1. Build Integration

List of steps to build the integration.


Follow these steps to integrate the hosted checkout form on your website:

1.1 Create an Order in Server.

1.2 Pass Order ID and Checkout options to the Checkout.

1.3 Store Fields in your Server.

1.4 Verify the Signature.

1.5 Verify Payment Status

1.1 Create an Order in Server🔗

Order is an important step in the payment process.

  • An order should be created for every payment.
  • You can create an order using the Orders API. It is a server-side API call. Know how to authenticate Orders API.
  • The order_id received in the response should be passed to the checkout. This ties the Order with the payment and secures the request from being tampered.

API Sample Code🔗

The following is a sample API request and response for creating an order:

Copycurl -X POST https://api.razorpay.com/v1/orders -U [YOUR_KEY_ID]:[YOUR_KEY_SECRET] -H 'content-type:application/json' -d '{ "amount": 500, "currency": "INR", "receipt": "qwsaq1", "partial_payment": true, "first_payment_min_amount": 230 }'
CopyRazorpayClient razorpay = new RazorpayClient("[YOUR_KEY_ID]", "[YOUR_KEY_SECRET]"); JSONObject orderRequest = new JSONObject(); orderRequest.put("amount", 50000); // amount in the smallest currency unit orderRequest.put("currency", "INR"); orderRequest.put("receipt", "order_rcptid_11"); Order order = razorpay.Orders.create(orderRequest); } catch (RazorpayException e) { // Handle Exception System.out.println(e.getMessage()); }
Copyimport razorpay client = razorpay.Client(auth=("YOUR_ID", "YOUR_SECRET")) DATA = { "amount": 100, "currency": "INR", "receipt": "receipt#1", "notes": { "key1": "value3", "key2": "value2" } } client.order.create(data=DATA)
Copy$api = new Api($key_id, $secret); $api->order->create(array('receipt' => '123', 'amount' => 100, 'currency' => 'INR', 'notes'=> array('key1'=> 'value3','key2'=> 'value2')));
CopyRazorpayClient client = new RazorpayClient(your_key_id, your_secret); Dictionary<string, object> options = new Dictionary<string,object>(); options.Add("amount", 50000); // amount in the smallest currency unit options.add("receipt", "order_rcptid_11"); options.add("currency", "INR"); Order order = client.Order.Create(options);
Copyrequire "razorpay" Razorpay.setup('YOUR_KEY_ID', 'YOUR_SECRET') options = amount: 50000, currency: 'INR', receipt: '<order_rcptid_11>' order = Razorpay::Order.create
Copyvar instance = new Razorpay({ key_id: 'YOUR_KEY_ID', key_secret: 'YOUR_SECRET' }) instance.orders.create({ amount: 50000, currency: "INR", receipt: "receipt#1", notes: { key1: "value3", key2: "value2" } })
Copyimport ( razorpay "github.com/razorpay/razorpay-go" ) client := razorpay.NewClient("YOUR_KEY_ID", "YOUR_SECRET") data := map[string]interface{}{ "amount": 50000, "currency": "INR", "receipt": "some_receipt_id" } body, err := client.Order.Create(data)
Copy{ "id": "order_IluGWxBm9U8zJ8", "entity": "order", "amount": 5000, "amount_paid": 0, "amount_due": 5000, "currency": "INR", "receipt": "rcptid_11", "offer_id": null, "status": "created", "attempts": 0, "notes": [], "created_at": 1642662092 }

Request Parameters🔗

Here is the list of parameters for creating an order:

amount mandatory
integer The transaction amount, expressed in the currency subunit, such as paise (in case of INR). For example, for an actual amount of ₹299.35, the value of this field should be 29935.
currency mandatory
string The currency in which the transaction should be made. See the list of supported currencies. Length must be of 3 characters.
receipt optional
string Your receipt id for this order should be passed here. Maximum length 40 characters.
notes optional
json object Key-value pair that can be used to store additional information about the entity. Maximum 15 key-value pairs, 256 characters (maximum) each. For example, "note_key": "Beam me up Scotty”.
partial_payment optional
boolean Indicates whether the customer can make a partial payment. Possible values:
  • true: The customer can make partial payments.
  • false (default): The customer cannot make partial payments.
first_payment_min_amount optional
integer Minimum amount that must be paid by the customer as the first partial payment. For example, if an amount of ₹7,000 is to be received from the customer in two installments of #1 - ₹5,000, #2 - ₹2,000, then you can set this value as 500000. This parameter should be passed only if partial_payment is true.

Know more about Orders API.

Error Response Parameters🔗

The error response parameters are available in the API Reference Guide.

1.2 Pass Payment Options to Hosted Checkout🔗

Add the Pay button on your web page using the checkout code given below. The hosted checkout page is displayed when the customers click the Pay button.

Code to Add Pay Button🔗

The Checkout options are sent as form-data to the following URL in a POST request.

https://api.razorpay.com/v1/checkout/embedded

The sample code is given below:

Copy<form method="POST" action="https://api.razorpay.com/v1/checkout/embedded"> <input type="hidden" name="key_id" value="YOUR_KEY_ID"> <input type="hidden" name="amount" value=1001> <input type="hidden" name="order_id" value="razorpay_order_id"> <input type="hidden" name="name" value="Acme Corp"> <input type="hidden" name="description" value="A Wild Sheep Chase"> <input type="hidden" name="image" value="https://cdn.razorpay.com/logos/BUVwvgaqVByGp2_large.png"> <input type="hidden" name="prefill[name]" value="Gaurav Kumar"> <input type="hidden" name="prefill[contact]" value="9123456780"> <input type="hidden" name="prefill[email]" value="gaurav.kumar@example.com"> <input type="hidden" name="notes[shipping address]" value="L-16, The Business Centre, 61 Wellfield Road, New Delhi - 110001"> <input type="hidden" name="callback_url" value="https://example.com/payment-callback"> <input type="hidden" name="cancel_url" value="https://example.com/payment-cancel"> <button>Submit</button> </form>
  • For every successful payment, razorpay_payment_id, razorpay_order_id and razorpay_signature are submitted via a POST request to the callback_url passed in payment options.
  • If your customer cancels the transaction or clicks the back button, they are redirected to the cancel_url via a GET request.
  • If the payment fails, a POST request is made to the callback_url, with the error fields as payload.

Checkout Options🔗

key_id mandatory

string Enter [YOUR_Key_ID] generated from the Dashboard.

name mandatory

string The business name to be shown in the checkout form.

descriptionoptional

string Description of the item purchased shown in the checkout form.

image optional

string URL of the logo that must appear on the checkout form. It is recommended to add the logo using the Razorpay Dashboard.

order_id mandatory

string Unique identifier of the Order, created using the Orders API.

amount mandatory

integer Enter the amount to charge the customer in currency subunits. For example, if charging the customer INR 200, enter 20000.

currency mandatory

string Enter the currency to be used in the payment. Ensure that currency of the payment matches the Order currency. Defaults to INR. We support more than 90 currencies.

method optional

string Use this parameter to show a specific payment method in Checkout. Possible values:

  • card
  • netbanking
  • wallet
  • upi
  • paylater
prefill

The fields that can be pre-populated in the Checkout form.

name optional
string Name of the cardholder.
email mandatory
string Email address of the customer.
contact mandatory
string Customer's phone number.
notesoptional

object An additional set of fields that you want to associate with the payment. For example, you can add "shipping address" and "alternate contact" in the Notes field. You can specify up to 15 note fields.

[Shipping address]
string 106, Razorpay, Bangalore
[Alternate contact]
string 9999999999
callback_url mandatory

string Page to which the customers are redirected to after a successful payment. razorpay_payment_id, razorpay_order_id and razorpay_signature are sent as form-data through a POST request to the callback_url.

cancel_urloptional

string The URL customers are redirected to after the cancellation of a payment.

1.3 Store Fields in Your Server🔗

A successful payment returns the following fields to the Checkout form.

  • You need to store these fields in your server.

  • You can confirm the authenticity of these details by verifying the signature in the next step.

Copy{ "razorpay_payment_id": "pay_29QQoUBi66xm2f", "razorpay_order_id": "order_9A33XWu170gUtm", "razorpay_signature": "9ef4dffbfd84f1318f6739a3ce19f9d85851857ae648f114332d8401e0949a3d" }
razorpay_payment_id
string Unique identifier for the payment returned by Checkout only for successful payments.
razorpay_order_id
string Unique identifier for the order returned by Checkout.
razorpay_signature
string Signature returned by the Checkout. This is used to verify the payment.

1.4 Verify Payment Signature🔗

This is a mandatory step to confirm the authenticity of the details returned to the Checkout form for successful payments.

To verify the razorpay_signature returned to you by the Checkout form:

  1. Create a signature in your server using the following attributes:

    • order_id: Retrieve the order_id from your server. Do not use the razorpay_order_id returned by Checkout.
    • razorpay_payment_id: Returned by Checkout.
    • key_secret: Available in your server.
      The key_secret that was generated from the Razorpay Dashboard.
  2. Use the SHA256 algorithm, the razorpay_payment_id and the order_id to construct a HMAC hex digest as shown below:

    Copygenerated_signature = hmac_sha256(order_id + "|" + razorpay_payment_id, secret); if (generated_signature == razorpay_signature) { payment is successful }
  3. If the signature you generate on your server matches the razorpay_signature returned to you by the Checkout form, the payment received is from an authentic source.

Generate Signature on Your Server🔗

Given below are the sample codes for payment signature verification.

Copy/** * This class defines common routines for generating * authentication signatures for Razorpay Webhook requests. */ public class Signature { private static final String HMAC_SHA256_ALGORITHM = "HmacSHA256"; /** * Computes RFC 2104-compliant HMAC signature. * * @param data * The data to be signed. * @param key * The signing key. * @return * The Base64-encoded RFC 2104-compliant HMAC signature. * @throws * java.security.SignatureException when signature generation fails */ public static String calculateRFC2104HMAC(String data, String secret) throws java.security.SignatureException { String result; try { // get an hmac_sha256 key from the raw secret bytes SecretKeySpec signingKey = new SecretKeySpec(secret.getBytes(), HMAC_SHA256_ALGORITHM); // get an hmac_sha256 Mac instance and initialize with the signing key Mac mac = Mac.getInstance(HMAC_SHA256_ALGORITHM); mac.init(signingKey); // compute the hmac on input data bytes byte[] rawHmac = mac.doFinal(data.getBytes()); // base64-encode the hmac result = DatatypeConverter.printHexBinary(rawHmac).toLowerCase(); } catch (Exception e) { throw new SignatureException("Failed to generate HMAC : " + e.getMessage()); } return result; } }
Copyuse Razorpay\Api\Api; $api = new Api($key_id, $key_secret); $attributes = array('razorpay_signature' => '23233', 'razorpay_payment_id' => '332' , 'razorpay_order_id' => '12122'); $order = $api->utility->verifyPaymentSignature($attributes)
Copyrequire 'razorpay' Razorpay.setup('key_id', 'key_secret') payment_response = { 'razorpay_order_id': '12122', 'razorpay_payment_id': '332', 'razorpay_signature': '23233' } Razorpay::Utility.verify_payment_signature(payment_response)
Copyimport razorpay client = razorpay.Client(auth=("YOUR_ID", "YOUR_SECRET")) client.utility.verify_payment_signature({ 'razorpay_order_id': razorpay_order_id, 'razorpay_payment_id': razorpay_payment_id, 'razorpay_signature': razorpay_signature })
Copy Dictionary<string, string> attributes = new Dictionary<string, string>(); attributes.Add("razorpay_payment_id", paymentId); attributes.Add("razorpay_order_id", Request.Form["razorpay_order_id"]); attributes.Add("razorpay_signature", Request.Form["razorpay_signature"]); Utils.verifyPaymentSignature(attributes);
Copyvar { validatePaymentVerification } = require('./dist/utils/razorpay-utils'); validatePaymentVerification({"order_id": razorpayOrderId, "payment_id": razorpayPaymentId }, signature, secret);
Copyimport ( "crypto/hmac" "crypto/sha256" "crypto/subtle" "encoding/hex" "fmt" ) func main() { signature := "477d1cdb3f8122a7b0963704b9bcbf294f65a03841a5f1d7a4f3ed8cd1810f9b" secret := "qp3zKxwLZxbMORJgEVWi3Gou" data := "order_J2AeF1ZpvfqRGH|pay_J2AfAxNHgqqBiI" //fmt.Printf("Secret: %s Data: %s\n", secret, data) // Create a new HMAC by defining the hash type and the key (as byte array) h := hmac.New(sha256.New, []byte(secret)) // Write Data to it _, err := h.Write([]byte(data)) if err != nil { panic(err) } // Get result and encode as hexadecimal string sha := hex.EncodeToString(h.Sum(nil)) fmt.Printf("Result: %s\n", sha) if subtle.ConstantTimeCompare([]byte(sha), []byte(signature)) == 1 { fmt.Println("Works") } }

Post Signature Verification🔗

After you have successfully completed the integration, you can set up webhooks, make test payments, replace test key with live key and integrate with other APIs.

1.5 Verify Payment Status🔗

You can track the payment status from the Razorpay Dashboard, subscribe to the Webhook event or poll our APIs.

Verify Payment Status From Dashboard🔗

  1. Log into the Dashboard and navigate to Transactions → Payments.
  2. Check if a payment_ID has been generated and note the status. In case of a successful payment, the status is marked as captured.

Subscribe to Webhook events🔗

You can use Razorpay Webhooks to configure and receive notifications when a specific event occurs. When one of these events is triggered, we send an HTTP POST payload in JSON to the webhook's configured URL. Know how to set up Webhooks.

Example🔗

If you have subscribed to the order.paid webhook event, you will receive a notification every time a customer pays you for an order.

Poll APIs🔗

Poll Payment APIs to check the payment status.

×