Resources
Here you can find all the basic resources for the new integration.
INTEGRATION TOOLKIT
Try our IntegrationUse the below attributes to try out the integration in sandbox.
| Attribute | Value | Description |
|---|---|---|
| Sandbox endpoint | https://sandbox.cashfree.com/pg | Use this endpoint to access any resource for the new API. For example - to create an order use the following complete URL - https://sandbox.cashfree.com/pg/orders |
| Production endpoint | https://api.cashfree.com/pg | Use this endpoint to access any resource for the new API. For example - to create an order use the following complete URL in production - https://api.cashfree.com/pg/orders |
| x-client-id | Sample value: 193asdlfjl1adf891 | You can access the appId from the PG merchant dashboard. |
| x-client-secret | Sample value: hkahlyoi08918212khldhgb1 | You can access the secret key from the PG merchant dashboard. |
| x-api-version | 2022-09-01 | With every new update, we will publish a new version for the docs. As of now there, are three version 2021-05-21, 2022-01-01 and latest 2022-09-01. |
| x-idempotency-key | string(uuid) | You can use this to avoid duplicate operations |
Errors
The error object looks as below. Any non 200 response should be treated as an error. For example if you do not pass the version header, the api will respond with a 400 response code (bad request). The type and code variables should help you identify what is wrong with your requests.
{
"message": "version is missing in header",
"code": "request_failed",
"type": "invalid_request_error"
}
The following is an exhaustive list of error types.
| Error Type | Description |
|---|---|
| authentication_error | Authentication error is thrown if your x-client-id or x-client-secret are incorrect. |
| invalid_request_error | Invalid request error is thrown when your request body or request headers are not in order. |
| rate_limit_error | Rate limit error is thrown with response cod 429. We throw this error when you breach our API limits. You can use the response headers to know more about the limits and other details. (see below for more details). |
| api_error | Something went wrong with the API. Please retry after sometime. |
Rate limiting
We use rate limiting for all endpoints. Read more on rate limits here.
Idempotency
Idempotency works by saving the resulting status code and body of the first request made for any given idempotency key, regardless of whether it succeeded or failed. Subsequent requests with the same key return the same result, including 500 errors.
Currently supported on all POST calls that uses x-client-id & x-client-secret. To use enable, pass x-idempotency-key in the request header. The value of this header must be unique to each operation you are trying to do. One example can be to use the same order_id that you pass while creating orders
| Header name | ExampleD | Description |
|---|---|---|
| x-idempotency-replayed | true or false | If the request was successful earlier you would get true |
| x-idempotency-key | string, uuid etc | A key for idempotency |
Timeout Configuration
We suggest to set specific timeouts for each API that your application makes. You can use below timeouts as reference for our APIs.
| API | Timeout (seconds) |
|---|---|
| Create Order | 5 |
| Get Order | 5-8 |
| Pay Order | 12-15 |
| Get Payments | 5-8 |
| Get Settlements | 12-15 |
| Initiate Refund | 4-6 |
| Get refund | 4-6 |
Updated 12 months ago