Search Documentation
Search across all documentation pages, APIs and guides.
Payment API — Redirection
The Redirection Payment API is the most widely adopted integration method. Your server creates a checkout session, and the customer is redirected to the secure OnePay hosted payment page, no new tab, same window. After payment, the customer is returned to your transaction_redirect_url.
Base URL
All API requests should be made to the following base URL:
Onepay API hash generation tutorial
To secure your payment requests, Onepay requires a SHA-256 hash in the request body. This hash ensures that the transaction details have not been tampered with.
1. Create Transaction
Creates a payment request and returns a redirect URL to the Onepay Payment Gateway. You can associate items with the transaction if needed.
| PARAMETER | TYPE | DESCRIPTION |
|---|---|---|
app_idrequired | string | Your unique application identifier from the merchant dashboard. |
amountrequired | number | The transaction amount, e.g. 100.00. Use two decimal places. |
currencyrequired | string | Three-letter ISO currency code. Accepted values: LKR, USD. |
hashrequired | string | SHA-256 hash of app_id + currency + amount + HASH_SALT. Generate server-side. |
referencerequired | string | Your internal order or reference ID. Used to correlate transactions in your system. |
customer_first_namerequired | string | Customer's first name. |
customer_last_namerequired | string | Customer's last name. |
customer_phone_numberrequired | string | Customer's phone number in E.164 format, e.g. +94771234567. |
customer_emailrequired | string | Customer's email address. Used for payment receipts. |
transaction_redirect_urlrequired | string | The URL the customer is redirected to after payment. Must be HTTPS. |
additionalDataoptional | string | Any additional metadata you want to associate with the transaction. |
itemsoptional | array | Array of item IDs created via the Items API. Attaches itemized billing details to the transaction. |
How to Initiate a Postman Request
Follow the steps below to initiate a request using Postman. A detailed walkthrough video will be added shortly for your reference.
2. Transaction Status
After a customer completes (or cancels) payment, verify the outcome by querying the transaction status endpoint. Always verify server-side do not rely solely on URL parameters returned to your redirect page.
| PARAMETER | TYPE | DESCRIPTION |
|---|---|---|
app_idrequired | string | Your unique application identifier. |
onepay_transaction_idrequired | string | The transaction ID returned in the ipg_transaction_id field when the transaction was created. |
| FIELD | TYPE | DESCRIPTION |
|---|---|---|
status | boolean | true if the payment was successful. |
ipg_transaction_id | string | OnePay's internal transaction identifier. |
amount | number | The amount charged. |
currency | string | Currency of the transaction. |
paid_on | string | Timestamp of payment confirmation in YYYY-MM-DD HH:mm:ss format. |
3. Onepay webhook callback setup
Set up your system to receive transaction status updates:
- Update your callback URL in the APP section of the Onepay portal
- Your endpoint should be configured to accept POST requests with JSON payloads
- After transaction completion, Onepay will send a callback with transaction details
| FIELD | TYPE | DESCRIPTION |
|---|---|---|
transaction_id | string | The provided transaction ID (e.g. WQBV118E584C83CBA50C6). |
status | number | A numeric representation of the status (e.g. 1). |
status_message | string | A message describing the status (e.g. SUCCESS). |
additional_data | string | Any additional data provided during the transaction creation. |
{"transaction_id": "WQBV118E584C83CBA50C6","status": 1,"status_message": "SUCCESS","additional_data": ""}
On This Page