SabPaisa Developers Guide
Sabpaisa PG Integration
DEVELOPERS GUIDE
Sabpaisa PG Integration
Document Version: 2.0
Feb 24, 2020
Sabpaisa
SRS Live Technologies Pvt Ltd
Email – support@sabpaisa.in
1. INTRODUCTION
Purpose of the document
Thank you for choosing SabPaisa!
This document aims to help you quickly integrate SabPaisa PG into your existing application. The document contains a sample code to help you understand the flow of data from and to your application from SabPaisa. The document also contains a table specifying the information which your application should send to SabPaisa to correctly process any request. Sabpaisa will send a variety of response codes that your application may parse to be able to effectively communicate with the SabPaisa system. These error codes have been mentioned here along with their description.
2. PAYMENT FLOW
3. STATUS OF A TRANSACTION
| Sr No | Status Code | Status | Description |
|---|---|---|---|
| 1 | 0100 | INITIATED | The transaction has been started but not completed. |
| 2 | 0000 | SUCCESS | Payment Collected |
| 3 | 0300 | FAILURE | The transaction could not success |
| 4 | 0200 | ABORTED | The transaction aborted by the payer |
| 5 | 0400 | CHALLAN_GENERATED | Payer chose, eCash/eNEFT and generated slip for payment |
| 6 | 0600 | REFUND INITIATED | Refund request received & refund process initiated from SabPaisa end |
| 7 | 0700 | REFUNDED | Money refunded to the payer |
| 8 | 0800 | SETTLED | Settlement done for that transaction |
AVAILABLE PAYMENT MODES
| Mode | Payment Methods | Type | Availability |
|---|---|---|---|
| Online | Debit Card | Visa / Master / Rupay | Yes |
| Online | Credit Card | Visa / Master / Rupay | Yes |
| Online | Net Banking | Yes | |
| Online | UPI | Amazon Pay / OLA Money | Yes |
| Online | Wallet | Amazon Pay / OLA Money | Yes |
| Online | BharatQR | Yes | |
| Offline | eCash | Yes | |
| Offline | eNEFT | Yes |
SYSTEM DEPENDENCIES:
| PHP | Mcrypt Module/Open SSL | TLS V 1.2 or above |
| Dot Net | Latest Dot Net Framework | TLS V 1.2 or above |
| Java | Java Version 8 | TLS V 1.2 or above |
SABPAISA DEPENDENCIES:
| Platform | Dependency File |
|---|---|
| PHP | Authentication.php |
| Dot Net | EncryptionDecryption.cs |
| Java | commons-codec-1.10.jar & sabpaisaAuthentication.jar |
TECHNICAL INTEGRATION
UAT Test Environment:
Post Url – https://uatsp.sabpaisa.in/SabPaisa/sabPaisaInit
Test Credentials: The test credentials required for integration would be provided by SabPaisa.
Test Card Name: any name
Test Card Number: 5123456789012346
Test CVV: 123
Test Expiry: Any valid month and year.
Note:
The credentials for UAT Environment are different and should be used only with test server.
The purpose of the test server & credentials is to enable you to integrate and do test transaction. It cannot be used for actual transactions from your website.
In UAT/Test Environment, you would not be able to make transaction on following modes
- UPI
- BharatQR
- Wallet
Production server:
Post Url – https://securepay.sabpaisa.in/SabPaisa/sabPaisaInit
Integration Steps
Payment Request Parameters
| Sr No | Param Name | Description | Provided by | Mandatory | Max Length |
|---|---|---|---|---|---|
| 1 | prodCode | Merchant | No | 10 | |
| 2 | clientName | Client Code to uniquely identify the merchant | SabPaisa | Yes | 8 |
| 3 | usern | User Name | SabPaisa | Yes | N/A |
| 4 | pass | Password | SabPaisa | Yes | N/A |
| 5 | txnId | Unique txn id preferrably prefixed with First four letters of clientName | Merchant | Yes | 25 |
| 6 | amt | Payment Amount Type casted in double | Merchant | Yes | 9 |
| 7 | authKey | Authentication Key | SabPaisa | Yes | N/A |
| 8 | authIV | Authentication IV | SabPaisa | Yes | N/A |
| 9 | ru | Success URL | Merchant | Yes | 255 |
| 10 | failureURL | Failure URL | Merchant | Yes | 255 |
| 11 | firstName | Payer's First Name without (only alphabets a-z are allowed) | Merchant | Yes | 40 |
| 12 | lstName | Payer's First Name (only alphabets a-z are allowed) | Merchant | Yes | 40 |
| 13 | Payer's Email ID (only Alphanumeric and @ are allowed) | Merchant | Yes | 40 | |
| 14 | add | Payer's Address | Merchant | No | 50 |
| 15 | contactNo | (only numeric values are allowed) | Merchant | Yes | 16 |
| 16 | programId | Payment process identifier | Merchant | No | 16 |
| 17 | param1-param4 | Extra Parameter | Merchant | No | 255 |
| 18 | udf1-udf20 | User defined field | Merchant | No | 255 |
| 19 | channelId | Pass - 'm' for Payment request from Mobile Device. If left blank it would consider Web request | Merchant | No | 1 |
| 20 | grNumber | Extra | Merchant | No | 10 |
Allowed characters for add, param1-param4, udf1-udf16
- Characters: A to Z, a to z, 0 to 9
- – (Minus)
- _ (Underscore)
- @ (At the Rate)
- / (Slash)
- (Space)
- (Dot)
Response From Sabpaisa
| Parameters | Description | Possible Value | |||
|---|---|---|---|---|---|
| pgRespCode | PG Response Code (O) | 0200 | |||
| PGTxnNo | PG Txn ID (O) | null | |||
| SabPaisaTxId | 18 digit unique Transaction ID generated by Sabpaisa (M) | 707442602200978923 | |||
| issuerRefNo | Ref Number (O) | null | |||
| authIdCode | Auth Code (O) | 0 | |||
| amount | Total Deducted Amount with Txn Charges (M) | 1025.0 | |||
| clientTxnId | Unique Txn Id of the Merchant for each payment request (M) | TESTING260220090147748 | |||
| firstName | Payer First Name | Ankur | param2 | Extra Parameter (O) | NA |
| lastName | Payer Last Name | Yadav | |||
| payMode | Payment Mode Selected by Payer for Txn | CreditCard | |||
| Payer's Mail ID | name@example.com | ||||
| mobileNo | Payer's Mobile No | 9XX6XXXXX2 | |||
| spRespCode | SabPaisa Response Code (M) | 0200 | |||
| cid | Not in Use | NA | |||
| bid | Not in Use | NA | |||
| clientCode | Client Code provided by SabPaisa | ABNTP | |||
| payeeProfile | Not in Use | NA | |||
| transDate | Txn Completed Time Stamp | 2020-02-26 21:01:51.0& | |||
| spRespStatus | Named status | ABORTED | |||
| m3 | Not in Use | NA | |||
| challanNo | Unique challan No, in case Payer opted for eCash or eNEFT | null | |||
| reMsg | Response Message by SabPaisa | Your Transaction isCancelled | |||
| orgTxnAmount | Original Txn Amount without Txn Charges | 10.0 | |||
| programId | Optional | ABN | |||
| midName | Payer's Middle Name (O) | NA | |||
| Add | Payers Address (O) | NA | |||
| param1 | Extra Parameter (O) | NA | |||
| firstName | Payer First Name | Ankur | param2 | Extra Parameter (O) | NA |
| param3 | Extra Parameter (O) | NA | |||
| param4 | Extra Parameter (O) | NA | |||
| udf5 | User Defined Value Passed in Payment Request (O) | NA | |||
| udf6 | User Defined Value Passed in Payment Request (O) | NA | |||
| udf7 | User Defined Value Passed in Payment Request (O) | NA | |||
| udf8 | User Defined Value Passed in Payment Request (O) | NA | |||
| udf9 | User Defined Value Passed in Payment Request (O) | null | |||
| udf10 | User Defined Value Passed in Payment Request (O) | null | |||
| udf11 | User Defined Value Passed in Payment Request (O) | null | |||
| udf12 | User Defined Value Passed in Payment Request (O) | null | |||
| udf13 | User Defined Value Passed in Payment Request (O) | null | |||
| udf14 | User Defined Value Passed in Payment Request (O) | null | |||
| udf15 | User Defined Value Passed in Payment Request (O) | null | |||
| udf16 | User Defined Value Passed in Payment Request (O) | null | |||
| udf17 | User Defined Value Passed in Payment Request (O) | null | |||
| udf18 | User Defined Value Passed in Payment Request (O) | null | |||
| udf19 | User Defined Value Passed in Payment Request (O) | null | |||
| udf20 | User Defined Value Passed in Payment Request (O) | null |
Sample Code for Sending Payment Request to SabPaisa
The following is a sample code to send a request to SabPaisa.
$ spURL = null;
$spDomain = “”; //URL provided by SabPaisa (Mandatory)
$username = “”; //Username provided by Sabpaisa (Mandatory)
$password = “”; //Password provided by Sabpaisa (Mandatory)
$txnId = “”; //Transaction ID (Mandatory)
$clientCode = “”; //Provided by Sabpaisa (Mandatory)
$authKey = “”; //Authentication Key Provided By Sabpaisa
$authIV = “”; //Authentication IV Provided by Sabpaisa
$txnAmt = “”; //Transaction Amount (Mandatory)
$URLsuccess = “”; //Return URL upon successful transaction (Optional)
$URLfailure = “”; //Return URL upon failed Transaction (Optional)
$payerFirstName = “”; //Payer’s First Name (Optional)
$payerLastName = “”; //Payer’s Last Name (Optional)
$payerContact = “”; //Payer’s Contact Number (Mandatory)
$payerEmail = “”; //Payer’s Email Address (Mandatory)
$payerAddress = “”; //Payer’s Address (Optional)
$spURL=”?clientName=”.$clientCode.“&usern=”.$username.“&pass=”.$password.“&amt=”.$txnAmt.“&txnId=”.$txnId.“&firstName=”.$payerFirstName.“&lstName=”.$payerLastName.“&contactNo=”.$payerContact.“&Email=”.$payerEmail.“&Add=”.$payerAddress.“&ru=”.$URLsuccess.“&failureURL=”.$URLfailure;
Note: Import Authentication.php class in your working class and then use the method “encrypt ()” and “decrypt ()” for data encryption and decryption respectively.
$EncryptDecrypt = new EncryptDecrypt();
$spURL = $EncryptDecrypt -> encrypt($spURL,$authIV,$authKey);
$spURL = str_replace(“+”, “%2B”,$spURL);
$spURL=”?query=”.$spURL.”&clientName=”.$clientCode;
$spURL = $spDomain.$spURL;
Redirect $spURL parameter to reach Payment Option through SabPaisa.
Sample Code for Parsing SabPaisa Response:
Following sample code is used to receive and parse the response from Sabpaisa.
$query=$_REQUEST[‘query’];
$authKey=<< retrieve from your configurations>>;
$authIV=<< retrieve from your configurations>>;
$decText = null;
$EncryptDecrypt = new EncryptDecrypt();
$ decText = $EncryptDecrypt -> decrypt ($query,$authIV,$authKey);
The following is a sample code to send a request to Sabpaisa.
String spURL = null;
String spDomain = “”; | //URL provided by SabPaisa (Mandatory) |
String username = “”; | //Username provided by Sabpaisa (Mandatory) |
String password = “”; | //Password provided by Sabpaisa (Mandatory) |
String txnId = “”; | //Transaction ID (Mandatory) |
String clientCode = “”; | //Client Code Provided by Sabpaisa (Mandatory) |
String authKey = “”; | //Authentication Key Provided By Sabpaisa |
String authIV = “”; | //Authentication IV Provided by Sabpaisa |
String txnAmt = “”; | //Transaction Amount (Mandatory) |
String URLsuccess = “”; | //Return URL upon successful transaction (Optional) |
String URLfailure = “”; | //Return URL upon failed Transaction (Optional) |
String payerFirstName = “”; | //Payer’s First Name (Optional) |
String payerLastName = “”; | //Payer’s Last Name (Optional) |
String payerContact = “”; | //Payer’s Contact Number (Optional) |
String payerEmail = “”; | //Payer’s Email Address (Optional) |
String payerAddress = “”; | //Payer’s Address (Optional) |
boolean auth = false; | //Set this bit if authentication is enabled |
spURL = “?clientName=” + clientCode + “&usern=” + username + “&pass=” + password + “&amt=”txnAmt + “&txnId=” + txnId + “&firstName=” + payerFirstName + “&lstName=” + payerLastName “&contactNo=” + payerContact + “&Email=” + payerEmail + “&Add=” + payerAddress + “&ru=” + URLsuccess + “&failureURL=” + URLfailure;
spURL = Encryptor.encrypt(query, authIV, authKey); spURL = spURL.Replace(“+”,”%2B”); spURL=“?query=”+spURL+”&clientName=”+clientCode; spURL= spDomain+spURL;
Response.Redirect(spURL);
Sample Code for Parsing SabPaisa Response:
String query=Request[“query”]; query = query.Replace(“%2B”, “+”);
String authKey=<< retrieve from your configurations>>;
String authIV=<< retrieve from your configurations>>; String decText = null;
decText = SabPaisa1.decrypt1(query, authIV, authKey);
Dictionary<string, string> queryDictonary = new Dictionary<string, string> ();
queryDictonary= AdmissionDeskWebUI.EncryptionDecryption. quearyParser(decText);
After that you can get out parameters from Dictionary and get their value, for example like following:
foreach (KeyValuePair<string, string> pair in queryDictonary)
{
Console.WriteLine(pair.Key.ToString ()+ ” – ” + pair.Value.ToString () );
}
HttpServletResponse response = null; //Initialize your ServletResponse Object Here
String spURL = null;
String spDomain = “”; //URL provided by SabPaisa (Mandatory)
String username = “”; //Username provided by Sabpaisa (Mandatory)
String password = “”; //Password provided by Sabpaisa (Mandatory)
String txnId = “”; //Transaction ID (Mandatory)
String clientCode = “”; //Client Code Provided by Sabpaisa (Mandatory)
String authKey = “”; //Authentication Key Provided By Sabpaisa
String authIV = “”; //Authentication IV Provided by Sabpaisa
String txnAmt = “”; //Transaction Amount (Mandatory)
String URLsuccess = “”; //Return URL upon successful transaction (Optional)
String URLfailure = “”; //Return URL upon failed Transaction (Optional)
String payerFirstName = “”; //Payer’s First Name (Optional)
String payerLastName = “”; //Payer’s Last Name (Optional)
String payerContact = “”; //Payer’s Contact Number (Optional)
String payerEmail = “”; //Payer’s Email Address (Optional)
String payerAddress = “”; //Payer’s Address (Optional)
boolean auth = false; //Set this bit if authentication is enabled
spURL = “?clientName=” + clientCode + “&usern=” + username + “&pass=” + password + “&amt=”txnAmt + “&txnId=” + txnId + “&firstName=” + payerFirstName + “&lstName=” + payerLastName “&contactNo=” + payerContact + “&Email=” + payerEmail + “&Add=” + payerAddress + “&ru=” + URLsuccess + “&failureURL=” + URLfailure;
spURL = Encryptor.encrypt(authKey, authIV,spURL);
spURL = spURL.Replace(“\\+”,”%2B”);
spURL=“?query=”+spURL+”&clientName=”+clientCode;
spURL= spDomain+spURL;
response.sendRedirect(spURL);
Sample Code for Parsing SabPaisa Response:
String query=request.getParameter(“query”);
String authKey= << retrieve from your configurations>>;
String authIV= << retrieve from your configurations>>;
String decText = null;
decText = Encryptor.decrypt(authKey, authIV, query);
—————————————————————————————
Sample Response
If your ‘ru’ & ‘failureURL’ was https://www.example.com then the user will be redirected to something like:
https://example.com/ReturnPage.jsp?query=X6cexw9gkDhQnLnnNYPdV/clX%2BGfJ1NqdJ0%2BCZTZrpgtZrsU3yl1d4F3xzwHYYDY02WDAe2rmpiSVELTJx9VT16dAzQZccgTvYO72y1qc8K%2BAGxYv8tS9YCitm8KCzKdk%2BxDyh1TsS7%h33H0YLgBciJgbvazRGAsUwYxirzfr1vM7C60qZFruOIR4kb9oRY6MY9v5TaX7SRuQ==&clientCode=XXXXX
Now using the ‘txnId’ you can query our gateway to get the details related to the Payment Request.
Response Processing:
The Merchant has to decrypt the value and parse it in order to save the transaction data and status to its application
1. SabPaisa Check Out Page
2. Payment Verification
This API is provided to the SabPaisa clients to find out the details on any transaction made on SabPaisa.
It can be used for general inquiry on a transaction to obtain details on it or in cases when the client system is not being in synchronization with SabPaisa PG.
In cases of Offline transactions, using this inquiry is highly recommended.
Clients can write schedulers to run repeat inquiries, but are advised against executing multiple concurrent requests on SabPaisa using this API.
Client requests will be stored and monitored.
Request Format :
| Parameters | Description |
|---|---|
| URL | Url to which the request is to be sent. |
| Client Txn Id | Unique transaction ID sent by the client when the transaction was initiated. |
| Client Code | The code set by sabpaisa for that particular client to which this clientTxnId belongs.For ex: AD-40 |
Verification URL
Response Format:
The SabPaisa Response will carry an xml element with multiple attributes and their values to be read by the client.
Debit Card
<transaction clientTxnId=“TESTING240220071450881” txnId=“716922402200730399″ payeeAmount=“10” sabPaisaRespCode=“0200” status=“ABORTED” transCompleteDate=“2020-02-24 19:15:25.0” paymentMode=“Net Banking“/>
Credit Card
<transaction clientTxnId=“TESTING240220071450881” txnId=“716922402200730399″ payeeAmount=“10” sabPaisaRespCode=“0200“ status=“ABORTED” transCompleteDate=“2020-02-24 19:15:25.0” paymentMode=“Net Banking“/>
Net Banking
<transaction clientTxnId=“TESTING240220071450881” txnId=“716922402200730399″ payeeAmount=“10” sabPaisaRespCode=“0200” status=“ABORTED” transCompleteDate=“2020-02-24 19:15:25.0“ paymentMode=“Net Banking“/>
3. REFUND PROCESS
How to initiate refund
You can initiate refund for payments received from the payer in either ways
- Merchant Dash Board or
- Through Refunds API – Contact Integration Team For API
SabPaisa will initiate the refund on the next working day once initiated by the Merchant. The refund process completion takes time as per the given below table.
| Time/Pay Mode | Credit/Debit Cards | Net Banking | Wallet | UPI | Cash/NEFT |
|---|---|---|---|---|---|
| Min. Refund Time | 5 Days | 2 Days | 2 Days | 2 Days | Not Available |
| Max. Refund Time | 10 Days | 10 Days | 3 Days | 7 Days | Not Available |
Conditions for Refunds:
- You can initiate refunds only on those payments that are in success status.
- Refund are done via the same mode used by the Payer.
- The transaction fee and GST charged on successful transactions will not be reversed in the case of refunds.
Refund Process Flow
- The merchant will initiate the refund request through API or Merchant Dashboard for success transaction.
- On receipt of refund request, SabPaisa would initiate the refund request with the Bank
- Bank would process the refund request and update SabPaisa
- SabPaisa will accordingly update its system
- Merchant will run payment verification/Txn enquiry API and update its system.
5. SETTLEMENT PROCESS
Settlement is the process by which the money gets transferred from SabPaisa Account to merchant’s bank account. Generally, it is done within a T+2 settlement scheme where T is the date of successful transaction.
There is a reconciliation process at SabPaisa. On the next day, after the transactions happened, SabPaisa will reconcile online transactions with the credits received based on recon files received from the banks. After reconciling, we will generate a report and payment will be made for all the transactions for which payment has been received from the bank. All the details will be visible to you in the online interface.
ADDITIONAL FEATURES/FAQs
Push Api:
Due to some technical reasons, certain transactions are updated later or in case the merchant to SabPaisa communication is got disconnected in the course of transaction update in real-time, We provide Push Api.
SabPaisa Push Api are real-time transaction notifications that updates you whenever a successful transaction occurs in our system.
In order to keep the merchant updated its transactions, SabPaisa can optionally initiate a server-side call to your server. This server-side call is implemented as a standard POST request.
The Push Api and response (ru/failureURL) URLs can be different and you can use both the features independently.
For response redirect, only a URL has to be specified in regular payment requests, while Push Api feature needs some integration for the merchant after specifying the Push Api URL
It has to be noted that a Push Api is not a redirect. The payer browser will never process it. Its a communication between SabPaisa PG servers & your servers
Push Api Prerequisites
- By default, a Push Api is sent only on successful payments, but can be enabledfor failures too.
- A Push Api URL should be an internet facing publicly accessible URL on your server, which accepts a POST request from sabpaisa.in domain and subdomain.
- CSRF checks should be disabled and if the server is hosted over HTTPS, the SSL certificate should be valid and not expired.
- The URL should not have any kind of authentication
Push Api Response Parameters
In the server to server Push Api call, following parameters would be sent by sabpaisa to Merchant
| Parameter name | Description |
|---|---|
| clientTxnId | Transaction ID to uniquely identify a particular txn |
| txnId | SabPaisa Txn ID, Provided by SabPaisa against each Client Txn Id |
| payeeAmount | Txn Amount |
| sabPaisaRespCode | Response Code given against each txn request |
| Status | Response Msg given against each txn request |
| transCompleteDate | Txn Completion time stamp |
| paymentMode | Mode of the payment like – Credit card/Debit Card/Netbanking/Challan/NEFT/UPI/BharatQR |
| param1 | Any Extra Parameter passed by Merchant |
| param2 | Any Extra Parameter passed by Merchant |
| param3 | Any Extra Parameter passed by Merchant |
How can I stop double payment?
If you want to restrict accidental double payment, you can do it by following means
- Merchant would pass its unique identifier in the parameter – ‘grNumber’ for which the double payment has to be restricted
- SabPaisa PG would store the value of the parameter
- Would check the value of this parameter every time a payment request reaches to it, then it matches the associated transaction status.
- If the transaction status is in success status, then it would show a relevant message and would not allow the payer to make payment else it would process the payment.
- SabPaisa PG would redirect the payer to Merchant Site
- Payment deducted but not updated
- Transaction Status Check Link : Merchant can put this link on its payment site so that the payer can get the current status of their payment in case the transaction notification not received due to any reason.
Connect with Integration Team for Txn Status Link.