Skip to main content
POST
/
orders
/
sessions
curl --request POST \
  --url https://sandbox.cashfree.com/pg/orders/sessions \
  --header 'Content-Type: application/json' \
  --header 'x-api-version: <x-api-version>' \
  --data '
{
  "payment_method": {
    "card": {
      "card_cvv": "900",
      "card_display": "3243",
      "card_expiry_mm": "03",
      "card_expiry_yy": "26",
      "card_number": "4111111111111111",
      "channel": "link",
      "cryptogram": "AQBBBBBBZatIlaIAmWKSghwBBBB=",
      "token_requestor_id": "22457512314",
      "token_type": "ISSUER_GC_TOKEN"
    }
  },
  "payment_session_id": "session__CvcEmNKDkmERQrxnx39ibhJ3Ii034pjc8ZVxf3qcgEXCWlgDDlHRgz2XYZCqpajDQSXMMtCusPgOIxYP2LZx0-05p39gC2Vgmq1RAj--gcn"
}
'
{
  "payment_method": "card",
  "channel": "link",
  "action": "link",
  "cf_payment_id": 91235,
  "payment_amount": 22.42,
  "data": {
    "url": "https://sandbox.cashfree.com/pg/view/gateway/FHsuvhayLM5mmhINoqri7ba296e2ebca8b98e6119f6223021a13",
    "payload": {
      "name": "card"
    },
    "content_type": "application/x-www-form-urlencoded",
    "method": "post"
  }
}

Headers

x-api-version
string
default:2022-09-01
required

API version to be used

x-request-id
string

Request id for the API call. Can be used to resolve tech issues. Communicate this in your tech related queries to cashfree

x-idempotency-key
string<UUID>

Idempotency works by saving the resulting status code and body of the first request made for any given idempotency key, regardless of whether it succeeded or failed. Subsequent requests with the same key return the same result, including 500 errors.

Currently supported on all POST calls that uses x-client-id & x-client-secret. To use enable, pass x-idempotency-key in the request header. The value of this header must be unique to each operation you are trying to do. One example can be to use the same order_id that you pass while creating orders

Body

application/json

Request body to create a transaction at cashfree using payment_session_id

Complete object for the pay api that uses payment method objects

payment_session_id
string
required
Example:

"session__CvcEmNKDkmERQrxnx39ibhJ3Ii034pjc8ZVxf3qcgEXCWlgDDlHRgz2XYZCqpajDQSXMMtCusPgOIxYP2LZx0-05p39gC2Vgmq1RAj--gcn"

payment_method
CardPaymentMethod · object
required

The card payment object is used to make payment using either plain card number, saved card instrument id or using cryptogram

Example:
{
  "card": {
    "channel": "link",
    "card_number": "4111111111111111",
    "card_expiry_mm": "03",
    "card_expiry_yy": "28",
    "card_cvv": "123"
  }
}
save_instrument
boolean
offer_id
string

This is required if any offers needs to be applied to the order.

Example:

"faa6cc05-d1e2-401c-b0cf-0c9db3ff0f0b"

Response

OK

Order Pay response once you create a transaction for that order

payment_amount
number

total amount payable

cf_payment_id
integer<int64>

Payment identifier created by Cashfree

payment_method
enum<string>

One of ["upi", "netbanking", "card", "app", "cardless_emi", "paylater", "banktransfer"]

Available options:
netbanking,
card,
upi,
app,
cardless_emi,
paylater,
banktransfer
channel
enum<string>

One of ["link", "collect", "qrcode"]. In an older version we used to support different channels like 'gpay', 'phonepe' etc. However, we now support only the following channels - link, collect and qrcode. To process payments using gpay, you will have to provide channel as 'link' and provider as 'gpay'

Available options:
link,
collect,
qrcode,
post
action
enum<string> | null

One of ["link", "custom", "form"]

Available options:
link,
custom,
form,
post
data
OrderPayData · object

the data object pay api

Example:
{
  "url": "https://examplebank.com/sendTo/897?q",
  "payload": {
    "MD": 89811231231,
    "PaReq": "89123l1j2l3j1ljkkl="
  },
  "content_type": "application/x-www-form-encoded",
  "method": "post"
}