Follow the below steps to integrate with Pine Labs Online ICB on UPI.

[Prerequisite] Generate Token
ICB Offer Discovery
ICB Offer Validation
Validate VPA
Create ICB Order
Create ICB Payment
Handle Payment
1. Store Payment Details on Your Server
2. Verify Payment Signature
Get Order by Order ID

📘 Note

Ensure you store your client_id and client_secret in your Backend securely.

Integrate our APIs on your backend system.

We strictly recommend not to call our APIs from the frontend.

Failure to adhere to the above guidelines may result in legal implications. In such cases, you will be held responsible for any damage or loss arising from non-compliance.

1. [Prerequisite] Generate Token

Integrate our Generate Token API in your backend servers to generate the access token. Use the token generated to authenticate Pine Labs Online APIs.

Below are the sample requests and response for the Generate Token API.

cURL

curl --location 'https://pluraluat.v2.pinepg.in/api/auth/v1/token' \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--header 'Request-Timestamp: 2024-07-09T07:57:08.022Z' \
--header 'Request-ID: c17ce30f-f88e-4f81-ada1-c3b4909ed235' \
--data '
{
  "client_id": "a17ce30e-f88e-4f81-ada1-c3b4909ed232",
  "client_secret": "fgwei7egyhuggwp39w8rh",
  "grant_type": "client_credentials"
}
'

Refer to our Generate Token API documentation to learn more.

2. ICB Offer Discovery

Use this API to check the Instant Cashback Offers for a UPI payment.

Below are the sample requests and response for the ICB Offer Discovery API.

cURL

curl --request POST \
     --url https://pluraluat.v2.pinepg.in/api/affordability/v1/offer/discovery \
     --compressed \
     --header 'Accept-Encoding: gzip' \
     --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c' \
     --header 'Content-Type: application/json' \
     --header 'Request-ID: c17ce30f-f88e-4f81-ada1-c3b4909ed235' \
     --header 'Request-Timestamp: 2024-07-09T07:57:08.022Z' \
     --header 'accept: application/json' \
     --data '
{
  "product_details": [
    { "product_code": "SAM_BUNDLE_04", "product_amount": { "currency": "INR", "value": 1000000 } },
    { "product_code": "SAM_BUNDLE_05", "product_amount": { "currency": "INR", "value": 1000000 } },
    { "product_code": "SAM_BUNDLE_06", "product_amount": { "currency": "INR", "value": 1000000 } }
  ],
  "order_amount": { "currency": "INR", "value": 3000000 }
}
'

Refer to our ICB Offer Discovery API documentation to learn more.

📘 Note:

The ICB Offer Discovery API returns the list of available Instant Cashback offers for the selected product.

Select the offer that best meets your customer's requirements.

Validate the choice by passing the selected tenure to the ICB Offer Validation API.

3. ICB Offer Validation

Use this API for validating the offer which has to be applied.

Below is a sample request and response for the ICB Offer Validation API.

cURL

curl --request POST \
     --url https://pluraluat.v2.pinepg.in/api/affordability/v1/offer/validate \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '
{
  "merchant_payment_reference": "$guid",
  "payment_method": "UPI",
  "order_amount": { "value": 500, "currency": "INR" },
  "payment_amount": { "value": 400, "currency": "INR" },
  "payment_option": {
    "upi_details": {
      "txn_mode": "INTENT",
      "payer": { "phone_number": "9868608104", "vpa": "nikhiljha122-1@okhdfcbank" }
    }
  },
  "offer_data": {
    "offer_details": {
      "tenure": {
        "offer_ranking": 1,
        "issuer_offer_parameters": [
          { "program_type": "BRAND_EMI", "offer_id": "6040", "offer_parameter_id": "v1-37-10-7-1-6040-287177" }
        ],
        "details": [
          {
            "product_code": "ICB_BOSCH_001",
            "brand_id": "7",
            "product_offer_parameters": [
              { "program_type": "BRAND_OFFER", "offer_id": "6040", "offer_parameter_id": "v1-37-10-7-2-6040-287177" }
            ],
            "product_amount": { "currency": "INR", "value": 500 },
            "interest_rate": 0,
            "discount": {
              "discount_type": "INSTANT",
              "percentage": 0,
              "amount": { "currency": "INR", "value": 100 }
            }
          }
        ],
        "discount": { "discount_type": "INSTANT", "percentage": 0, "amount": { "currency": "INR", "value": 100 } },
        "loan_amount": { "currency": "INR", "value": 400 },
        "auth_amount": { "currency": "INR", "value": 400 },
        "total_discount_amount": { "currency": "INR", "value": 100 },
        "net_payment_amount": { "currency": "INR", "value": 500 },
        "interest_rate_percentage": 0,
        "emi_type": "STANDARD",
        "is_mobile_number_required_for_eligibility": true,
        "is_offer_auto_applied": true
      }
    }
  }
}
'

Refer to our ICB Offer Validation API documentation to learn more.

4. Validate VPA

Use this API to validate the VPA handle of your customer with the registered VPA handle.

Below are the sample requests and response for Validate VPA API.

cURL

curl --location 'https://pluraluat.v2.pinepg.in/payment-option' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Merchant-ID: {merchantId}' \
--header 'Correlation-ID: {correlationId}' \
--header 'Authorization: Bearer ' \
--data '{
  "payment_option": {
    "upi_details": {
      "payer": { "fetch_vpa": true, "phone_number": "{{phone-number}}" }
    }
  },
  "payment_method": "UPI"
}'

Refer to our Validate VPA API documentation to learn more.

5. Create ICB Order

To create an ICB Order, use our Create ICB Order API, for authentication use the generated access token in the headers of the API request.

Below are the sample requests and response for a Create ICB Order API.

cURL

curl --request POST \
     --url https://pluraluat.v2.pinepg.in/api/pay/v1/orders \
     --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c' \
     --header 'Content-Type: application/json' \
     --header 'Request-ID: c17ce30f-f88e-4f81-ada1-c3b4909ed235' \
     --header 'Request-Timestamp: 2024-07-09T07:57:08.022Z' \
     --header 'accept: application/json' \
     --data '
{
  "merchant_order_reference": "{{$guid}}",
  "order_amount": { "value": 1000000, "currency": "INR" },
  "pre_auth": false,
  "callback_url": "https://www.google.com/",
  "failure_callback_url": "https://www.chatgpt.com",
  "purchase_details": {
    "account_details": {
      "bank_details": { "account_number": "41620100006421", "ifsc_code": "", "bank_name": "" }
    },
    "customer": {
      "email_id": "aayush1.sam@gmail.com",
      "first_name": "joe",
      "last_name": "kumar",
      "mobile_number": "9868608104",
      "billing_address": {
        "address1": "H.No 15, Sector 17", "address2": "", "address3": "",
        "pincode": "61232112", "city": "CHANDIGARH", "state": "PUNJAB", "country": "INDIA"
      },
      "shipping_address": {
        "address1": "H.No 15, Sector 17", "address2": "string", "address3": "string",
        "pincode": "144001123", "city": "CHANDIGARH", "state": "PUNJAB", "country": "INDIA"
      }
    },
    "merchant_metadata": { "key1": "", "key2": "" }
  }
}
'

Refer to our Create ICB Order API documentation to learn more.

6. Create ICB Payment

To create a payment, use our Create ICB Payment API, use the order_id returned in the response of a Create ICB Order API to link the payment against an order.

Below are the sample requests and sample response for Create ICB Payment API.

cURL

curl --request POST \
     --url https://pluraluat.v2.pinepg.in/api/pay/v1/orders/{order_id}/payments \
     --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c' \
     --header 'Content-Type: application/json' \
     --header 'Request-ID: c17ce30f-f88e-4f81-ada1-c3b4909ed235' \
     --header 'Request-Timestamp: 2024-07-09T07:57:08.022Z' \
     --header 'accept: application/json' \
     --data '
{
  "payments": [
    {
      "merchant_payment_reference": "{{$guid}}",
      "payment_method": "UPI",
      "payment_amount": { "value": 450, "currency": "INR" },
      "payment_option": {
        "upi_details": {
          "txn_mode": "INTENT",
          "payer": { "phone_number": "9868608104", "vpa": "nikhiljha122-1@okhdfcbank" }
        }
      }
    }
  ]
}
'

Refer to our Create ICB Payment API documentation to learn more.

7. Handle Payment

In create ICB payment API response we return a challenge_url, use this challenge url to navigate your customers to the checkout page to accept payment.

📘 Note:

On successful payment we send the webhook event ORDER_PROCESSED and the status of the payment is updated to processed.

7.1. Store Payment Details on Your Server

On a successful and failed payment, we return the following fields to the return url.

We recommend you to store the payment details on your server.
You must validate the authenticity of the payment details returned. You can authenticate by verifying the signature.

JSON

{
  "order_id": "v1-4405071524-aa-qlAtAf",
  "status": "PROCESSED",
  "signature": "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
}

7.2. Verify Payment Signature

Ensure you follow this as a mandatory step to verify the authenticity of the details returned to the checkout form for successful payments.

Follow the below steps to verify the signature.

Create a signature on your server using the following parameters using the SHA256 algorithm.
1. order_id: Unique Identifier generated for an order request on Pine Labs Online database.
2. payment_status: Payment status.
3. error_code: Short code for the error returned.
4. error_message: Corresponding error message for the code.
5. secret_key: The Onboarding team has provided you with this information as part of the onboarding process.

Use the below sample code to construct HashMap signature using the SHA256 algorithm.

Java

import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

public class hash {
    public static void main(String[] args) {
        String input = "<string>";
        String secretKey = "<secret_key>";
        String hash = GenerateHash(input, secretKey);
        System.out.println("Generated Hash: " + hash);
    }

    public static String GenerateHash(String input, String strSecretKey) {
        String strHash = "";
        try {
            if (!isValidString(input) || !isValidString(strSecretKey)) {
                return strHash;
            }
            byte[] convertedHashKey = new byte[strSecretKey.length() / 2];
            for (int i = 0; i < strSecretKey.length() / 2; i++) {
                convertedHashKey[i] =
                        (byte) Integer.parseInt(strSecretKey.substring(i * 2, (i * 2) + 2), 16);
            }
            strHash = hmacDigest(input, convertedHashKey, "HmacSHA256");
        } catch (Exception ex) {
            strHash = "";
        }
        return strHash.toUpperCase();
    }

    private static String hmacDigest(String msg, byte[] keyString, String algo) {
        String digest = null;
        try {
            SecretKeySpec key = new SecretKeySpec(keyString, algo);
            Mac mac = Mac.getInstance(algo);
            mac.init(key);
            byte[] bytes = mac.doFinal(msg.getBytes("UTF-8"));
            StringBuilder hash = new StringBuilder();
            for (byte b : bytes) {
                String hex = Integer.toHexString(0xFF & b);
                if (hex.length() == 1) {
                    hash.append('0');
                }
                hash.append(hex);
            }
            digest = hash.toString();
        } catch (UnsupportedEncodingException | InvalidKeyException | NoSuchAlgorithmException e) {
            // log error
        }
        return digest;
    }

    public static boolean isValidString(String str) {
        return str != null && !"".equals(str.trim());
    }
}

📘 Note:

To create a request string, format the key-value pairs of data returned to the return URL. The pairs are separated by & and arranged in ascending order based on a lexicographical comparison of the keys.

Shown below is an example to create a request string.

Text

order_id=random_order_id&status=AUTHORIZED

If the signature generated on your server matches the Pine Labs Online signature returned in the return URL, it confirms that the payment details are from Pine Labs Online.
Capture the status returned on your database.

8. Get Order by Order ID

Use this API to retrieve the order by order ID.

Below are the sample requests and sample response for Get Order by Order ID.

cURL

curl --request GET \
     --url https://pluraluat.v2.pinepg.in/api/pay/v1/orders/v1-4405071524-aa-qlAtAf \
     --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c' \
     --header 'Content-Type: application/json' \
     --header 'Request-ID: c17ce30f-f88e-4f81-ada1-c3b4909ed235' \
     --header 'Request-Timestamp: 2024-07-09T07:57:08.022Z' \
     --header 'accept: application/json'

Refer to our Get Order by Order ID API documentation to learn more.

To Know Your Payment Status

To check your payment status, you can either rely on Webhook events or use our Get Orders APIs for real-time updates.

Webhook Notification: We send Webhook notifications on the successful payment or any changes to the payments object. Refer to our Webhooks documentation to learn more.
Get Orders API: Use our Get Orders API to know the real time status of the payment. Refer to our Manage Orders documentation to learn more.
Refunds: Pine Labs Online processes refund directly to the customer's original payment method to prevent chargebacks. Refer to our Refunds documentation to learn more.