WebCheckout integration
WebCheckout integration lets your customers select the items they want to purchase in your shop and perform the payment in our Payment gateway (WebCheckout).
Integrations
According to your business needs, select how to integrate your shop with the PayU services and tools.
Implement PayU with the aggregator model or gateway, using PayU’s financial agreements or your own. Select the integration that fits best with your needs:
Checkout integration
PayU Checkout is an integration that allows you to collect through a PayU web form from any device in a simple, fast and secure way.
- PayU manages the payment system
- Easier integration, equally secure
- Since PayU manages the payment platform, it is easier to get PCI DSS certification
How to get variables for integration
Regardless of the integration selected, you may require any of the following variables in the request of the methods.
API key and API Login
-
Log in to PayU.com and click the login option located at the top of the page. Alternatively, you can log in to https://merchants.payulatam.com/.
-
Click Settings and then select Technical configuration.
- In this window, you find both the API key and API Login which allows you to authenticate your commerce during the integration procedure.
Warning
Both keys are unique per commerce in PayU, therefore, you must keep this information secured and their usage or disclosure is under your responsibility.Authentication signature
The variable signature is used to validate the payments performed through the platform, ensuring their authenticity. This variable is a string value encrypted using MD5 or SHA algorithms and follows this structure.
ApiKey~merchantId~referenceCode~tx_value~currency
Let’s build a signature using the following test values:
- ApiKey:
4Vj8eK4rloUd272L48hsrarnUA - merchantId:
508029 - referenceCode:
TestPayU - tx_value:
3 - currency:
USD
The string is these values concatenated with the tilde character (~):
4Vj8eK4rloUd272L48hsrarnUA~508029~TestPayU~3~USD
After you apply the MD5 algorithm, the signature value is:
ba9ffa71559580175585e45ce70b6c37
deviceSessionId variable
The deviceSessionId is a code with the information of the device where the transaction was generated and provides a unique identifier for the device. This variable lets us identify attackers.
- To perform either API or SDK integration, you need to include the following script in your payment form:
<script type="text/javascript" src="https://maf.pagosonline.net/ws/fp/tags.js?id=${deviceSessionId}80200"></script>
<noscript>
<iframe style="width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;" src="https://maf.pagosonline.net/ws/fp/tags.js?id=${deviceSessionId}80200"></iframe>
</noscript>
- It is important to generate the
deviceSessionIdper each transaction. To generate thedeviceSessionIdget thesession_idof the cookie and concatenate it with the current timestamp along with the milliseconds. Then, encrypt the result using MD5.
Example in PHP
$deviceSessionId = md5(session_id().microtime())
For example, if the $deviceSessionId is d66f949f19b33e88c202b579cfc549b3, the script is as follows:
<script type="text/javascript" src="https://maf.pagosonline.net/ws/fp/tags.js?id=d66f949f19b33e88c202b579cfc549b380200"></script>
<noscript>
<iframe style="width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;" src="https://maf.pagosonline.net/ws/fp/tags.js?id=d66f949f19b33e88c202b579cfc549b380200"></iframe>
</noscript>
- Finally, you must send the
$deviceSessionIdin the variable according to the integration selected:
- For API:
transaction.deviceSessionId - For SDK JAVA:
PayU.PARAMETERS.DEVICE_SESSION_ID - For SDK PHP:
PayUParameters::DEVICE_SESSION_ID
Topics in this Section
API Integration
PayU’s API integration allows your business to process transactions from different types of applications (web, mobile, IVR, etc).
SDK Integration
PayU’s Software Development Kit (SDKs) provides a simple solution for a complex integration.
Last modified
June 24, 2022:
clon issue (d73e43fe)