The Generate OTP for Rupay Card API is used to generate OTP in the Seamless flow. After the customer receives the OTP, you must validate the OTP using the Verify OTP for Rupay Card API.
Endpoint
| Production | https://pgdomain/authentication/api/v1/generateOTP |
| Test | https://areionsbi.pc.enstage-sas.com/authentication/api/v1/generateOTP |
Sample request
curl -X POST https://areionsbi.pc.enstage-sas.com/authentication/api/v1/generateOTP \
-H "Content-Type: application/json" \
-H "pgInstanceId: 720200" \
-d '{
"header": {
"version": "1.0.0.0",
"pgInstanceId":”72702415”,
"x-api-key”: “AF165FBD-4E85-4c66-BEB1C54DC16CD48B”
},
"body": {
“pgInstanceId”:” 72702415”
"merchantId":”123”,
"pan": “6075xxxxxxxx4412”,
"expDate_:"022024",
"cvd2":”123”,
"nameOnCard":”test”,
"email":”[email protected]”,
"currencCode":”356”,
"amount":”11025”
"merchantReferenceNo":”122344sdg”
"orderDesc":”One bat”,
"mobileNumber":”8867772222”,
“cardHolderStatus”:”NW”,
"http_accept": “text/html, application/xhmtl (http accept of a browser)”,
"browser_user_agent":"user agent of a browser",
"customerIpAddress":"ip-address of a customer",
“ext1”:”123456”,
“ext2”:”123456”,
“amountInINR:”11025”,
“originalAmount”:”11025”
“purposeOfAuthentication”:” Token Transaction”,
“tokenAuthenticationValue”:”wwopqds/qww=”
}
}'
Response parameters
| Parameter | M/O/C | Type & Size | Description | Example |
|---|---|---|---|---|
| status | M | N(5) | Transaction Status | success or failed |
| validityPeriod | C | N(2) | The validity of the OTP in minutes for this transaction. Any newly generated OTP for the same transaction will automatically invalidate the old OTPs. | 00 to 30 |
| errorcode | M | N(1-4) | This is a numeric code used to provide success or failure response. | 0 = No Error. For the complete list of error codes, refer to Error codes sub-section and PG Error Codes. |
| errormsg | C | AN(0-(1024) | Description for the error code. | For the complete list of error codes with message, refer to PG Error Codes . |
| pgTransactionId | C | N(1-8) | Sale ID | 860 |
Sample response
{
"status":"success",
"errorcode":"0",
"errormsg":"",
"pgTransactionId":"32424",
“validityPeriod”:”25”
}
Error codes
###Error codes
| Error Code | Description | Reference XML Tag |
|---|---|---|
00 |
Transaction was successfully authorized by Issuing bank. |
Entire SOAP envelop along with values of parameters passed BEPG will successfully complete all technical as well as business validations on XML structure and values of all the parameters present within tag and passes the same to Issuing bank. On successful response from Issuinb bank, BEPG to return code '00' |
01 |
Missing Parameter |
Entire SOAP envelop along with values of parameters passed BEPG will check all the parameters and if any of the required parameter is not present then return this error code. |
02 |
Invalid Command |
|
07 |
Invalid Parameter |
BEPG checks all parameters and if any parameter is not as per specs and it will decline with this error code. |
13 |
Amount Error |
**<auth_amount> under |
41 |
DECLINED (lost card) |
** |
42 |
DECLINED (no account) |
** |
43 |
DECLINED (stolen) |
** |
51 |
NON SUFFICIENT FUNDS |
** |
54 |
EXPIRED CARD |
** |
55 |
WRONG PIN |
** |
57 |
DECLINED (cardholder not allowed) |
** |
58 |
DECLINED (terminal not allowed) |
** |
59 |
DECLINED (fraud) |
** |
61 |
DECLINED (exceeds with) |
** |
62 |
DECLINED |
** |
65 |
DECLINED (exceeds frequency) |
** |
91 |
ERROR |
If NPCI switch does not receives response from Issuer switch within specified time limit, transactions is declined by NPCI switch with this error code |
92 |
NO ROUTING AVAILABLE |
If no routing is available for provided BIN at NPCI switch end, NPCI switch to pass this error code to BEPG and BEPG sends this error code to PG. |
96 |
SYSTEM ERROR |
In case if due to any technical error BEPG is unable to process transaction then BEPG to return this error code. |
96 |
PREVIOUSLY AUTHORIZED |
**Duplicate Authorize API Call ** |
96 |
PREVIOUSLY DECLINED |
Duplicate Authorize API Call |
110 |
NO ACCT |
If not account is found for provided card at Issuer end, Issuer to pass this error code to BEPG and BEPG to send this error code to PG. |
120 |
ACCT CLOSED |
If not account is closed for the card provided at Issuer end, Issuer to pass this error code to BEPG and BEPG to send this error code to PG. |
399 |
SYSTEM UNAVAILABLE |
In case if interfacing systems are unavailable at BEPG end, for some reasons resulting in non-processing of transaction then BEPG to return this error code |
400 |
General Error |
If BEPG is not able to process transactions for codes as specified in this document then BEPG can return this code. |
401 |
Command is Null or Empty |
|
402 |
XML is Null or |
|
406 |
Not |
|
407 |
Not Authorized |
**Source IP ** |
408 |
XML Data Error |
|
409 |
Invalid |
The authenticationValue sent in request is validated and if invalid or duplicate, the request is rejected with this code. |
453 |
Exhausted OTP resend count |
Limit reached for resend OTP request for this transaction. The user must initiate a new transaction. |
454 |
Duplicate requestID |
The requestID of generateOTP is already used for a different card number. |
501 |
EMI Not available |
EMI program is not available for the given card bin. |
504 |
EMI details mismatch |
The Emi details (emi tenure, emi rate of interest) does not match with EMI program available for the card bin. |
505 |
SI not registered |
SI registration ID sent in request is not available in the system. |
506 |
Invalid relationshipID |
The relationshipID sent in request is not available in the system or is invalid |
507 |
SFA device token security error |
The deviceToken is invalid for the relationshipID sent
|
508 |
SFA token security error |
The token/token signature is invalid |