDER_ID=DB18120005056909~PAYMENT_TYPE=
QR~PAY_ID=1494530406101214~TXNTYPE=SALE~UPI_INTENT=159e04653d7ee499

  1. After completing the above mentioned process you will have to call SHA256 algorithm and pass the parameter string to the same and the SHA256 will return the desired result as given below:

📘

Hash value= 2e2211add345e0756ed6a3650c1ddb3160be2bcef661c8d1efd2c6029804ea4f

Now you have to convert the generated value to the Uppercase and you will get the final result as hash value:

📘

Hash value= 2E2211ADD345E0756ED6A3650C1DDB3160BE2BCEF661C8D1EFD2C6029804EA4F

The purpose of the SHA256 signature field is to ensure the integrity of the data posted back to your server. You should always compare the SHA256 signature field's value posted by Pay10 servers with the one you calculated.


Encrypting the request

Encryption Key: The encryption key will be sent over email to the registered email id when the merchant is proceeding to live mode.

Encryption mechanism
After the plain text request is prepared the hash is also appended to the request string:

📘

For collect flow-

{AMOUNT=100~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=9999999999~MOP_TYPE=UP~ORDER_ID=PAY100907220801~PAYER_ADDRESS=work@yesb~PAYMENT_TYPE=UP~PAY_ID=1189120620120322~TXNTYPE=SALE~HASH=2E2211ADD345E0756ED6A3650C1DDB3160BE2BCEF661C8D1 EFD2C6029804EA4F }

📘

For Intent flow sample-

AMOUNT=700~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=89
89785536~HASH=18ECA5E13934D54231AECA2D996423E1C2C19CA1EF6A61568EF754E
B45F997F1~MOP_TYPE=UP~ORDER_ID=DB18120005056909~PAYMENT_TYPE=UP~PAY
_ID=1494530406101214~TXNTYPE=SALE~UPI_INTENT=1

📘

Dynamic QR sample-

AMOUNT=700~CURRENCY_CODE=356~CUST_EMAIL=[email protected]~CUST_PHONE=89
89785536~HASH=18ECA5E13934D54231AECA2D996423E1C2C19CA1EF6A61568EF754E
B45F997F1~MOP_TYPE=QR~ORDER_ID=DB18120005056909~PAYMENT_TYPE=QR~PAY
_ID=1494530406101214~TXNTYPE=SALE~UPI_INTENT=1

After the hash is appended the request string is encrypted using AES algorithm with “/CBC/PKCS5PADDING” and then posted over to the PAY10 PG with parameter name ENCDATA

📘

ENCDATA=”UIpawSNkoaomx3+BtZdcoH996DvZ+zJPhMYPQwrQiOsMFJcMGa7HgCt8cZeIqwCXqeUJrSQrP0FSjPOimgy1Q0Ix3uj1o5+wxn9pVyLKYpe00YAp6O4WJ6kj1i2pU9BozMi8phPj4ADYkfFmWNpbIZbXAgK2y2E199t8hIQggfuT1g50rsZn9ktL9sVyXtWQ3CKxHe1BYlU8mkNbjtxPrFo5zsFWBhVshUhpVk+F2S/zMj9aj9dTmikTQ7YbeJ20j/a5VWR9jm2UA3l3GefaIRXY+tzV8+LujPSzAMp8sRIUrUZgm8Xz/hwzeFvi9d/EzG4k9Q2sj9HksOo7UMPPGA6wCiSP9IXdn6TGWc3xZ3iOgg5NWyCdXvRxAT0LPsPTlAuy027nm2PYMjJUANebQW==”


Note: Please do not append the salt key with the request String before encryption.

Sending request and Getting Response

Request Url:
UAT: https://uat.pay10.com/pgws/upi/collectpay
PROD: https://secure.pay10.com/pgws/upi/collectpay

After the hashing and encryption is done the encrypted request is posted to PAY10 PG via curl
and a response is received.
Headers are required to post a request:
Headers = [
"Content-Type: application/json",
][
"Content-Type: application/json",
];

Request format:

📘

{"PAY_ID":"1189120620120322","ENCDATA":"kLAsIKFSawwAfR3ohprTUIZlzXESUPDXIYf+Y4270XqJSroGn12gKwryvjtpp51pq50fF5R1H458/zvNmfjM593aGNFTQYsIfxusB7FO8YEr8yL3f3t8Cu+iFeZcP62T33nRPCD6hR9nW7CcyXwtbHxIlOELNO+LttcBSO094GFoxnF50HY0zrzcdqAgBFRejoN8H1BTCt5wTix2ojU96yvkjtQ0m3O8lQSZo/TLX9lbnxbHJ4MOLgSySyxUdBkOC7PvvygD61pMy6mBqlh/A5TxNeaV6/6IKK8ssU4+n370RlQoLFCR84T8D2kYFDvxQ5oj+3T2riULjDWaXVy6IoWxQ8NN/5G+eYJ113e944=" }

Response

For example, Encrypted data received

📘

{"PAY_ID":"1189120620120322","ENCDATA":"LbiWtb65eRQUNONoVa5AbXSyGwLFijp51r7wRi088Q/kc+qoKukjiSqedsXGuPGykZVisNXdHAvs5J1QI4taIXa/cPgMyBy+ZHDKgPz0wBaY4z+LYv+leAVRgnuFnbpkqUEKOpBIYshY6WyO5GFQcLJS1++Zv3C5rw16qcI+t7Bqxzvx14KJ2UqncLXH/y+pk0/xZm1MPK/9k4nOv0mZRNzIWeNpGjVzSp/dFtKCX05SjknXo5R2Bnv0ktzAsd4Sbqsr8TpHy0rdsWmr7lN3SYjYjt/Jc4G/kumSdg41w8aFDRNxjM0ROxqkgLenqlJQN5jiUsEBXpkEN7FkZU6MUgSMugwVt2p+qiEAgpkMX6fKmYBWzua5GRJ1UlA4bmKox+1gXOEmaRQ3tswSqveGYz4JX/Epgg/LpE5JX5Cjf1aYRA5LEWI6TD7RTwHBMUdxkJkdzk2wUgkXeDwJfta6WvP2nWXct6KXVUjTZaaQPyQ2DQ2SyE+tf+uulTkMfvnOsPks9TRdQip/HObttz5IqGT+UnHFBG5PM60ykQ3FNtPmjSMAXiuNC+ZCuU10uLhDwOjmAtF4IlE+l4cVcOLF3xwY/CgMptinctDy+q1t0UipGG8udxJcpKwaiy3XHGMp86/IFnBcgkOhl5rQxA5e64NgiyEjuO33e8d85mcASSOBj+f3Nyaoj2TgoO1Zlk75wcurTosqAPxVMdoxtesmFqkmCutWoZ7A5TJ9kWMqaEY"}


The response received to the merchant in the same format with ENCDATA and PAY_ID as the parameters. ENCDATA is decrypted using the same encryption key.

After Decryption, this is how decrypted data will be like:

📘

For collect flow-

RESPONSE_CODE=000~PAYER_NAME=PUNEET KAPOOR~TXN_ID=1699120709113138~IS_MERCHANT_HOSTED=Y~CUST_PHONE=9999999999~MOP_TYPE=UP~ACQ_ID=YESBE34AC8849825190DE05400144FF8FE4~TXNTYPE=SALE~CURRENCY_CODE=356~RRN=219010077434~SURCHARGE_FLAG=N~HASH=3E5736BCC0435E9D9E349BAD269C2BF4A6454B108CA83B3FD5E3F885040C738~PAYMENT_TYPE=UP~PG_TXN_MESSAGE=SUCCESS~STATUS=Sent to Bank~PG_REF_NUM=1689120709113137~PAY_ID=1189120620120322~PAYER_ADDRESS=work@yesb~ORDER_ID=PAY100907220801~AMOUNT=100~RESPONSE_MESSAGE=SUCCESS~CUST_EMAIL=rohit.singh@gmail .com~TOTAL_AMOUNT=100

Now for collect flow, you can split the decrypted string to get a plain text.

📘

For Intent flow & dynamic QR sample-

RESPONSE_CODE=000~UPI_INTENT=1~PAYER_NAME=NA~TXN_ID=2164940701224651~IS_MERCHANT_HOSTED=Y~CUST_PHONE=8989785536~MOP_TYPE=UP~TXNTYPE=SALE~CURRENCY_CODE=356~SURCHARGE_FLAG=N~HASH=1
98577F35CB21370323C917A2593FC5450BF47498BE7AD275292C4F24EA9FC24~PAYMENT_TYPE=UP~STATUS=Sent to Bank~PG_REF_NUM=2164940701224651~PAY_ID=1494530406101214~PAYER_ADDRESS=NA~QRSTRING=upi://paypa=pay10razorpay@yesbank&pn=&m=&tr=2164940701224651&tn=Invoice&am=7.00&cu=IR&mam=2~ORDER_ID=DB18120005056909~AMOUNT=700~RESPONSE_MESSAGE=Request Accepted~CUST_EMAIL=[email protected]~TOTAL_AMOUNT=700


And Now for Intent,

In HTML code add this string

upi://pay?pa=pay10razorpay@yesbank&pn=&m=&tr=2164940701224651&tn=Invoice&am=7.00&cu=INR&mam=2

📘

Please Note: For QR, you would have to use the same string you get in Intent response and generate QR in your end