PayU's API integration allows your business to process transactions from different types of applications (web, mobile, IVR, etc.)

You can connect your online store to the PayU platform and the checkout process will be handled on your website. To integrate this option you must have a PayU Business account and advanced programming skills.

Access multiple payment methods (varies per country), including credit cards, bank transfers, and cash payments.

API checkout
 
 

Available features

API integration

Payments

API integration

Queries

API integration

Recurring payments

API integration

Tokenization

Initial settings

PayU allows you to integrate with our transactional gateway and available payment tools and Queries by developing a HTTPS client to transfer transaction information through SSL. It is critical that sensitive transaction data such as credit card number, expiration date, etc. are not stored. It is recommended to follow PCI DSS’ best practices (Payment Card Industry Data Security Standard).  
The transmission of transactions is secured through a TLS (Transport Layer Security) 256-bit connection from the shop's server our payment Gateway. The exchange of messages is done via XML or JSON stringsand operations are distinguished by a command that is included in the request. Check out the following XML and JSON examples:  

POST /payments-api/4.0/service.cgi HTTP/1.1 
Host: sandbox.api.payulatam.com
Content-Type: application/xml; charset=utf-8
Accept: application/xml
Content-Length: length
<request>
   <language>en</language>
   <command>GET_PAYMENT_METHODS</command>
   <merchant>
      <apiLogin>xxxxxxxxxxxxx</apiLogin>
      <apiKey>xxxxxxxxxxxxx</apiKey>
   </merchant>
   <isTest>false</isTest>
</request>
POST /payments-api/4.0/service.cgi HTTP/1.1 
Host: sandbox.api.payulatam.com
Content-Type: application/json; charset=utf-8
Accept: application/json
Content-Length: length
{
   "test": false,
   "language": "en",
   "command": "GET_PAYMENT_METHODS",
   "merchant": {
      "apiLogin": "xxxxxxxxxxxxx",
      "apiKey": "xxxxxxxxxxxxx"
   }
}
 
 

You can set the language you want to use in the request through the Content-type and Accept HTTP headers. Content-type y Accept. You can use all possible combinations:

 
CONTENT-TYPE ACCEPT
application/xml application/xml
application/json application/json
application/xml application/json
application/json application/xml
 
 
 
Consider:
  1. You must have an active PayU account.
  2. You must install a valid SSL certificate on your server and your site should be able to make SSL connections, which is why the virtual machine must have appropriate security extensions.
  3. Temporarily, do not use security certificates elliptic curve or those who have the suite of encryption TLS_ECDHE_ECDSA_WITH_RC4_128_SHA in your payment requests.
  4. You must have CGI or server languages such as Java, C#, VB, PHP, etc.
  5. You must be able to store your authentication credentials (API Key and API Login) safely.
  6. The encoding for messages must be UTF-8.
  7. The dates must have format yyyy-MM-ddTHH:mm:ss, the time format is 24 hours. Eg. 2015-08-22T21:35:12.
  8. Normally the connection guarantees response times of 3 seconds on average, if there is an abnormal situation, the maximum response time is 1 minute. It is highly recommended that you set “timeouts” when you connect with PayU.
  9. It is important to validate the length and numbers of credit cards by franchise, together with the security codes.