Resources

Here you can find all the basic resources for the new integration.

Use the below attributes to try out the integration in sandbox.

Attribute

Value

Description

Sandbox endpoint

https://sandbox.cashfree.com/pg

Use this endpoint to access any resource for the new API. For example - to create an order use the following complete URL - https://sandbox.cashfree.com/pg/orders

Production endpoint

https://api.cashfree.com/pg

Use this endpoint to access any resource for the new API. For example - to create an order use the following complete URL in production - https://api.cashfree.com/pg/orders

x-client-id

Sample value: 193asdlfjl1adf891

You can access the appId from the PG merchant dashboard.

x-client-secret

Sample value: hkahlyoi08918212khldhgb1

You can access the secret key from the PG merchant dashboard.

x-api-version

2022-01-01

With every new update, we will publish a new version for the docs. As of now there, are two version 2021-05-21 and latest 2022-01-01.

x-idempotency-key

string(uuid)

You can use this to avoid duplicate operations

Errors

The error object looks as below. Any non 200 response should be treated as an error. For example if you do not pass the version header, the api will respond with a 400 response code (bad request). The type and code variables should help you identify what is wrong with your requests.

{
  "message": "version is missing in header",
  "code": "request_failed",
  "type": "invalid_request_error"
}

The following is an exhaustive list of error types.

Error Type

Description

authentication_error

Authentication error is thrown if your x-client-id or x-client-secret are incorrect.

invalid_request_error

Invalid request error is thrown when your request body or request headers are not in order.

rate_limit_error

Rate limit error is thrown with response cod 429. We throw this error when you breach our API limits. You can use the response headers to know more about the limits and other details. (see below for more details).

api_error

Something went wrong with the API. Please retry after sometime.

Rate limiting

We use rate limiting for all endpoints. Rate limiting is based on your IP and your account Id. By default the following rate limits are applied per minute in sandbox. You can also view your rate limits in the response headers.

API

Rate limit value per minute

Rate limit type

Create Order

30

Account

Get Order

60

Account

Pay Order

30

IP

Get Payments

30

Account

Get Settlements

20

Account

Initiate Refund

30

Account

Get refund

60

Account

Rate limiting headers

All responses will have the following headers to help merchants understand rate limiting

Header name

Example

Description

x-ratelimit-limit

100

Max number of calls that can be made in a minute

x-ratelimit-remaining

30

Remaining number of calls that can be made in a minute

x-ratelimit-retry

0

Number of seconds you will have to wait to make the next call

x-ratelimit-type

app_id or ip

Type of rate limiting applied

Idempotency

Idempotency works by saving the resulting status code and body of the first request made for any given idempotency key, regardless of whether it succeeded or failed. Subsequent requests with the same key return the same result, including 500 errors.
Currently supported on all POST calls that uses x-client-id & x-client-secret. To use enable, pass x-idempotency-key in the request header. The value of this header must be unique to each operation you are trying to do. One example can be to use the same order_id that you pass while creating orders

Header name

ExampleD

Description

x-idempotency-replayed

true or false

If the request was successful earlier you would get true

x-idempotency-key

string, uuid etc

A key for idempotency


Did this page help you?