Debit is a UI based workflow to allow for Login/Registration to accept payments.

Request Headers

Header NameHeader Value
X-VERIFYSHA256(base64 encoded payload + "/v3/debit" +
salt key) + ### + salt index
X-REDIRECT-URLDynamic redirect URI for UI callback
X-REDIRECT-MODEHTTP mode to be used for UI callback
X-CALLBACK-URLDynamic callback URI for server to server callback
X-CALL-MODEHTTP mode to be used for server to server callback
X-PROVIDER-IDUsed for the cases where the merchant has multiple merchant IDs

Sample Request

   "message":"payment for order placed OD1234",
   "email":"amit***[email protected]",
  "request": "eyAgCiAgICJtZXJjaGFudElkIjoiVUFUTUVSQ0hBTlQiLAogICAidHJhbnNhY3Rpb25JZCI6IlRYMTIzNDU2Nzg5IiwKICAgIm1lcmNoYW50VXNlcklkIjoiVTEyMzQ1Njc4OSIsCiAgICJhbW91bnQiOjEwMCwKICAgIm1lcmNoYW50T3JkZXJJZCI6Ik9EMTIzNCIsCiAgICJtb2JpbGVOdW1iZXIiOiI5eHh4eHh4eHh4IiwKICAgIm1lc3NhZ2UiOiJwYXltZW50IGZvciBvcmRlciBwbGFjZWQgT0QxMjM0IiwKICAgInN1Yk1lcmNoYW50SWQiOiJEZW1vTWVyY2hhbnQiLAogICAiZW1haWwiOiJhbWl0KioqNzVAZ21haWwuY29tIiwKICAgInNob3J0TmFtZSI6IkFtaXQiCn0="

Request Parameters

Parameter NameTypeDescriptionMandatory
merchantIdSTRINGUnique MerchantID assigned to the merchant by PhonePeYes
transactionIdSTRINGUnique TransactionID generated by the merchant to track request to PhonePe
transactionId length should be less than 38 characters.
merchantUserIdSTRINGUnique UserID generated by merchant. This is used to pre-login users authenticated on PhonePe. Un-authenticated users are redirected to PhonePe login page. Conversions are higher when this is provided. Avoid passing email/mobile number.
Skip this for guest users.
merchantUserId length should be less than 64 characters.

userAuthTokenSTRINGUnique userAuthTokengiven to merchant in OTP flow. This is used to pre-login users authenticated on PhonePe. If not passed users will be redirected to PhonePe login page.

amountLONGTransaction amount in PaiseYes
merchantOrderIdSTRINGOrderID generated by the merchant
merchantOrderId length should be less than 48 characters.
subMerchantIdSTRING.Tag to categorize merchant transaction.
Skip this field if you don't have multiple merchants tagged under one merchant id
mobileNumberSTRINGMobile number of the userNo
messageSTRINGShort message. This message is displayed to the user on completion of payment.No
emailSTRINGEmail address of the userNo
shortNameSTRINGUser's name pre-filled for registration purpose.No

Sample Response



Handling the Debit API Response

  • The HTTP Response Code will be 302.

  • Merchant has to check the Headers with the key "Location" which contains the token to form the PhonePe Payment redirection URL. The value of the key "Location" has to be appended with the Host URL to get the complete redirection URL.

Example for UAT:
Host URL:

Value of Header with Key: "Location":

The Complete Redirection URL will be:

Response Parameters

Parameter NameTypeDescription
successBooleanSuccess status of the request
codeEnumSee list of response codes below
shortNameStringShort message about code

Debit API Response Codes

Regular Debit Response Codes

INVALID_USER_AUTH_TOKENThe userAuthToken provided is either invalid or not mapped to merchant.
BAD_REQUESTInvalid request payload
INTERNAL_SERVER_ERRORSomething went wrong



  1. Make sure that 'follow redirection' is disabled while calling this API.
    URL obj = new URL(url);
    HttpURLConnection conn = (HttpURLConnection) obj.openConnection();

  2. It's recommended to have the server-to-server callback by passing the x-callback-url header.

Once the transaction is complete, user will be redirected back to the merchant.

Click Try It! to start a request and see the response here!