PHP Integration

Document

WWW.SABPAISA.IN
 Dummy card/UPI Details

Dummy Card Credentials

Type Card Details

CARD NUMBER - 4029484589897107

Debit Card EXPIRY TIME - 12/30

CVV - 234

CARD NUMBER - 4000020000000000

CREDIT CARD EXPIRY TIME - 12/30

CVV - 234

CARD NUMBER - 6521217731960214

Debit Card EXPIRY TIME - 12/35

CVV - 234

UPI ID merchant@sabpaisa

Reference Code Download v5 Download v7

For Transaction Enquiry API Open

Open
Integration Guidelines Document

Staging URL https://stage-securepay.sabpaisa.in/SabPaisa/sabPaisaInit?v=1

Live URL https://securepay.sabpaisa.in/SabPaisa/sabPaisaInit?v=1

 PHP - Server Integration - SabPaisa

INTRODUCTION

This document is to provide the overview of the Payment Gateway integration provided by
SabPaisa. The document contains required information for SabPaisa PG integration to
setup/integrate the PG platform.

BENEFIT OF APPROACH

This document aims to provide help to quickly integrate SabPaisa PG into the existing
application. The document contains a sample code to help the developer understand the flow of
data from merchant’s application to SabPaisa and the other way round. It also contains a table
specifying the information which should be sent by merchant’s application in the form of
parameters to SabPaisa so that the any request can be processed correctly. SabPaisa will send
numerous response codes to merchant’s application which would be parsed to effectively
communicate with the SabPaisa system. These error codes have also been mentioned along
with their description.

PRE-REQUISITE STEPS FOR INTEGRATION

Merchant needs to set-up the language-based environment for the integration in his system.
The required documentation or plugin along with UAT credentials are to be shared with the
Merchant team from SabPaisa.
The merchant needs the flag for Seamless to be enabled from SabPaisa backend team.

PROCESS FLOW

The payer on merchant’s platform enters Mandatory details in the available form.
The payer then proceeds for making payment with the amount to be paid.
Here, the merchant application sends the request containing payer details along with unique
Transaction Id to SabPaisa
The payer selects appropriate payment mode and proceeds further to make the payment.
If all the required verification details (like OTP, Card Details, UPI Pin, Net Banking ID and Password,
etc.) entered correctly then payer’s account is debited with the transaction amount.
1. When the transaction is complete, the SabPaisa PG will be redirected to merchant’s platform
with SabPaisa Response Code.
2. The merchant’s platform update its system with SabPaisa Response Code accordingly.
Note - Integration wise technical details and steps has mentioned in below document.
Kindly refer and follow the same.
ENDPOINT URLs

Environment Base URL

Test https://stage-securepay.sabpaisa.in/SabPaisa/sabPaisaInit?v=1

Production https://securepay.sabpaisa.in/SabPaisa/sabPaisaInit?v=1

Latest
Version 1.0, 10th Aug, 2022
Version

SENDING REQUEST TO SABPAISA

SabPaisa will authenticate the client’s identity by the Client Code.

The communication between the client application and SabPaisa will take place via
Hypertext Transfer Protocol (http).
The communication will be initiated by the client by generating a POST method request to
SabPaisa URL.
Please refer the table below for the various parameters which should be sent in the Client
request and identified by SabPaisa.
The URL which should be used to send the request to SabPaisa is mentioned in the
Endpoints table.
The URLs and credentials will be separate for the test environment and live environment.
The merchant should complete the UAT testing successfull
 TABLE OF PARAMETERS TO BE USED IN REQUEST

Parameter Mandatory
SR Parameter Name Length Description
Type / Optional

1 payerName Alphabet Mandatory 100 Name of Payee

2 payerEmail Alphabet Mandatory 100 Email of Payee

Mobile number of the

3 payerMobile Numeric Mandatory 20
payee

Transaction Id
4 clientTxnId AlphaNumeric Mandatory 100
generated by Client

5 payerAddress AlphaNumeric Optional 255 Address of the payee

Amount entered by
6 amount Numeric Mandatory 10
the Payee

7 clientCode Alphabet Mandatory 5 Client Code

Username shared by
8 transUserName AlphaNumeric Mandatory 50
SabPaisa

Password shared by
9 transUserPassword AlphaNumeric Mandatory 50
SabPaisa

URL to get the

10 callbackUrl AlphaNumeric Mandatory 255 response form
SabPaisa

Currency type of
11 amountType Alphabet Optional 3
amount - INR, USD

12 udf1 AlphaNumeric Optional 255 User Defined Field

13 udf2 Alphanumeric Optional 255 User Defined field

14 udf3 Alphanumeric Optional 255 User Defined field

15 udf4 Alphanumeric Optional 255 User Defined field

16 udf5 Alphanumeric Optional 255 User Defined field

17 udf6 Alphanumeric Optional 255 User Defined field

18 udf7 Alphanumeric Optional 255 User Defined field

19 udf8 Alphanumeric Optional 255 User Defined field

20 udf9 Alphanumeric Optional 255 User Defined field

21 udf10 Alphanumeric Optional 255 User Defined field

22 udf11 Alphanumeric Optional 255 User Defined field

23 udf12 Alphanumeric Optional 255 User Defined field

24 udf13 Alphanumeric Optional 255 User Defined field

25 udf14 Alphanumeric Optional 255 User Defined field

26 udf15 Alphanumeric Optional 255 User Defined field

27 udf16 Alphanumeric Optional 255 User Defined field

28 udf17 Alphanumeric Optional 255 User Defined field

29 udf18 Alphanumeric Optional 255 User Defined field

30 udf19 Alphanumeric Optional 255 User Defined field

31 udf20 Alphanumeric Optional 255 User Defined field

for web, use "W" and

32 channelld Alphabet Mandatory 1
for mobile, use "M"

33 programId Alphanumeric Optional 255 Master Client Code

Merchant Category
34 mcc Numeric Mandatory 20
Code

35 transDate Numeric Mandatory 255 Date of Transaction

RECEIVING RESPONSE FROM SABPAISA

When the transaction is completed, the merchant’s application will receive a response from SabPaisa on the
configured URLs which will be shared by merchant team to SabPaisa.

The response will be based on the result of the transaction. The parameters coming in SabPaisa response
are shown in the table below.

TABLE OF PARAMETERS COMING IN RESPONSE

Mandatory
SR Parameter Name Parameter Type Length Description
/ Optional

1 payerName Alphabet Mandatory 100 Name of the payee

2 payerEmail AlphaNumeric Mandatory 100 Email of the payee

Mobile number of the

3 payerMobile Numeric Mandatory 20
payee
 Transaction Id
4 clientTxnld AlphaNumeric Mandatory 100
generated by Client

5 payerAddress AlphaNumeric Optional 255 Address of the payee

Amount of
6 amount Numeric Mandatory 10
transaction

7 clientCode Alphabet Mandatory 5 Client Code

8 paidAmount Numeric Mandatory 50 Total amount paid

9 paymentMode Alphabet Mandatory 50 Mode of the Payment

10 bankName Alphabet Mandatory 255 Name of Bank

Currency type of
11 amountType Alphabet Optional 3
amount - INR,USD

12 udf1 AlphaNumeric Optional 255 User Defined Field

13 udf2 AlphaNumeric Optional 255 User Defined Field

14 udf3 AlphaNumeric Optional 255 User Defined Field

15 udf4 AlphaNumeric Optional 255 User Defined Field

16 udf5 AlphaNumeric Optional 255 User Defined Field

17 udf6 AlphaNumeric Optional 255 User Defined Field

18 udf7 AlphaNumeric Optional 255 User Defined Field

19 udf8 AlphaNumeric Optional 255 User Defined Field

20 udf9 AlphaNumeric Optional 255 User Defined Field

21 udf10 AlphaNumeric Optional 255 User Defined Field

22 udf11 AlphaNumeric Optional 255 User Defined Field

23 udf12 AlphaNumeric Optional 255 User Defined Field

24 udf13 AlphaNumeric Optional 255 User Defined Field

25 udf14 AlphaNumeric Optional 255 User Defined Field

26 udf15 AlphaNumeric Optional 255 User Defined Field

27 udf16 AlphaNumeric Optional 255 User Defined Field

28 udf17 AlphaNumeric Optional 255 User Defined Field

29 udf18 AlphaNumeric Optional 255 User Defined Field

30 udf19 AlphaNumeric Optional 255 User Defined Field

31 udf20 AlphaNumeric Optional 255 User Defined Field

Mandator Status of the

32 status Alphabet 10
y transaction

Mandator
33 statusCode Numeric 10 Status Code
y

34 challanNumber AlphaNumeric Optional 255 Challan Number

Transaction Id
Mandator
35 sabPaisaTxnld Alphabet 18 generation at
y
SabPaisa
 Response Message
36 sabPaisaMessage AlphaNumeric Mandatory 255
from SabPaisa

Response Message
37 bankMessage AlphaNumeric Optional 255
from Bank

Error Code given by

38 bankErrorCode AlphaNumeric Mandatory 255
Bank

Error Code given by

39 sabPaisaErrorCode AlphaNumeric Optional 255
SabPaisa

Transaction Id
40 bankTxnld AlphaNumeric Optional 255
generated by bank

41 programld AlphaNumeric Optional 255 Master Client Code

Merchant Category
42 mcc Numeric Optional 20
Code

43 transDate Numeric Mandatory 255 Date of Transaction

PAYMENT STATUS CODES

Main Status Code Description Recommended Action

Update transaction as
0000 Success
successful.

0300 Failed Update transaction as failed

Update transaction as not

0100 Initiated/ Not Completed
completed.
 Other Status Code Description Recommended Action

0200 Aborted Update transaction as aborted.

Make a request using

0999 Unknown Response
transaction Enquiry.

Update Challan status as

generated and come back to
0400 (Challan-specific) CHALLAN_GENERATED
know if payment was made with
the challan.

Client transaction id not found in

404 TRANSACTION NOT FOUND SabPaisa, update transaction as
failed.

REQUEST FORMAT

Method - POST

The SabPaisa PG takes the data in the form and when the payee clicks submit button, the checkout page
opens up (This form can be customized by the merchant as per his requirements).

The request string should be the combination of encData and clientCode.

The request string should be passed in form data. The sample code for form data is given by:
<form th:action="@{ https://securepay.sabpaisa.in/SabPaisa/sabPaisaInit?v=1}" th:method="post">

<input type="hidden" name="encData" th:value="${encData}" id="frm1">

<input type="hidden" name="clientCode" th:value="${clientCode}" id="frm2">

<input type="submit" id="submitButton" name="submit">

<form>

Format for encData is given below:

Note - encData is the encrypted string made by concatenating all the parameters. The encryption - decryption logic
is mentioned below.
encData=4t1+Q1AZRSonkt440UFulH9fSrej7ddGfq34t7YEnQe58WRgmS4cyAJHtqSxkBt09R0JXB
FPznNp8zXWR77S5wNwJH7LGQHKosB+VC+lsDDLpozIgJwF3XYBXsGg15qIiwpwbPP8zShZAevLUpw
IKzY5QmILUkKXBN9NJuDuQv5fPDjPZDOxnXUnAxOYcqlOlpfB0AMoScXcZp4SSne6rq0HR5tb193A
kwZ8JNgre1tULhXUv/my8f4F4nvnXiIexf41rp2AC7Wjs/JuB4KDZ1sTsGMYX34xtAs2gDPzv9MA3
hCAgmVYD0KM6x+VjD/WtxiMBcBms5FgGz0q+GXvl6CI+2lyRWLbmqUzo3mOCuk=

The encData is the encrypted String of the request parameters and client code. The sample string for request
parameters is also mentioned below:

str = "payerName=" + payerName.trim() + "&payerEmail=" + payerEmail.trim() + "&payerMobile=" + payerMobile +

"&clientTxnId=" + clientTxnId.trim() + "&payerAddress=" + payerAddress.trim() + "&amount=" + amount +
"&clientCode=" + clientCode.trim() + "&transUserName=" + transUserName.trim() + "&transUserPassword=" +
transUserPassword.trim() + "&callbackUrl=" + callbackUrl.trim() + “&amountType=” +amountType.trim() +
“&+udf1=” +udf1.trim() + “&+udf2=” +udf2.trim() + “&+udf3=” +udf3.trim() + “&+udf4=” +udf4.trim() + “&+udf5=”
+udf5.trim() + “&+udf6=” + udf6.trim() + “&+udf7=” +udf7.trim() + “&+udf8=” +udf8.trim() + “&+udf9=” +udf9.trim() +
“&+udf10=” +udf10.trim() + “&+udf11=” +udf11.trim() + “&+udf12=” +udf12.trim() + “&+udf13=” + udf13.trim() +
“&+udf14=” +udf14.trim() + “&+udf15=” +udf15.trim() + “&+udf16=” + udf16.trim() + Payment Gateway Integration
Documentation SabPaisa Confidential Document 11 “&+udf17=” +udf17.trim() + “&+udf18=” +udf18.trim() +
“&+udf19=” + udf19.trim() + “&+udf20=” +udf20.trim() + “&+programId =” +programId.trim() + “&+mcc=” +
mcc.trim() + "&channelId=" + channelId.trim() + "&transDate=" + transDate;

NOTE - If the Mandatory parameters are not being passed in encData then, the PG will give the error:

―Missed Mandatory parameter null

NOTE - The clientTxnId should be generated using random function so that for every transaction, a unique
transaction id is generated, else the PG will give the error:

―Duplicate Client Transaction ID

CALLBACK RESPONSE FORMAT

Method - POST

Parameter – encResponse

Callback Response is the response which will be sent to the merchant platform from SabPaisa.

It will be sent to the URL which the merchant is passing in the request parameter i.e. callbackUrl as
mentioned in the Request Parameters Table.
ENCRYPTION – DECRYPTION FORMAT

encData = Encryptor.encrypt(authKey.trim(), authIV.trim(), spURL.trim()); //encryption format.

decText = Encryptor.decrypt(authKey, authIV, query); //decryption format.

arr = decText.split("&"); //stored the decrypted response in the array and split all the parameters by &
operator.

DEMO ENCRYPTED STRING – REQUEST

enencData: 9RqbDxxOic87ZOH8yKN2xCcUTt/Sf+VmMzdhzEtND7YRyRsV714JtzDxGbGrDnzVAORp4oITsFk
vFhJbqIG5lin+iZjoGSTCj0/xQRAciKBHGOVXAvkqgNk+a/OImj2bj89eSUohQPL116cFlEo40/DuIku
p+VUE0v1x8+VmMgKz2ljnE1J5iK+xc/AHU7DyDNV4lBBnDtfbpUDruM9td8rtVYpJBOn3YixdYPZK
0OGPC9EgRk55NqkCiJTJqFC83+8nx7T+BgJ7qznl/vx0tsoUlkc2necgL/+vQRmsddb21Nc9XdyXK JX7yQkBpTJ0

DEMO DECRYPTED STRING – REQUEST

enencData :: payerName=Ram
TEST&[email protected]&payerMobile=9999999999&clientTxnId=WLKKEYTJUDEJC
9NOB08A&amount=25&clientCode=DEMO1&transUserName=bhabesh.jha_2211&transUserPassword=
DEMO1_SP2211&callbackUrl=http://localhost:9094/pgresponse&channelId=W
SAMPLE RESPONSE

encResponse:: payerName=Ram TEST&payerEmail= [email protected]

&payerMobile=9999999999&clientTxnId=WLKKEYTJUDEJC9NOB08A&payerAddress=NA&amount=25.0&
clientCode=DEMO1&paidAmount=25.24&paymentMode=UPI&bankName=Hdfc&amountType=INR&stat
us=FAILED&statusCode=0300&challanNumber=null&SabPaisaTxnId=619881701231116175&SabPaisaM
essage=null&bankMessage=null&bankErrorCode=null&SabPaisaErrorCode=null&bankTxnId=null&transD
ate=Tue Jan 17 12:00:44 IST
2023&udf1=NA&udf2=NA&udf3=NA&udf4=NA&udf5=NA&udf6=NA&udf7=NA&udf8=NA&udf9=null&ud
f10=null&udf11=null&udf12=null&udf13=null&udf14=null&udf15=null&udf16=null&udf17=null&udf18=
null&udf19=null&udf20=null

SUPPORT ESCALATION MATRIX

The merchant can coordinate with their Account Manager for any issue they face during the integration of
PG. The Account Manager will connect the merchant team with support team.
The mail Id for PG support is [email protected] . The merchant can also drop the mail with
the Client Code and screenshot of the issue on this mail id and the support team will connect with the
merchant

Thank You!