1. Build Integration

Steps to integrate the Custom Checkout form on your website.


Follow the steps to integrate Custom Checkout in your site:

1.1

.

1.2

.

1.3

.

1.3.1

.

1.3.2

.

1.3.3

.

1.4

.

1.5

.

1.6

.

Order is an important step in the payment process.

  • An order should be created for every payment.
  • You can create an order using the . It is a server-side API call. Know how to Orders API.
  • The order_id received in the response should be passed to the checkout. This ties the Order with the payment and secures the request from being tampered.

The following is a sample API request and response for creating an order:

curl -X POST https://api.razorpay.com/v1/orders
-u [YOUR_KEY_ID]:[YOUR_KEY_SECRET]
-H 'content-type:application/json'
-d '{
"amount": 50000,
"currency": "MYR",
"receipt": "rcptid_11"
}'

Here is the list of parameters and their description for creating an order:

amount

mandatory

integer Payment amount in the smallest currency sub-unit. For example, if the amount to be charged is RM 299.00, then pass 29900 in this field.

currency

mandatory

string Currency code for the currency in which you want to accept the payment. For example, MYR.

receipt

optional

string Your receipt id for this order should be passed here. Maximum length is 40 characters.

notes

optional

json object Key-value pair that can be used to store additional information about the entity. Maximum 15 key-value pairs, 256 characters (maximum) each. For example, "note_key": "Beam me up Scotty”.

partial_payment

optional

boolean Indicates whether the customer can make a partial payment. Possible values:

  • true: The customer can make partial payments.
  • false (default): The customer cannot make partial payments.

id

mandatory

string Unique identifier of the customer. For example, cust_1Aa00000000004.

Know more about

.

The error response parameters are available in the

.

When creating a custom checkout form, display only the activated methods to the customer. Use the below methods to fetch all payments methods available to you:

var razorpay = new Razorpay({
key: '<YOUR_KEY_ID>',
// logo, displayed in the popup
image: 'https://i.imgur.com/n5tjHFD.jpg',
});
razorpay.once('ready', function(response) {
console.log(response.methods);
})

Know more about

offered by Curlec.

Include the following script, preferably in the <head> section of your page:

<script type="text/javascript" src="https://checkout.razorpay.com/v1/razorpay.js"></script>

Handy Tips

  • Include the script from https://checkout.razorpay.com/v1/razorpay.js instead of serving a copy from your server. This allows the library's new updates and bug fixes to fit your application automatically.
  • We always maintain backward compatibility with our code.

var razorpay = new Razorpay({
key: '<YOUR_KEY_ID>',
// logo, displayed in the payment processing popup
image: 'https://i.imgur.com/n5tjHFD.jpg',
});

If you need multiple Curlec instances on the same page, you can globally set some of the options:

Razorpay.configure({
key: '<YOUR_KEY_ID>',
// logo, displayed in the payment processing popup
image: 'https://i.imgur.com/n5tjHFD.jpg',
})
new Razorpay({}); // will inherit key and image from above.

While building a custom UI for accepting payments from your customers, you should be familiar with the fields supported in the razorpay.js script.

key

mandatory

string API Key ID generated from DashboardAccount & Settings

.

amount

mandatory

integer Payment amount in the smallest currency sub-unit. For example, if the amount to be charged is RM 299.00, then pass 29900 in this field.

currency

mandatory

string The currency in which the payment should be made by the customer. For example, MYR.

description

optional

string Description of the product shown in the Checkout form. It must start with an alphanumeric character.

image

optional

string Link to an image (usually your business logo) shown in the Checkout form. Can also be a base64 string, if loading the image from a network is not desirable.

order_id

mandatory

string Order ID generated via the

.

notes

optional

object Set of key-value pairs that can be used to store additional information about the payment. It can hold a maximum of 15 key-value pairs, each 256 characters long (maximum).

method

mandatory

string The payment method used by the customer on Checkout.
Possible values:

  • card (default)
  • fpx (default)
  • wallet (default)

card

mandatory if method=card

object The details of the card that should be entered while making the payment.

number

integer Unformatted card number.

name

string The name of the cardholder.

expiry_month

integer Expiry month for card in MM format.

expiry_year

integer Expiry year for card in YY format.

cvv

integer CVV printed on the back of the card.

Handy Tips

  • CVV is not required by default for tokenised cards across all networks.
  • CVV is optional for tokenised card payments. Do not pass dummy CVV values.
  • To implement this change, skip passing the cvv parameter entirely, or pass a null or empty value in the CVV field.
  • We recommend removing the CVV field from your checkout UI/UX for tokenised cards.
  • If CVV is still collected for tokenised cards and the customer enters a CVV, pass the entered CVV value to Razorpay.

bank

mandatory if method=fpx

string Bank code. List of available banks enabled for your account can be fetched via

.

wallet

mandatory if method=wallet

string Wallet code for the wallet used for the payment. Possible values:

  • touchngo (default)
  • grabpay (default)

callback_url

optional

string Customers will be redirected to this URL on successful payment. Ensure that the domain of the Callback URL is whitelisted. This parameter is mandatory for FPX payments.

redirect

optional

boolean Determines whether to post a response to the event handler post payment completion or redirect to Callback URL. callback_url and redirect parameters are mandatory for FPX payments. Possible values:

  • true: Customer is redirected to the specified callback URL in case of payment failure. For FPX payments, the redirect parameter should always be sent as true.
  • false (default): Customer is not redirected to the specified callback URL.

After creating an order and obtaining the customer's payment details, send the information to Curlec to complete the payment. The data that needs to be submitted depends on the customer's payment method. You can do this by invoking createPayment method.

Know more about

.

Handy Tips

For FPX payments, you must use the Callback URL sample code for checkout. You should send the following parameters along with the other checkout parameters:

  • callback_url with the URL to which customers should be redirected after payment completion.
  • redirect with the value as true.
var data = {
callback_url: 'https://www.examplecallbackurl.com/',
amount: 1000, // in currency subunits.
currency: "MYR",// Default is MYR.
email: 'nur.aisyah@example.com',
contact: '+60345675444',
notes: {
address: 'Ground Floor, SJR Cyber, Laskar Hosur Road, Bengaluru',
},
order_id: 'order_CuEzONfnOI86Ab',// Replace with Order ID generated in Step 4
method: 'fpx',
// method specific fields
bank: 'RHB'
};
var btn = document.querySelector('#btn');
btn.addEventListener('click', function(){
// has to be placed within user initiated context, such as click, in order for popup to open.
razorpay.createPayment(data);
})

Watch Out!

The createPayment method should be called within an event listener triggered by user action to prevent the popup from being blocked. For example:


$('button').click( function (){ razorpay.createPayment(...) })

Handy Tips

  • Handler Function
    When you use the handler function, the response object of the successful payment (razorpay_payment_id, razorpay_order_id and razorpay_signature) is submitted to the Checkout Form. You need to collect these and send them to your server.
  • Callback URL
    When you use a callback URL, Curlec makes a post call to the callback URL, with the razorpay_payment_id, razorpay_order_id and razorpay_signature in the response object of the successful payment (razorpay_payment_id and razorpay_order_id).

A successful payment returns the following fields to the Checkout form.

  • You need to store these fields in your server.
  • You can confirm the authenticity of these details by verifying the signature in the next step.

razorpay_payment_id

string Unique identifier for the payment returned by Checkout only for successful payments.

razorpay_order_id

string Unique identifier for the order returned by Checkout.

razorpay_signature

string Signature returned by the Checkout. This is used to verify the payment.

A failed payment returns an error response.

{
"error": {
"code": "BAD_REQUEST_ERROR",
"description": "Authentication failed due to incorrect otp",
"field": null,
"source": "customer",
"step": "payment_authentication",
"reason": "invalid_otp",
"metadata": {
"payment_id": "pay_EDNBKIP31Y4jl8",
"order_id": "order_DBJKIP31Y4jl8"
}
}
}

Know more about

.

This is a mandatory step to confirm the authenticity of the details returned to the Checkout form for successful payments.

To verify the razorpay_signature returned to you by the Checkout form:

  1. Create a signature in your server using the following attributes:

    • order_id: Retrieve the order_id from your server. Do not use the razorpay_order_id returned by Checkout.
    • razorpay_payment_id: Returned by Checkout.
    • key_secret: Available in your server. The key_secret that was generated from the .
  2. Use the SHA256 algorithm, the razorpay_payment_id and the order_id to construct a HMAC hex digest as shown below:

    generated_signature = hmac_sha256(order_id + "|" + razorpay_payment_id, secret);
    if (generated_signature == razorpay_signature) {
    payment is successful
    }
  3. If the signature you generate on your server matches the razorpay_signature returned to you by the Checkout form, the payment received is from an authentic source.

Given below is the sample code for payment signature verification:

RazorpayClient razorpay = new RazorpayClient("[YOUR_KEY_ID]", "[YOUR_KEY_SECRET]");
String secret = "EnLs21M47BllR3X8PSFtjtbd";
JSONObject options = new JSONObject();
options.put("razorpay_order_id", "order_IEIaMR65cu6nz3");
options.put("razorpay_payment_id", "pay_IH4NVgf4Dreq1l");
options.put("razorpay_signature", "0d4e745a1838664ad6c9c9902212a32d627d68e917290b0ad5f08ff4561bc50f");
boolean status = Utils.verifyPaymentSignature(options, secret);

After you have completed the integration, you can

, make test payments, replace the test key with the live key and integrate with other .

Handy Tips

On the Dashboard, ensure that the payment status is captured. Refer to the payment capture settings page to know how to

.

You can track the payment status in three ways:

To verify the payment status from the Dashboard:

  1. Log in to the and navigate to TransactionsPayments.
  2. Check if a Payment Id has been generated and note the status. In case of a successful payment, the status is marked as Captured.
Check if the payment id is generated and the status is captured


Is this integration guide useful?