Payment Gateway

Integrate Curlec Payment Gateway using Partner Auth.


Follow these steps to integrate with the Curlec Payment Gateway:

  1. .
  2. .
  3. .
  4. .
  5. .

Integrate with

to create an order. Given below is the sample code for Create an Order API. Pass the account_id of the sub-merchant using X-Razorpay-Account in the header.

POST
/orders
curl -X POST https://api.razorpay.com/v1/orders \
-u [CLIENT_ID]:[CLIENT_SECRET] \
-H 'content-type:application/json' \
-H 'X-Razorpay-Account: acc_Ef7ArAsdU5t0XL' \
-d '{
"amount": 50000,
"currency": "MYR",
"receipt": "rcptid_11"
}'

Here is the list of parameters and their description for creating an order:

amount

mandatory

integer The transaction amount, expressed in the currency subunits. For example, for an actual amount of MYR 300.00, the value of this field should be 30000.

currency

mandatory

string The currency in which the transaction should be made. Length must be 3 characters.

receipt

optional

string Your receipt id for this order should be passed here. Maximum length is 40 characters.

notes

optional

json object Key-value pair that can be used to store additional information about the entity. Maximum 15 key-value pairs, 256 characters (maximum) each. For example, "note_key": "Beam me up Scotty”.

partial_payment

optional

boolean Indicates whether the customer can make a partial payment. Possible values:

  • true: The customer can make partial payments.
  • false (default): The customer cannot make partial payments.

Handy Tips

For FPX payments, you must use the Callback URL sample code for checkout. You should send the following parameters along with the other checkout parameters:

  • callback_url with the URL to which customers should be redirected after payment completion.
  • redirect with the value as true.

Copy-paste the parameters as options in your code. This creates a Pay button on the website, which the customer can use to invoke Checkout and complete the payment. Pass the order_id received in the response of

to the checkout code.

<button id="rzp-button1">Pay</button>
<script src="https://checkout.razorpay.com/v1/checkout.js"></script>
<script>
var options = {
"key": "YOUR_KEY_ID", // Enter the Key ID generated from the Dashboard
"amount": "50000", // Amount is in currency subunits. Default currency is MYR.
"currency": "MYR",
"name": "Acme Corp",
"description": "Test Transaction",
"image": "https://example.com/your_logo",
"account_id": "acc_Ef7ArAsdU5t0XL",
"order_id": "order_DBJOWzybf0sJbb", //This is a sample Order id. Pass the `id` obtained in the response of Step 1.
"callback_url": "https://eneqd3r9zrjok.x.pipedream.net/",
"prefill": {
"name": "Gaurav Kumar",
"email": "gaurav.kumar@example.com",
"contact": "9000090000"
},
"notes": {
"address": "Curlec Corporate Office"
},
"theme": {
"color": "#3399cc"
}
};
var rzp1 = new Razorpay(options);
document.getElementById('rzp-button1').onclick = function(e){
rzp1.open();
e.preventDefault();
}
</script>

Handy Tips

Test your integration using these

.

key

mandatory

string API Key ID generated from the Curlec Dashboard.

amount

mandatory

integer The amount to be paid by the customer in sen. For example, if the amount is MYR 500.00, enter 50000.

currency

mandatory

string The currency in which the payment should be made by the customer. Length must be of 3 characters.

name

mandatory

string Your Business/Enterprise name shown on the Checkout form. For example, Acme Corp.

description

optional

string Description of the purchase item shown on the Checkout form. It should start with an alphanumeric character.

image

optional

string Link to an image (usually your business logo) shown on the Checkout form. Can also be a base64 string if you are not loading the image from a network.

order_id

mandatory

string Order ID generated via

.

prefill

object You can prefill the following details at Checkout.

Boost Conversions and Minimise Drop-offs

  • Autofill customer contact details, especially phone number to ease form completion. Include customer’s phone number in the contact parameter of the JSON request's prefill object. Format: +(country code)(phone number). Example: “contact": "+601113455567").
  • This is not applicable if you do not collect customer contact details on your website before checkout, have Shopify stores or use any of the no-code apps.

name

optional

string Cardholder's name to be pre-filled if customer is to make card payments on Checkout. For example, Siti Aisyah.

email

optional

string Email address of the customer.

contact

optional

string Phone number of the customer. The expected format of the phone number is + {country code}{phone number}. If the country code is not specified, 60 will be used as the default value. This is particularly important while prefilling contact of customers with phone numbers issued outside Malaysia. Examples:

  • +14155552671 (a valid non-Malaysian number)
  • +601113455567 (a valid Malaysian number).
    If 1113455567 is entered without the country code, +60 is added to it as +601113455567.

method

optional

string Pre-selection of the payment method for the customer. Will only work if contact and email are also pre-filled.
Possible value is card.

notes

optional

object Set of key-value pairs that can be used to store additional information about the payment. It can hold a maximum of 15 key-value pairs, each 256 characters long (maximum).

theme

object Thematic options to modify the appearance of Checkout.

hide_topbar

optional

boolean Used to display or hide the top bar on the Checkout form. This bar shows the selected payment method, phone number and gives the customer the option to navigate back to the start of the Checkout form. Possible values:

  • true: Hides the top bar
  • false (default): Displays the top bar.

color

optional

string Enter your brand colour's HEX code to alter the text, payment method icons and CTA (call-to-action) button colour of the Checkout form.

backdrop_color

optional

string Enter a HEX code to change the Checkout's backdrop colour.

modal

object Options to handle the Checkout modal.

backdropclose

optional

boolean Indicates whether clicking the translucent blank space outside the Checkout form should close the form. Possible values:

  • true: Closes the form when your customer clicks outside the checkout form.
  • false (default): Does not close the form when customer clicks outside the checkout form.

escape

optional

boolean Indicates whether pressing the escape key should close the Checkout form. Possible values:

  • true (default): Closes the form when the customer presses the escape key.
  • false: Does not close the form when the customer presses the escape key.

handleback

optional

boolean Determines whether Checkout must behave similar to the browser when back button is pressed. Possible values:

  • true (default): Checkout behaves similarly to the browser. That is, when the browser's back button is pressed, the Checkout also simulates a back press. This happens as long as the Checkout modal is open.
  • false: Checkout does not simulate a back press when browser's back button is pressed.

confirm_close

optional

boolean Determines whether a confirmation dialog box should be shown if customers attempts to close Checkout. Possible values:

  • true: Confirmation dialog box is shown.
  • false (default): Confirmation dialog box is not shown.

ondismiss

optional

function Used to track the status of Checkout. You can pass a modal object with ondismiss: function()\{\} as options. This function is called when the modal is closed by the user.

animation

optional

boolean Shows an animation before loading of Checkout. Possible values:

  • true(default): Animation appears.
  • false: Animation does not appear.

subscription_id

optional

string If you are accepting recurring payments using Curlec Checkout, you should pass the relevant subscription_id to the Checkout. Know more about

.

subscription_card_change

optional

boolean Permit or restrict customer from changing the card linked to the subscription. You can also do this from the

. Possible values:
  • true: Allow the customer to change the card from Checkout.
  • false (default): Do not allow the customer to change the card from Checkout.

callback_url

optional

string Customers will be redirected to this URL on successful payment. Ensure that the domain of the Callback URL is allowlisted. This parameter is mandatory for FPX payments.

redirect

optional

boolean Determines whether to post a response to the event handler post payment completion or redirect to Callback URL. callback_url and redirect parameters are mandatory for FPX payments. Possible values:

  • true: Customer is redirected to the specified callback URL in case of payment failure. For FPX payments, the redirect parameter should always be sent as true.
  • false (default): Customer is shown the Checkout popup to retry the payment.

customer_id

optional

string Unique identifier of customer.

remember_customer

optional

boolean Determines whether to allow saving of cards. Can also be configured via the

. Possible values:
  • true: Enables card saving feature.
  • false (default): Disables card saving feature.

timeout

optional

integer Sets a timeout on Checkout, in seconds. After the specified time limit, the customer will not be able to use Checkout.

readonly

object Marks fields as read-only.

contact

optional

boolean Used to set the contact field as readonly. Possible values:

  • true: Customer will not be able to edit this field.
  • false (default): Customer will be able to edit this field.

email

optional

boolean Used to set the email field as readonly. Possible values:

  • true: Customer will not be able to edit this field.
  • false (default): Customer will be able to edit this field.

name

optional

boolean Used to set the name field as readonly. Possible values:

  • true: Customer will not be able to edit this field.
  • false (default): Customer will be able to edit this field.

hidden

object Hides the contact details.

contact

optional

boolean Used to set the contact field as optional. Possible values:

  • true: Customer will not be able to view this field.
  • false (default): Customer will be able to view this field.

email

optional

boolean Used to set the email field as optional. Possible values:

  • true: Customer will not be able to view this field.
  • false (default): Customer will be able to view this field.

allow_rotation

optional

boolean Used to rotate payment page as per screen orientation. Applicable from Android SDK version 1.6.4 and above. Possible values:

  • true: Payment page can be rotated.
  • false (default): Payment page cannot be rotated.

config

optional

object Parameters that enable configuration of checkout display language.

display

object Child parameter that enables configuration of checkout display language.

language

string The language in which checkout should be displayed. Possible value is en: English.

A successful payment returns the following fields to the Checkout form.

  • You need to store these fields in your server.
  • You can confirm the authenticity of these details by verifying the signature in the next step.

razorpay_payment_id

string Unique identifier for the payment returned by Checkout only for successful payments.

razorpay_order_id

string Unique identifier for the order returned by Checkout.

razorpay_signature

string Signature returned by the Checkout. This is used to verify the payment.

This is a mandatory step to confirm the authenticity of the details returned to the Checkout form for successful payments.

To verify the razorpay_signature returned to you by the Checkout form:

  1. Create a signature in your server using the following attributes:

    • order_id: Retrieve the order_id from your server. Do not use the razorpay_order_id returned by Checkout.
    • razorpay_payment_id: Returned by Checkout.
    • key_secret: Available in your server. The key_secret that was generated from the .
  2. Use the SHA256 algorithm, the razorpay_payment_id and the order_id to construct a HMAC hex digest as shown below:

    generated_signature = hmac_sha256(order_id + "|" + razorpay_payment_id, secret);
    if (generated_signature == razorpay_signature) {
    payment is successful
    }
  3. If the signature you generate on your server matches the razorpay_signature returned to you by the Checkout form, the payment received is from an authentic source.

Given below is the sample code for payment signature verification:

RazorpayClient razorpay = new RazorpayClient("[YOUR_KEY_ID]", "[YOUR_KEY_SECRET]");
String secret = "EnLs21M47BllR3X8PSFtjtbd";
JSONObject options = new JSONObject();
options.put("razorpay_order_id", "order_IEIaMR65cu6nz3");
options.put("razorpay_payment_id", "pay_IH4NVgf4Dreq1l");
options.put("razorpay_signature", "0d4e745a1838664ad6c9c9902212a32d627d68e917290b0ad5f08ff4561bc50f");
boolean status = Utils.verifyPaymentSignature(options, secret);

After you have completed the integration, you can

, make test payments, replace the test key with the live key and integrate with other .

Check

for the supported platforms.

Handy Tips

On the Dashboard, ensure that the payment status is captured. Refer to the payment capture settings page to know how to

.

You can track the payment status in three ways:

To verify the payment status from the Dashboard:

  1. Log in to the and navigate to TransactionsPayments.
  2. Check if a Payment Id has been generated and note the status. In case of a successful payment, the status is marked as Captured.
Check if the payment id is generated and the status is captured

You can view the payments received from customers on the sub-merchant's Curlec Dashboard. Also, you can retrieve the status of the payments by polling our

.

Given below is the APIs used to fetch payments. You must pass the sub-merchant account identifier as a header while retrieving details using GET requests.

You can fetch the details of the payments received by sub-merchant using the endpoint given below. Pass the account_id of the sub-merchant using X-Razorpay-Account in the header.

GET
/payments
curl -X GET https://api.razorpay.com/v1/payments \
-u <YOUR_KEY_ID>:<YOUR_KEY_SECRET> \
-H 'X-Razorpay-Account: acc_Ef7ArAsdU5t0XL' \

Was this page helpful?