Handle Webhooks with Node.js SDK

Use callback verification to confirm that the callback you received from PhonePe is authentic.

The standard_phonepe_client.validate_callback method is used to validate webhook or callback responses. You can use this method by passing all the necessary parameters.

Request

The request parameters are as follows:

Request Parameters

Parameter Name	Data Type	Description
`username`	String	Your unique username configured for the callback URL
`password`	String	Your unique password configured for the callback URL
`authorization`	String	The Authorization token sent in the callback response
`responseBody`	String	The actual response body received in the callback as a string

Sample Request

import { StandardCheckoutClient, Env } from 'pg-sdk-node';
 
const clientId = "<clientId>";
const clientSecret = "<clientSecret>";
const clientVersion = <clientVersion>;  //insert your client version here
const env = Env.SANDBOX;      //change to Env.PRODUCTION when you go live
 
const client = StandardCheckoutClient.getInstance(clientId, clientSecret, clientVersion, env);
 
const authorizationHeaderData = "ef4c914c591698b268db3c64163eafda7209a630f236ebf0eebf045460df723a" // received in the response headers
const phonepeS2SCallbackResponseBodyString = "{\"type\": \"PG_ORDER_COMPLETED\",\"payload\": {}}"  // callback body as string
  
const usernameConfigured = "<MERCHANT_USERNAME>"
const passwordConfigured = "<MERCHANT_PASSWORD>" 
 
const callbackResponse = client.validateCallback(
    usernameConfigured,
    passwordConfigured,
    authorizationHeaderData,
    phonepeS2SCallbackResponseBodyString );
 
const orderId = callbackResponse.payload.orderId;
const state = callbackResponse.payload.state;

Response

The function returns a CallbackResponse object containing two main parameters: type, which indicates the event type, and payload, which holds all the event-specific details.

Parameter Name	Data Type	Description
type	CallbackType	Tells you what type of event happened (e.g., order completed, refund failed, etc.)
payload	CallbackData	Contains all the details related to that event

The event type are explained below:

Callback Type	Description
`CHECKOUT_ORDER_COMPLETED`	The payment was successfully completed
`CHECKOUT_ORDER_FAILED`	The payment failed
`PG_REFUND_COMPLETED`	A refund was successfully processed
`PG_REFUND_FAILED`	A refund request failed
`PG_REFUND_ACCEPTED`	PhonePe Payment Gateway acknowledged the refund request, but it’s not completed yet

The payload details are explained below:

CallbackData

Parameter Name	Data Type	Description
`merchantId`	String	Merchant ID from which the request was initiated
`orderId`	String	Order ID generated by PhonePe Payment Gateway (only for order callbacks)
`originalMerchantOrderId`	String	Order ID generated by you (only for order callbacks)
`refundId`	String	Refund ID generated by PhonePe PG (only for refund callbacks)
merchantRefundId	String	Refund ID generated by you (only for refund callbacks)
`state`	String	The current state of the order or refund.
`amount`	Long	The amount processed in paisa.
`expireAt`	Long	The expiry timestamp in epoch format
`errorCode`	String	The error code (only for failed transactions)
`detailedErrorCode`	String	A more detailed error code (only for failures)
`metaInfo`	MetaInfo	Metadata passed during order initialization
`paymentDetails`	List<PaymentDetail>	The Payment details of the transaction

The PaymentRefundDetail property contains a list of payment details for each payment attempt made against an order. The details of each payment are explained in the table below.

Attribute	Data Type	Description
`transactionId`	String	Merchant ID from which the request was initiated
`paymentMode`	String	Order ID generated by PhonePe Payment Gateway (only for order callbacks)
`timestamp`	Long	Order ID generated by you (only for order callbacks)
`state`	String	Attempted transaction state. It can be any one of the following states: • COMPLETED • FAILED • PENDING
`errorCode`	String	Error code (only present when the state is failed)
`detailedErrorCode`	String	A more specific error code (only present when the state is failed)

Exception Handling

Exception handling in the PhonePe SDK is managed through the PhonePeException, which captures errors related to PhonePe APIs. It provides detailed information such as HTTP status code, error code, message, and additional error data to help identify and resolve issues effectively.

PhonePeException

Exception raised for errors related to PhonePe APIs.

Attribute	Description
code	The status code of the http response.
`message`	The http error message.
`httpStatusCode`	The status code of the http response.
`data`	The details of the error that happened while calling PhonePe.

Sample Request

import { StandardCheckoutPayRequest, StandardCheckoutPayResponse } from 'pg-sdk-node';
import { v4 as uuid } from 'uuid';
 
const merchantOrderId = uuid();
const redirectUrl = 'https://www.merchant.com/redirect';
 
const request = StandardCheckoutPayRequest.buidler()
  .merchantOrderId(merchantOrderId)
  .redirectUrl(redirectUrl)
  .build();
 
client.pay(request).then((response) => {
  const checkoutPageUrl = response.redirectUrl;
}).catch((error) => {
    const error = error as PhonePeException;  //error thrown is of PhonePeException type
    console.log(error.message);
});

Response

InstrumentCombo
- Represents a combination of the payment instrument and the payment rail used to complete a transaction.

Property Parameters

Property	Type
`instrument`	PaymentInstrumentV2	Instrument used for the payment.
`rails`	PaymentRail	Rail used for the payment.
`amount`	long	Amount transferred using the above instrument and rail.

PaymentRail
- Defines the type of rail used to initiate payment.

UPI RAIL

Property	Type
`type`	PaymentRailType
`utr`	String
`upi_transaction_id`	String
`vpa`	String

PG RAIL

Property	Type
`type`	PaymentRailType
`transaction_id`	String
`authorization_code`	String
`service_transaction_id`	String

PaymentInstrumentV2
- Represents the instrument used to initiate a payment. Various instrument types are listed below:

ACCOUNT

Property	Type
`type`	PaymentInstrumentType
`ifsc`	String
`account_type`	String
`masked_account_number`	String
`account_holder_name`	String

CREDIT_CARD

Property	Type
`type`	PaymentInstrumentType
`bank_transaction_id`	String
`bank_id`	String
`arn`	String
`brn`	String

DEBIT_CARD

Property	Type
`type`	PaymentInstrumentType
`bank_transaction_id`	String
`bank_id`	String
`arn`	String
`brn`	String

NET_BANKING

Property	Type
`type`	PaymentInstrumentType
`bank_transaction_id`	String
`bank_id`	String
`arn`	String
`brn`	String

EGV

Property	Type
`type`	PaymentInstrumentType
`cardNumber`	String
`programId`	String

WALLET

Property	Type
`type`	PaymentInstrumentType
`walletId`	String

What’s Next?

Now that you have learned how to verify the payment and what happens when the webhook fails, this concludes your website integration. The next step is to complete UAT testing and understand the process to go live.