API Integration

PayU’s API integration allows your business to process transactions from different types of applications (web, mobile, IVR, etc).

You can connect your online store to the PayU platform and the checkout process will be handled on your website. To integrate this option you must have a PayU Business account and advanced programming skills.

Access multiple payment methods (varies per country), including credit cards, bank transfers, and cash payments.

API integration

Initial settings

PayU allows you to integrate with the transactional gateway, available payment tools and Queries by developing a HTTPS client to send the transaction information through SSL. It is critical that sensitive transaction data such as credit card number, expiration date, are not stored. It is recommended to follow PCI DSS’ best practices (Payment Card Industry Data Security Standard).

The transmission of transactions is secured through a TLS (Transport Layer Security) 256-bit connection from the shop’s server our payment Gateway. The exchange of messages is done via JSON or XML strings and operations are distinguished by a command that is included in the request. Check out the following JSON and XML examples:


POST /payments-api/4.0/service.cgi HTTP/1.1
Host: sandbox.api.payulatam.com
Content-Type: application/json; charset=utf-8
Accept: application/json
Content-Length: length
{
   "test": false,
   "language": "en",
   "command": "GET_PAYMENT_METHODS",
   "merchant": {
      "apiLogin": "xxxxxxxxxxxxx",
      "apiKey": "xxxxxxxxxxxxx"
   }
}

POST /payments-api/4.0/service.cgi HTTP/1.1
Host: sandbox.api.payulatam.com
Content-Type: application/json; charset=utf-8
Accept: application/xml
Content-Length: length
<request>
   <language>en</language>
   <command>GET_PAYMENT_METHODS</command>
   <merchant>
      <apiLogin>xxxxxxxxxxxxx</apiLogin>
      <apiKey>xxxxxxxxxxxxx</apiKey>
   </merchant>
   <isTest>false</isTest>
</request>

You can set the language you want to use in the request through the Content-type and Accept HTTP headers. You can use all possible combinations:

CONTENT-TYPE ACCEPT
application/xml application/xml
application/json application/json
application/xml application/json
application/json application/xml

Considerations

  • You must have an active PayU account.
  • You must install a valid SSL certificate in your server and your site must be able to make SSL connections. Due to this, the virtual machine must have appropriate security extensions.
  • Temporarily, do not use security certificates elliptic curve or those who have the suite of encryption TLS_ECDHE_ECDSA_WITH_RC4_128_SHA in your payment requests.
  • You must have CGI or server languages such as Java, C#, VB, PHP, etc.
  • You must be able to store your authentication credentials (API Key and API Login) safely.
  • The encoding for messages must be UTF-8.
  • The dates must have format yyyy-MM-ddTHH:mm:ss, the time format is 24 hours. Example: 2015-08-22T21:35:12.
  • Normally the connection guarantees response times of three seconds on average. If there is an unusual situation, the maximum response time is one minute. It is highly recommended that you set timeouts when you connect with PayU.
  • It is important to validate the length and numbers of credit cards by franchise, together with the security codes.

Available features


Topics in this Section

Payments API - Argentina

Payments API Argentina lets your shop process different transaction types with multiple payment methods.

Payments API - Brazil

Payments API Brazil lets your shop process different transaction types with multiple payment methods.

Payments API - Chile

Payments API Chile lets your shop process different transaction types with multiple payment methods.

Payments API - Colombia

Payments API Colombia lets your shop process different transaction types with multiple payment methods.

Payments API - Mexico

Payments API Mexico lets your shop process different transaction types with multiple payment methods.

Payments API - Panama

Payments API Panama lets your shop process different transaction types with multiple payment methods.

Payments API - Peru

Payments API Peru lets your shop process different transaction types with multiple payment methods.

Queries API

Queries API lets you check the status of the placed orders along with their transactions.

Tokenization API

Tokenization API allows you to safely store the data of your customers' credit cards through the creation of a token. This token lets you make regular charges or implement the 1 Click payment feature, following PCI DSS (Payment Card Industry Data Security Standard) security standards to handle credit card data.

Promotions API for Argentina and Mexico

Promotions feature lets you consult the valid promotions, along with their associate costs, characteristics, and further relevant information available for your customers. Promotions API applies only to Argentina and Mexico (MSI - Meses Sin Intereses).

Voids and Refunds API

This feature allows you to request the cancellation or the refund of the transactions authorized or charged. You can create the refund request using the Refund or Void method according to the status of the transaction.

Payouts API

This feature allows you to create multiple and secure payments for third parties (users, merchants, providers, customers, etc.) using the funds you have in your PayU Account.

Last modified June 29, 2021: Promotios API added (c307daf)