Step 1: Create an Order from your Server🔗

The following is a sample API request and response for creating an order:

 Curl Java Python PHP .NET Ruby Node.JS Response
Copycurl  -X POST https://api.razorpay.com/v1/orders
-u <YOUR_KEY_ID>:<YOUR_SECRET>
-H 'content-type:application/json'
-d '{
    "amount": 50000,
    "currency": "INR",
    "receipt": "rcptid_11"
}'
Copytry {
  JSONObject orderRequest = new JSONObject();
  orderRequest.put("amount", 50000); // amount in the smallest currency unit
  orderRequest.put("currency", "INR");
  orderRequest.put("receipt", "order_rcptid_11");

  Order order = razorpay.Orders.create(orderRequest);
} catch (RazorpayException e) {
  // Handle Exception
  System.out.println(e.getMessage());
}
Copyimport razorpay
client = razorpay.Client(auth=("api_key", "api_secret"))

DATA = {
    "amount": 100,
    "currency": "INR",
    "receipt": "receipt#1",
    "notes": {
        "key1": "value3",
        "key2": "value2"
    }
}
client.order.create(data=DATA)
Copy$api->order->create(array('receipt' => '123', 'amount' => 100, 'currency' => 'INR', 'notes'=> array('key1'=> 'value3','key2'=> 'value2')));
CopyDictionary<string, object> options = new Dictionary<string,object>();
options.Add("amount", 50000); // amount in the smallest currency unit
options.add("receipt", "order_rcptid_11");
options.add("currency", "INR");
Order order = client.Order.Create(options);
Copyoptions = amount: 50000, currency: 'INR', receipt: '<order_rcptid_11>'
order = Razorpay::Order.create
Copyinstance.orders.create({
  amount: 50000,
  currency: "INR",
  receipt: "receipt#1",
  notes: {
    key1: "value3",
    key2: "value2"
  }
})
Copy{
    "id": "order_DBJOWzybf0sJbb",
    "entity": "order",
    "amount": 50000,
    "amount_paid": 0,
    "amount_due": 50000,
    "currency": "INR",
    "receipt": "rcptid_11",
    "status": "created",
    "attempts": 0,
    "notes": [],
    "created_at": 1566986570
}

Request Parameters

Here is the list of parameters for creating an order:

amount mandatory

integer The transaction amount, expressed in the currency subunit, such as paise (in case of INR). For example, for an actual amount of ₹299.35, the value of this field should be 29935.

currency mandatory

string The currency in which the transaction should be made. See the list of supported currencies. Length must be of 3 characters.

receipt optional

string Your receipt id for this order should be passed here. Maximum length 40 characters.

notes optional

json object Key-value pair that can be used to store additional information about the entity. Maximum 15 key-value pairs, 256 characters (maximum) each. For example, "note_key": "Beam me up Scotty”.

partial_payment optional

boolean Indicates whether the customer can make a partial payment. Possible values:

• true: The customer can make partial payments.
• false (default): The customer cannot make partial payments.

Step 2: Pass Payment Options to Hosted Checkout🔗

The Checkout options are sent as form-data to the following URL in a POST request.

The sample code is given below:

 Hosted Checkout
Copy<form method="POST" action="https://api.razorpay.com/v1/checkout/embedded">
  <input type="hidden" name="key_id" value="YOUR_KEY_ID">
  <input type="hidden" name="amount" value=1001>
  <input type="hidden" name="order_id" value="razorpay_order_id">
  <input type="hidden" name="name" value="Acme Corp">
  <input type="hidden" name="description" value="A Wild Sheep Chase">
  <input type="hidden" name="image" value="https://cdn.razorpay.com/logos/BUVwvgaqVByGp2_large.png">
  <input type="hidden" name="prefill[name]" value="Gaurav Kumar">
  <input type="hidden" name="prefill[contact]" value="9123456780">
  <input type="hidden" name="prefill[email]" value="gaurav.kumar@example.com">
  <input type="hidden" name="notes[shipping address]" value="L-16, The Business Centre, 61 Wellfield Road, New Delhi - 110001">
  <input type="hidden" name="callback_url" value="https://example.com/payment-callback">
  <input type="hidden" name="cancel_url" value="https://example.com/payment-cancel">
  <button>Submit</button>
</form>

Read more: List of checkout options available.

• For every successful payment, razorpay_payment_id, razorpay_order_id and razorpay_signature are submitted via a POST request to the callback_url passed in payment options.
• If your customer cancels the transaction or clicks the back button, they are redirected to the cancel_url via a GET request.
• If the payment fails, a POST request is made to the callback_url, with the error fields as payload.

Read more: List of checkout options available.

Step 3: Store Fields in your Server🔗

A successful payment returns the following fields to the Checkout Form.

• You need to store these fields on your server.
• You can confirm the authenticity of these details by verifying the signature in the next step.

 Success Callback
Copy{
  "razorpay_payment_id": "pay_29QQoUBi66xm2f",
  "razorpay_order_id": "order_9A33XWu170gUtm",
  "razorpay_signature": "9ef4dffbfd84f1318f6739a3ce19f9d85851857ae648f114332d8401e0949a3d"
}

razorpay_payment_id

string Unique identifier for the payment returned by Checkout only for successful payments.

razorpay_order_id

string Unique identifier for the order returned by Checkout.

razorpay_signature

string Signature returned by the Checkout. This is used to verify the payment.

Step 4: Verify the Signature🔗

This is a mandatory step to confirm the authenticity of the details returned to the Checkout form for successful payments.

To verify the razorpay_signature returned to you by the Checkout form:

1. Create a signature in your server using the following attributes:

   • order_id: Retrieve the order_id from your server. Do not use the razorpay_order_id returned by Checkout.
   • razorpay_payment_id: Returned by Checkout.
   • key_secret: Available in your server.
     The key_secret that was generated from the Razorpay Dashboard.

2. Use the SHA256 algorithm, the razorpay_payment_id and the order_id to construct a HMAC hex digest as shown below:

   Copygenerated_signature = hmac_sha256(order_id + "|" + razorpay_payment_id, secret);
   
     if (generated_signature == razorpay_signature) {
       payment is successful
     }
   

3. If the signature you generate on your server matches the razorpay_signature returned to you by the Checkout form, the payment received is from an authentic source.

Generate Signature on Your Server🔗

The links to the Razorpay SDKs for the supported platforms are given below:

 Java PHP Ruby Python .NET
Copy/**
* This class defines common routines for generating
* authentication signatures for Razorpay Webhook requests.
*/
public class Signature
{
    private static final String HMAC_SHA256_ALGORITHM = "HmacSHA256";
    /**
    * Computes RFC 2104-compliant HMAC signature.
    * * @param data
    * The data to be signed.
    * @param key
    * The signing key.
    * @return
    * The Base64-encoded RFC 2104-compliant HMAC signature.
    * @throws
    * java.security.SignatureException when signature generation fails
    */
    public static String calculateRFC2104HMAC(String data, String secret)
    throws java.security.SignatureException
    {
        String result;
        try {

            // get an hmac_sha256 key from the raw secret bytes
            SecretKeySpec signingKey = new SecretKeySpec(secret.getBytes(), HMAC_SHA256_ALGORITHM);

            // get an hmac_sha256 Mac instance and initialize with the signing key
            Mac mac = Mac.getInstance(HMAC_SHA256_ALGORITHM);
            mac.init(signingKey);

            // compute the hmac on input data bytes
            byte[] rawHmac = mac.doFinal(data.getBytes());

            // base64-encode the hmac
            result = DatatypeConverter.printHexBinary(rawHmac).toLowerCase();

        } catch (Exception e) {
            throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
        }
        return result;
    }
}
Copyuse Razorpay\Api\Api;
$api = new Api($key_id, $key_secret);
$attributes  = array('razorpay_signature'  => '23233',  'razorpay_payment_id'  => '332' ,  'razorpay_order_id' => '12122');
$order  = $api->utility->verifyPaymentSignature($attributes)
Copyrequire 'razorpay'
Razorpay.setup('key_id', 'key_secret')
payment_response = {
  'razorpay_order_id': '12122',
  'razorpay_payment_id': '332',
  'razorpay_signature': '23233'
}

Razorpay::Utility.verify_payment_signature(payment_response)
Copyimport razorpay

client = razorpay.Client(auth = ('[key_id]', '[key_secret]'))
params_dict = {
    'razorpay_order_id': '12122',
    'razorpay_payment_id': '332',
    'razorpay_signature': '23233'
}
client.utility.verify_payment_signature(params_dict)
Copy Dictionary<string, string> attributes = new Dictionary<string, string>();

            attributes.Add("razorpay_payment_id", paymentId);
            attributes.Add("razorpay_order_id", Request.Form["razorpay_order_id"]);
            attributes.Add("razorpay_signature", Request.Form["razorpay_signature"]);

            Utils.verifyPaymentSignature(attributes);

Post Signature Verification🔗

After verifying the signature, fetch the order in your system that corresponds to the razorpay_order_id in your database. Mark it as successful and process the order.

Netbanking🔗

You can select any of the listed banks. After choosing a bank, Razorpay will redirect to a mock page where you can make the payment a success or a failure. Since it is the test mode, we will not redirect you to the bank login portals.

UPI🔗

You can enter one of the following UPI IDs:

• success@razorpay: To make the payment successful.
• failure@razorpay: To fail the payment.

Wallet🔗

You can select any of the listed wallets. After choosing a wallet, Razorpay will redirect to a mock page where you can make the payment a success or a failure. Since it is the test mode, we will not redirect you to the wallet login portals.

Cards🔗

You can use one of the test cards to make transactions in the test mode. Use any valid expiration date in the future and any random CVV to create a successful payment.