Web Integration - Razorpay Standard Checkout

Integrate Razorpay Standard Checkout with your website to start accepting online payments from your customers. Razorpay supports a slew of payment methods such as netbanking, credit and debit cards, wallets and UPI. Our Standard Checkout library provides all the essential features for integrating Razorpay Checkout with the client-side of your application. This is available only for web-based integrations.

Integration Best Practices:
Learn about the best practices to follow while integrating Razorpay Standard Checkout on your website.

Note:
If your website is built on top of an ecommerce platform, such as WordPress or Shopify, please refer to Razorpay Ecommerce Plugins documentation.

Payments accepted from registered websites only:
You can accept payments only from those websites that you had registered with us at the time of signing up for an account. All payments received on the unregistered websites are failed by Razorpay. If you want to accept payments from multiple websites, contact our support team to register additional websites for your account.

Prerequisites#

Run the following checklist before you begin the integration:

Create a Razorpay Account
Generate API Keys
Check if view port meta tag is added in the tag of your webpage HTML code. If not, add the following line.
<meta name="viewport" content="width=device-width, initial-scale=1.0"> Note:
If this meta tag is not present, there will be overflow issues.

Integration Steps#

Create an Order from your Server.
Pass Order Id and Other Options to the Checkout.
Handle Payment Success and Failure.
Store Fields in your Server.
Verify the Signature.

Step 1: Create an Order from your Server#

Use the below endpoint to create an Order.

/orders

 cURL Java Python PHP .NET Ruby Node.JS Response
Copycurl  -X POST https://api.razorpay.com/v1/orders
-H 'content-type:application/json'
-d '{
    "amount": 50000,
    "currency": "INR",
    "receipt": "rcptid_11"
}'
Copytry {
  JSONObject orderRequest = new JSONObject();
  orderRequest.put("amount", 50000); // amount in the smallest currency unit
  orderRequest.put("currency", "INR");
  orderRequest.put("receipt", "order_rcptid_11");

  Order order = razorpay.Orders.create(orderRequest);
} catch (RazorpayException e) {
  // Handle Exception
  System.out.println(e.getMessage());
}
Copyorder_amount = 50000
order_currency = 'INR'
order_receipt = 'order_rcptid_11'
notes = {'Shipping address': 'Bommanahalli, Bangalore'}   # OPTIONAL

client.order.create(amount=order_amount, currency=order_currency, receipt=order_receipt, notes=notes)
Copy$order  = $client->order->create([
  'receipt'         => 'order_rcptid_11',
  'amount'          => 50000, // amount in the smallest currency unit
  'currency'        => 'INR',// <a href="/docs/payment-gateway/payments/international-payments/#supported-currencies" target="_blank">See the list of supported currencies</a>.)
]);
CopyDictionary<string, object> options = new Dictionary<string,object>();
options.Add("amount", 50000); // amount in the smallest currency unit
options.add("receipt", "order_rcptid_11");
options.add("currency", "INR");
Order order = client.Order.Create(options);
Copyoptions = amount: 50000, currency: 'INR', receipt: '<order_rcptid_11>',
order = Razorpay::Order.create
Copyvar options = {
  amount: 50000,  // amount in the smallest currency unit
  currency: "INR",
  receipt: "order_rcptid_11"
};
instance.orders.create(options, function(err, order) {
  console.log(order);
});
Copy{
    "id": "order_DBJOWzybf0sJbb",
    "entity": "order",
    "amount": 50000,
    "amount_paid": 0,
    "amount_due": 50000,
    "currency": "INR",
    "receipt": "rcptid_11",
    "status": "created",
    "attempts": 0,
    "notes": [],
    "created_at": 1566986570
}

Successful creation of the Order returns an id (referred to as order_id) that should be stored against the Order defined in your system.

Read more: Learn more about Orders API.

Request Parameters#

amount mandatory: integer The transaction amount, expressed in the currency subunit, such as paise (in case of INR). For example, for an actual amount of ₹299.35, the value of this field should be 29935.
currency mandatory: string The currency in which the transaction should be made. See the list of supported currencies. Default is INR.
receipt optional: string Your receipt id for this order should be passed here. Maximum length 40 characters.
notes optional: object Key-value pair that can be used to store additional information about the entity. Maximum 15 key-value pairs, 256 characters (maximum) each. For example, "note_key": "Beam me up Scotty”.

The id obtained in the response should be passed as order_id along with other data attributes as described in the section below.

Step 2: Pass Order Id and Other Options to the Checkout#

There are two sample codes provided for Checkout:

With Handler Function	With Callback URL
When you use this: ● On successful payment, customer will be shown your webpage. ● On payment failure, customer will be notified on the reason of failure and asked to retry the payment.	When you use this: ● On successful payment, customer will be redirected to the specified URL, for example, a payment success page. ● On payment failure, customer will be asked to retry payment on Checkout.

Copy-paste the form parameters as options in your HTML code:

 Manual Checkout with Handler Functions (JavaScript) Manual Checkout with Callback URL (JavaScript)
Copy<button id="rzp-button1">Pay</button>
<script src="https://checkout.razorpay.com/v1/checkout.js"></script>
<script>
var options = {
    "key": "YOUR_KEY_ID", // Enter the Key ID generated from the Dashboard
    "amount": "50000", // Amount is in currency subunits. Default currency is INR. Hence, 50000 refers to 50000 paise
    "currency": "INR",
    "name": "Acme Corp",
    "description": "Test Transaction",
    "image": "https://example.com/your_logo",
    "order_id": "order_9A33XWu170gUtm", //This is a sample Order ID. Pass the `id` obtained in the response of Step 1
    "handler": function (response){
        alert(response.razorpay_payment_id);
        alert(response.razorpay_order_id);
        alert(response.razorpay_signature)
    },
    "prefill": {
        "name": "Gaurav Kumar",
        "email": "gaurav.kumar@example.com",
        "contact": "9999999999"
    },
    "notes": {
        "address": "Razorpay Corporate Office"
    },
    "theme": {
        "color": "#3399cc"
    }
};
var rzp1 = new Razorpay(options);
rzp1.on('payment.failed', function (response){
        alert(response.error.code);
        alert(response.error.description);
        alert(response.error.source);
        alert(response.error.step);
        alert(response.error.reason);
        alert(response.error.metadata.order_id);
        alert(response.error.metadata.payment_id);
});
document.getElementById('rzp-button1').onclick = function(e){
    rzp1.open();
    e.preventDefault();
}
</script>
Copy<button id="rzp-button1">Pay</button>
<script src="https://checkout.razorpay.com/v1/checkout.js"></script>
<script>
var options = {
    "key": "YOUR_KEY_ID", // Enter the Key ID generated from the Dashboard
    "amount": "50000", // Amount is in currency subunits. Default currency is INR. Hence, 50000 refers to 50000 paise
    "currency": "INR",
    "name": "Acme Corp",
    "description": "Test Transaction",
    "image": "https://example.com/your_logo",
    "order_id": "order_9A33XWu170gUtm", //This is a sample Order ID. Pass the `id` obtained in the response of Step 1
    "callback_url": "https://eneqd3r9zrjok.x.pipedream.net/",
    "prefill": {
        "name": "Gaurav Kumar",
        "email": "gaurav.kumar@example.com",
        "contact": "9999999999"
    },
    "notes": {
        "address": "Razorpay Corporate Office"
    },
    "theme": {
        "color": "#3399cc"
    }
};
var rzp1 = new Razorpay(options);
document.getElementById('rzp-button1').onclick = function(e){
    rzp1.open();
    e.preventDefault();
}
</script>

Read more: Learn about the Checkout Form Fields.

Note:
The open method of Razorpay object (rzp1.open()) must be invoked by your site's JavaScript, which may or may not be a user-driven action such as a click.

Note:
You can also integrate the Razorpay Payment Gateway using the Automatic Checkout method. Learn more about it in our Quick Integration Document.

Step 3: Handle Payment Success and Failure#

The way you handle payment success and failure scenarios will differ based on the Checkout sample code you opted for in the previous step.

Checkout with Handler Function#

If you used the sample code with the handler function, then:

On Payment Success:

Customer will be shown your page and the response object of the successful payment (razorpay_payment_id, razorpay_order_id and razorpay_signature) is returned by Checkout. You need to collect these and send them to your server.

 Success Handling Code
Copy  "handler": function (response){
    alert(response.razorpay_payment_id);
    alert(response.razorpay_order_id);
    alert(response.razorpay_signature)}

On Payment Failure:

On payment failure, customer will be notified on the reason of failure and asked to retry the payment.

 Failure Handling Code
Copyrzp1.on('payment.failed', function (response){
    alert(response.error.code);
    alert(response.error.description);
    alert(response.error.source);
    alert(response.error.step);
    alert(response.error.reason);
    alert(response.error.metadata.order_id);
    alert(response.error.metadata.payment_id);
}

Read more: Learn about the error parameters.

Checkout with Callback URL#

If you used the sample code with the callback URL, then:

On Payment Success:

When you use a Callback URL, the response object of the successful payment (razorpay_payment_id, razorpay_order_id and razorpay_signature) is submitted to the Callback URL. Only successful authorizations are auto-submitted.
On Payment Failure:

In case of failed payments, the Checkout Form is displayed again to facilitate retry of the payments.

Step 4: Store Fields in your Server#

A successful payment returns the following fields to the Checkout Form. Make provisions to store these fields on your server. You can confirm the authenticity of these details by verifying the signature in the next step.

 Success Callback
Copy{
  "razorpay_payment_id": "pay_29QQoUBi66xm2f",
  "razorpay_order_id": "order_9A33XWu170gUtm",
  "razorpay_signature": "9ef4dffbfd84f1318f6739a3ce19f9d85851857ae648f114332d8401e0949a3d"
}

razorpay_payment_id: string Unique identifier for the payment returned by Checkout only for successful payments.
razorpay_order_id: string Unique identifier for the order returned by Checkout.
razorpay_signature: string Signature returned by the checkout. This is used to verify the payment.

Step 5: Verify the Signature#

This is a mandatory step that allows you to confirm the authenticity of the details returned to the Checkout form for successful payments.

To verify the razorpay_signature returned to you by the Checkout form:

Create a signature in your server using the following attributes:
- order_id - Retrieve the order_id from your server. Do not use the razorpay_order_id returned by Checkout.
- razorpay_payment_id - Returned by Checkout.
- key_secret - Available in your server.
  The key_secret that was generated from the Dashboard.

Use the SHA256 algorithm, the razorpay_payment_id and the order_id to construct a HMAC hex digest as shown below:

Copygenerated_signature = hmac_sha256(order_id + "|" + razorpay_payment_id, secret);

  if (generated_signature == razorpay_signature) {
    payment is successful
  }

If the signature you generate on your server matches the razorpay_signature returned to you by the Checkout form, the payment received is from an authentic source.

Generate Signature on your Server#

 Java PHP Ruby Python
Copy/**
* This class defines common routines for generating
* authentication signatures for Razorpay Webhook requests.
*/
public class Signature
{
    private static final String HMAC_SHA256_ALGORITHM = "HmacSHA256";
    /**
    * Computes RFC 2104-compliant HMAC signature.
    * * @param data
    * The data to be signed.
    * @param key
    * The signing key.
    * @return
    * The Base64-encoded RFC 2104-compliant HMAC signature.
    * @throws
    * java.security.SignatureException when signature generation fails
    */
    public static String calculateRFC2104HMAC(String data, String secret)
    throws java.security.SignatureException
    {
        String result;
        try {

            // get an hmac_sha256 key from the raw secret bytes
            SecretKeySpec signingKey = new SecretKeySpec(secret.getBytes(), HMAC_SHA256_ALGORITHM);

            // get an hmac_sha256 Mac instance and initialize with the signing key
            Mac mac = Mac.getInstance(HMAC_SHA256_ALGORITHM);
            mac.init(signingKey);

            // compute the hmac on input data bytes
            byte[] rawHmac = mac.doFinal(data.getBytes());

            // base64-encode the hmac
            result = DatatypeConverter.printHexBinary(rawHmac).toLowerCase();

        } catch (Exception e) {
            throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
        }
        return result;
    }
}
Copyuse Razorpay\Api\Api;
$api = new Api($key_id, $key_secret);
$attributes  = array('razorpay_signature'  => '23233',  'razorpay_payment_id'  => '332' ,  'order_id' => '12122');
$order  = $api->utility->verifyPaymentSignature($attributes)
Copyrequire 'razorpay'
Razorpay.setup('key_id', 'key_secret')
payment_response = {
  'order_id': '12122',
  'razorpay_payment_id': '332',
  'razorpay_signature': '23233'
}

Razorpay::Utility.verify_payment_signature(payment_response)
Copyimport razorpay

client = razorpay.Client(auth = ('<key_id>', '<key_secret>'))
params_dict = {
    'order_id': '12122',
    'razorpay_payment_id': '332',
    'razorpay_signature': '23233'
}
client.utility.verify_payment_signature(params_dict)

Post Signature Verification#

After verifying the signature, fetch the order in your system that corresponds to the razorpay_order_id in your database. Mark it as successful and process the order.

Payment Capture Settings#

Once authorized, you need to capture payments made by customers for them to get settled to your bank account as per the settlement schedule. Payments that are not captured are auto-refunded after a fixed time period. You can:

Auto-capture payments (recommended)
Authorized payments can be automatically captured. You can auto-capture all payments using global settings on the Dashboard.
Manually capture payments
Each authorized payment can also be captured individually. You can manually capture payments:
- Using the Payment Capture API.
- From the Dashboard.

Read more: Capture Settings for payments.

Test the Integration#

Now that the integration is complete, you must ensure that your integration works as expected. You can make a test transaction using the test cards, verify the payment status from Dashboard, APIs or subscribe to related Webhook events to take appropriate actions at your end. After testing the integration in test mode, you can start accepting payments from your customers in real-time.

Test Payments#

You can make test payments using any of the payment methods configured on the Checkout. No money is deducted from the customer's account as this is a simulated transaction. In the Checkout code, ensure that you have entered the API keys generated in the test mode.

Test Cards#

You can use any of the test cards to make transactions in the test mode. Use any valid expiration date in the future and any random CVV to create a successful payment.

Card Network	Domestic / International	Card Number
Mastercard	Domestic	5104 0600 0000 0008
Visa	Domestic	4111 1111 1111 1111
Mastercard	International	5555 5555 5555 4444 5105 1051 0510 5100
Visa	International	4012 8888 8888 1881 4000 1841 8621 8826

Verify the Payment Status#

You can track the status of the payment from the Dashboard or subscribe to the Webhook event or poll our APIs.

From the Dashboard#

Log into your Dashboard and navigate to Transactions → Payments.
Look if a payment_ID has been generated. If no payment_ID has been generated, it means that the transaction has failed.

Subscribe to Webhook events#

You can subscribe to a Webhook event that is generated when a certain event happens in our server. When one of those events is triggered, Razorpay sends the Webhook payload to the configured URL.

Learn how to set up Webhooks.

When the customer makes a successful payment on the Checkout, payment.authorized event is created in Razorpay.

Poll APIs#

You can retrieve the status of the payments by polling our Payment APIs.

Accept Live Payments#

After testing the flow of funds end-to-end in test mode, you are now ready to take your integration live. Once you are confident that the integration is working fine, you can switch to the live mode and start accepting payments from customers. But first, you need to swap the test API keys with the live keys.

To generate API key in live mode:

Log into Dashboard and switch to Live mode on the menu.
Navigate to Settings → API Keys → Generate Key to generate API key for live mode.
Download the keys and save it securely.
Replace the test API key with the Live Key in the Checkout code and start accepting real-time payments.

Timeouts#

The transaction timeout is applicable only when your customer attempts the payment.

The timeout is 3 to 15 minutes for an attempted payment. If there is a payment failure due to timeout, the customer is redirected to the Checkout page.

Related Information#

Now that you are done with the integration, you might find the following information useful: