SabPaisa Developers Guide

Sabpaisa PG Integration

DEVELOPERS GUIDE

Sabpaisa PG Integration

Document Version: 2.0

Feb 24, 2020

Sabpaisa
SRS Live Technologies Pvt Ltd
51, Sant Nagar, East of Kailash, New Delhi-110065
Email – support@sabpaisa.in

1. INTRODUCTION

Purpose of the document

Thank you for choosing SabPaisa! 

This document aims to help you quickly integrate SabPaisa PG into your existing application. The document contains a sample code to help you understand the flow of data from and to your application from SabPaisa. The document also contains a table specifying the information which your application should send to SabPaisa to correctly process any request. Sabpaisa will send a variety of response codes that your application may parse to be able to effectively communicate with the SabPaisa system. These error codes have been mentioned here along with their description.

2. PAYMENT FLOW

3. STATUS OF A TRANSACTION

Sr NoStatus CodeStatusDescription
10100INITIATEDThe transaction has been started but not completed.
20000SUCCESSPayment Collected
30300FAILUREThe transaction could not success
40200ABORTEDThe transaction aborted by the payer
50400CHALLAN_GENERATEDPayer chose, eCash/eNEFT and generated slip for payment
60600REFUND INITIATEDRefund request received & refund process initiated from SabPaisa end
70700REFUNDEDMoney refunded to the payer
80800SETTLEDSettlement done for that transaction

AVAILABLE PAYMENT MODES

ModePayment MethodsTypeAvailability
OnlineDebit CardVisa / Master / RupayYes
OnlineCredit CardVisa / Master / RupayYes
OnlineNet BankingYes
OnlineUPIAmazon Pay / OLA MoneyYes
OnlineWalletAmazon Pay / OLA MoneyYes
OnlineBharatQRYes
OfflineeCashYes
OfflineeNEFTYes

SYSTEM DEPENDENCIES:

PHPMcrypt Module/Open SSLTLS V 1.2 or above
Dot NetLatest Dot Net FrameworkTLS V 1.2 or above
JavaJava Version 8TLS V 1.2 or above

SABPAISA DEPENDENCIES:

PlatformDependency File
PHPAuthentication.php
Dot NetEncryptionDecryption.cs
Javacommons-codec-1.10.jar & sabpaisaAuthentication.jar

TECHNICAL INTEGRATION

UAT Test Environment: 

Post Url – https://uatsp.sabpaisa.in/SabPaisa/sabPaisaInit

Test Credentials: The test credentials required for integration would be provided by SabPaisa. 

Test Card Name: any name 

Test Card Number: 5123456789012346

Test CVV: 123 

Test Expiry: Any valid month and year.

 

Note:

The credentials for UAT Environment are different and should be used only with test server.

The purpose of the test server & credentials is to enable you to integrate and do test transaction. It cannot be used for actual transactions from your website. 

In UAT/Test Environment, you would not be able to make transaction on following modes

  1. UPI
  2. BharatQR
  3. Wallet

 

Production server:

Post Url – https://securepay.sabpaisa.in/SabPaisa/sabPaisaInit

Integration Steps

Payment Request Parameters

Sr NoParam NameDescriptionProvided byMandatoryMax Length
1prodCodeMerchantNo10
2clientNameClient Code to uniquely identify the merchantSabPaisaYes8
3usernUser NameSabPaisaYesN/A
4passPasswordSabPaisaYesN/A
5txnIdUnique txn id preferrably prefixed with First four letters of clientNameMerchantYes25
6amtPayment Amount Type casted in doubleMerchantYes9
7authKeyAuthentication KeySabPaisaYesN/A
8authIVAuthentication IVSabPaisaYesN/A
9ruSuccess URLMerchantYes255
10failureURLFailure URLMerchantYes255
11firstNamePayer's First Name without (only alphabets a-z are allowed)MerchantYes40
12lstNamePayer's First Name (only alphabets a-z are allowed)MerchantYes40
13emailPayer's Email ID (only Alphanumeric and @ are allowed)MerchantYes40
14addPayer's AddressMerchantNo50
15contactNo(only numeric values are allowed)MerchantYes16
16programIdPayment process identifierMerchantNo16
17param1-param4Extra ParameterMerchantNo255
18udf1-udf20User defined fieldMerchantNo255
19channelIdPass - 'm' for Payment request from Mobile Device. If left blank it would consider Web requestMerchantNo1
20grNumberExtraMerchantNo10

Allowed characters for add, param1-param4, udf1-udf16

  1. Characters: A to Z, a to z, 0 to 9
  2. – (Minus)
  3. _ (Underscore)
  4. @ (At the Rate)
  5. / (Slash)
  6. (Space)
  7.  (Dot)

Response From Sabpaisa

ParametersDescriptionPossible Value
pgRespCodePG Response Code (O)0200
PGTxnNoPG Txn ID (O)null
SabPaisaTxId18 digit unique Transaction ID generated by Sabpaisa (M)707442602200978923
issuerRefNoRef Number (O)null
authIdCodeAuth Code (O)0
amountTotal Deducted Amount with Txn Charges (M)1025.0
clientTxnIdUnique Txn Id of the Merchant for each payment request (M)TESTING260220090147748param4Extra Parameter (O)NA
firstNamePayer First NameAnkurprogramIdOptionalABN
lastNamePayer Last NameYadav
payModePayment Mode Selected by Payer for TxnCreditCard
emailPayer's Mail IDname@example.com
mobileNoPayer's Mobile No9XX6XXXXX2
spRespCodeSabPaisa Response Code (M)0200challanNoUnique challan No, in case Payer opted for eCash or eNEFTnull
cidNot in UseNA
bidNot in UseNA
clientCodeClient Code provided by SabPaisaABNTP
payeeProfileNot in UseNA
transDateTxn Completed Time Stamp2020-02-26 21:01:51.0&
spRespStatusNamed statusABORTED
m3Not in UseNA
spRespCodeSabPaisa Response Code (M)0200challanNoUnique challan No, in case Payer opted for eCash or eNEFTnull
reMsgResponse Message by SabPaisaYour Transaction isCancelled
orgTxnAmountOriginal Txn Amount without Txn Charges10.0
firstNamePayer First NameAnkurprogramIdOptionalABN
midNamePayer's Middle Name (O)NA
AddPayers Address (O)NA
param1Extra Parameter (O)NA
param2Extra Parameter (O)NA
param3Extra Parameter (O)NA
clientTxnIdUnique Txn Id of the Merchant for each payment request (M)TESTING260220090147748param4Extra Parameter (O)NA
udf5User Defined Value Passed in Payment Request (O)NA
udf6User Defined Value Passed in Payment Request (O)NA
udf7User Defined Value Passed in Payment Request (O)NA
udf8User Defined Value Passed in Payment Request (O)NA
udf9User Defined Value Passed in Payment Request (O)null
udf10User Defined Value Passed in Payment Request (O)nulludf16User Defined Value Passed in Payment Request (O)null
udf11User Defined Value Passed in Payment Request (O)null
udf12User Defined Value Passed in Payment Request (O)null
udf13User Defined Value Passed in Payment Request (O)null
udf14User Defined Value Passed in Payment Request (O)null
udf15User Defined Value Passed in Payment Request (O)null
udf10User Defined Value Passed in Payment Request (O)nulludf16User Defined Value Passed in Payment Request (O)null
udf17User Defined Value Passed in Payment Request (O)null
udf18User Defined Value Passed in Payment Request (O)null
udf19User Defined Value Passed in Payment Request (O)null
udf20User Defined Value Passed in Payment Request (O)null

Sample Code for Sending Payment Request to SabPaisa

The following is a sample code to send a request to SabPaisa.

$ spURL = null;

$spDomain = “”; //URL provided by SabPaisa (Mandatory)

$username = “”; //Username provided by Sabpaisa (Mandatory)

$password = “”; //Password provided by Sabpaisa (Mandatory)

$txnId = “”; //Transaction ID (Mandatory)

$clientCode = “”;           //Provided by Sabpaisa (Mandatory)

$authKey = “”;           //Authentication Key Provided By Sabpaisa 

$authIV = “”;           //Authentication IV Provided by Sabpaisa 

$txnAmt = “”;           //Transaction Amount (Mandatory)

$URLsuccess = “”;                     //Return URL upon successful transaction (Optional)

$URLfailure = “”; //Return URL upon failed Transaction (Optional)

$payerFirstName = “”; //Payer’s First Name (Optional)

$payerLastName = “”; //Payer’s Last Name (Optional)

$payerContact = “”; //Payer’s Contact Number (Mandatory)

$payerEmail = “”;           //Payer’s Email Address (Mandatory)

$payerAddress = “”; //Payer’s Address (Optional)

$spURL=”?clientName=”.$clientCode.“&usern=”.$username.“&pass=”.$password.“&amt=”.$txnAmt.“&txnId=”.$txnId.“&firstName=”.$payerFirstName.“&lstName=”.$payerLastName.“&contactNo=”.$payerContact.“&Email=”.$payerEmail.“&Add=”.$payerAddress.“&ru=”.$URLsuccess.“&failureURL=”.$URLfailure;

Note: Import Authentication.php class in your working class and then use the method “encrypt ()” and “decrypt ()” for data encryption and decryption respectively.

$EncryptDecrypt = new EncryptDecrypt();

$spURL = $EncryptDecrypt -> encrypt($spURL,$authIV,$authKey);

$spURL = str_replace(“+”, “%2B”,$spURL);

$spURL=”?query=”.$spURL.”&clientName=”.$clientCode;

$spURL = $spDomain.$spURL;

Redirect $spURL parameter to reach Payment Option through SabPaisa.

Sample Code for Parsing SabPaisa Response:

Following sample code is used to receive and parse the response from Sabpaisa.

$query=$_REQUEST[‘query’];

$authKey=<< retrieve from your configurations>>;

$authIV=<< retrieve from your configurations>>; 

$decText = null;

$EncryptDecrypt = new EncryptDecrypt();

$ decText = $EncryptDecrypt -> decrypt ($query,$authIV,$authKey);

The following is a sample code to send a request to Sabpaisa. 

String spURL = null;  

String spDomain = “”;  

//URL provided by SabPaisa (Mandatory) 

String username = “”;  

//Username provided by Sabpaisa (Mandatory) 

String password = “”;  

//Password provided by Sabpaisa (Mandatory) 

String txnId = “”;  

//Transaction ID (Mandatory) 

String clientCode = “”;  

//Client Code Provided by Sabpaisa (Mandatory) 

String authKey = “”;   

//Authentication Key Provided By Sabpaisa  

String authIV = “”;  

//Authentication IV Provided by Sabpaisa  

String txnAmt = “”;  

//Transaction Amount (Mandatory) 

String URLsuccess = “”;  

//Return URL upon successful transaction (Optional) 

String URLfailure = “”;  

//Return URL upon failed Transaction (Optional) 

String payerFirstName = “”;  

//Payer’s First Name (Optional) 

String payerLastName = “”;  

//Payer’s Last Name (Optional) 

String payerContact = “”;  

//Payer’s Contact Number (Optional) 

String payerEmail = “”;  

//Payer’s Email Address (Optional) 

String payerAddress = “”;  

//Payer’s Address (Optional) 

boolean auth = false;    

//Set this bit if authentication is enabled 

 spURL = “?clientName=” + clientCode + “&usern=” + username + “&pass=” + password + “&amt=”txnAmt + “&txnId=” + txnId + “&firstName=” + payerFirstName + “&lstName=” + payerLastName “&contactNo=” + payerContact + “&Email=” + payerEmail + “&Add=” + payerAddress + “&ru=” + URLsuccess + “&failureURL=” + URLfailure;  

 spURL = Encryptor.encrypt(query, authIV, authKey); spURL = spURL.Replace(“+”,”%2B”);  spURL=“?query=”+spURL+”&clientName=”+clientCode; spURL= spDomain+spURL; 

Response.Redirect(spURL); 

Sample Code for Parsing SabPaisa Response:

String query=Request[“query”]; query = query.Replace(“%2B”, “+”); 

String authKey=<< retrieve from your configurations>>; 

String authIV=<< retrieve from your configurations>>; String decText = null; 

decText = SabPaisa1.decrypt1(query, authIV, authKey); 

Dictionary<string, string> queryDictonary = new Dictionary<string, string> ();

queryDictonary= AdmissionDeskWebUI.EncryptionDecryption. quearyParser(decText);

After that you can get out parameters from Dictionary and get their value, for example like following:

foreach (KeyValuePair<string, string> pair in queryDictonary)

{

Console.WriteLine(pair.Key.ToString ()+ ”  – ” + pair.Value.ToString () );

}

HttpServletResponse response = null; //Initialize your ServletResponse Object Here 

String spURL = null;

String spDomain = “”; //URL provided by SabPaisa (Mandatory)

String username = “”; //Username provided by Sabpaisa (Mandatory)

String password = “”; //Password provided by Sabpaisa (Mandatory)

String txnId = “”; //Transaction ID (Mandatory)

String clientCode = “”; //Client Code Provided by Sabpaisa (Mandatory)

String authKey = “”; //Authentication Key Provided By Sabpaisa 

String authIV = “”; //Authentication IV Provided by Sabpaisa 

String txnAmt = “”; //Transaction Amount (Mandatory)

String URLsuccess = “”; //Return URL upon successful transaction (Optional)

String URLfailure = “”; //Return URL upon failed Transaction (Optional)

String payerFirstName = “”; //Payer’s First Name (Optional)

String payerLastName = “”; //Payer’s Last Name (Optional)

String payerContact = “”; //Payer’s Contact Number (Optional)

String payerEmail = “”; //Payer’s Email Address (Optional)

String payerAddress = “”; //Payer’s Address (Optional)

boolean auth = false; //Set this bit if authentication is enabled

spURL = “?clientName=” + clientCode + “&usern=” + username + “&pass=” + password + “&amt=”txnAmt + “&txnId=” + txnId + “&firstName=” + payerFirstName + “&lstName=” + payerLastName “&contactNo=” + payerContact + “&Email=” + payerEmail + “&Add=” + payerAddress + “&ru=” + URLsuccess + “&failureURL=” + URLfailure; 

spURL = Encryptor.encrypt(authKey, authIV,spURL);

spURL = spURL.Replace(“\\+”,”%2B”); 

spURL=“?query=”+spURL+”&clientName=”+clientCode;

spURL= spDomain+spURL;

response.sendRedirect(spURL);

Sample Code for Parsing SabPaisa Response:

String query=request.getParameter(“query”);

String authKey= << retrieve from your configurations>>;

String authIV= << retrieve from your configurations>>;

String decText = null;

decText = Encryptor.decrypt(authKey, authIV, query);

—————————————————————————————

Sample Response

If your ‘ru’ & ‘failureURL’ was https://www.example.com then the user will be redirected to something like: 

https://example.com/ReturnPage.jsp?query=X6cexw9gkDhQnLnnNYPdV/clX%2BGfJ1NqdJ0%2BCZTZrpgtZrsU3yl1d4F3xzwHYYDY02WDAe2rmpiSVELTJx9VT16dAzQZccgTvYO72y1qc8K%2BAGxYv8tS9YCitm8KCzKdk%2BxDyh1TsS7%h33H0YLgBciJgbvazRGAsUwYxirzfr1vM7C60qZFruOIR4kb9oRY6MY9v5TaX7SRuQ==&clientCode=XXXXX

Now using the ‘txnId’ you can query our gateway to get the details related to the Payment Request.

Response Processing: 

The Merchant has to decrypt the value and parse it in order to save the transaction data and status to its application

1. SabPaisa Check Out Page

2. Payment Verification

This API is provided to the SabPaisa clients to find out the details on any transaction made on SabPaisa.

It can be used for general inquiry on a transaction to obtain details on it or in cases when the client system is not being in synchronization with SabPaisa PG.

In cases of Offline transactions, using this inquiry is highly recommended.

Clients can write schedulers to run repeat inquiries, but are advised against executing multiple concurrent requests on SabPaisa using this API.

Client requests will be stored and monitored.

Request Format :

ParametersDescription
URLUrl to which the request is to be sent.
Client Txn IdUnique transaction ID sent by the client when the transaction was initiated.
Client CodeThe code set by sabpaisa for that particular client to which this clientTxnId belongs.For ex: AD-40
Verification URL 

https://verificationurl/SPTxtnEnquiry/TransactionEnquiryServlet?clientXtnId=XXXXXXX&clientCode=XXXXXXX

Response Format:

The SabPaisa Response will carry an xml element with multiple attributes and their values to be read by the client.

Debit Card

<transaction clientTxnId=TESTING240220071450881” txnId=716922402200730399″ payeeAmount=10” sabPaisaRespCode=0200” status=ABORTED” transCompleteDate=2020-02-24 19:15:25.0” paymentMode=Net Banking/>

Credit Card

<transaction clientTxnId=TESTING240220071450881” txnId=716922402200730399″ payeeAmount=10” sabPaisaRespCode=0200 status=ABORTED” transCompleteDate=2020-02-24 19:15:25.0” paymentMode=Net Banking/>

Net Banking

<transaction clientTxnId=TESTING240220071450881” txnId=716922402200730399″ payeeAmount=10” sabPaisaRespCode=0200” status=ABORTED” transCompleteDate=2020-02-24 19:15:25.0 paymentMode=Net Banking/>

3. REFUND PROCESS

How to initiate refund

You can initiate refund for payments received from the payer in either ways

  1. Merchant Dash Board or 
  2. Through Refunds API – Contact Integration Team For API

SabPaisa will initiate the refund on the next working day once initiated by the Merchant. The refund process completion takes time as per the given below table.

Time/Pay ModeCredit/Debit CardsNet BankingWalletUPICash/NEFT
Min. Refund Time5 Days2 Days2 Days2 DaysNot Available
Max. Refund Time10 Days10 Days3 Days7 DaysNot Available

 

Conditions for Refunds: 

  • You can initiate refunds only on those payments that are in success status. 
  • Refund are done via the same mode used by the Payer. 
  • The transaction fee and GST charged on successful transactions will not be reversed in the case of refunds.

Refund Process Flow

  1. The merchant will initiate the refund request through API or Merchant Dashboard for success transaction.
  2. On receipt of refund request, SabPaisa would initiate the refund request with the Bank
  3. Bank would process the refund request and update SabPaisa
  4. SabPaisa will accordingly update its system
  5. Merchant will run payment verification/Txn enquiry API and update its system.

5. SETTLEMENT PROCESS

Settlement is the process by which the money gets transferred from SabPaisa Account to merchant’s bank account. Generally, it is done within a T+2 settlement scheme where T is the date of successful transaction.

There is a reconciliation process at SabPaisa. On the next day, after the transactions happened, SabPaisa will reconcile online transactions with the credits received based on recon files received from the banks. After reconciling, we will generate a report and payment will be made for all the transactions for which payment has been received from the bank. All the details will be visible to you in the online interface.

ADDITIONAL FEATURES/FAQs
Webhooks:

Due to some technical reasons, certain transactions are updated later or in case the merchant to SabPaisa communication is got disconnected in the course of transaction update in real-time, We provide Webhook.

SabPaisa Webhooks are real-time transaction notifications that updates you whenever a successful transaction occurs in our system.

In order to keep the merchant updated its transactions, SabPaisa can optionally initiate a server-side call to your server. This server-side call is implemented as a standard POST request. 

The Webhook and response (ru/failureURL) URLs can be different and you can use both the features independently.

For response redirect, only a URL has to be specified in regular payment requests, while webhook feature needs some integration for the merchant after specifying the Webhook URL

It has to be noted that a webhook is not a redirect. The payer browser will never process it. Its a communication between SabPaisa PG servers & your servers

Webhooks Prerequisites

  1. By default, a webhook is sent only on successful payments, but can be enabledfor failures too.
  1. A webhook URL should be an internet facing publicly accessible URL on your server, which accepts a POST request from sabpaisa.in domain and subdomain. 
  2. CSRF checks should be disabled and if the server is hosted over HTTPS, the SSL certificate should be valid and not expired. 
  3. The URL should not have any kind of authentication

Webhook Response Parameters

In the server to server webhook call, following parameters would be sent by sabpaisa to Merchant

Parameter nameDescription
clientTxnIdTransaction ID to uniquely identify a particular txn
txnIdSabPaisa Txn ID, Provided by SabPaisa against each Client Txn Id
payeeAmountTxn Amount
sabPaisaRespCodeResponse Code given against each txn request
StatusResponse Msg given against each txn request
transCompleteDateTxn Completion time stamp
paymentModeMode of the payment like – Credit card/Debit Card/Netbanking/Challan/NEFT/UPI/BharatQR
param1Any Extra Parameter passed by Merchant
param2Any Extra Parameter passed by Merchant
param3Any Extra Parameter passed by Merchant

 

  • How can I stop double payment?

            If you want to restrict accidental double payment, you can do it by following means

  • Merchant would pass its unique identifier in the parameter – ‘grNumber’ for which the double payment has to be restricted 
  • SabPaisa PG would store the value of the parameter 
  • Would check the value of this parameter every time a payment request reaches to it, then it matches the associated transaction status.
  • If the transaction status is in success status, then it would show a relevant message and would not allow the payer to make payment else it would process the payment.
  • SabPaisa PG would redirect the payer to Merchant Site 
  • Payment deducted but not updated
  • Transaction Status Check Link :  Merchant can put this link on its payment site so that the payer can get the current status of their payment in case the transaction notification not received due to any reason.

            Connect with Integration Team for Txn Status Link.

Scroll to Top