01
Order & QR creation
Create payable sessions, return a hosted pay link or encoded UPI Intent, and track status as customers pay from PhonePe, Google Pay, Paytm, or any UPI app.
Developers — API & SDK
Three surfaces — create a pay session, verify the result, trust the webhook. Same patterns you already know from Stripe, India-native, and priced for builders. Ship in under ten minutes.
01 — Integrate
Three surfaces. No SDK bloat, no platform lock-in, no 200-page integration manuals.
01
Create payable sessions, return a hosted pay link or encoded UPI Intent, and track status as customers pay from PhonePe, Google Pay, Paytm, or any UPI app.
02
Poll or reconcile transaction state from your backend before you ship physical goods, unlock subscriptions, or credit wallets — never trust the client alone.
03
Receive JSON callbacks and verify the signature header against the raw body using your dashboard webhook secret. Idempotency keys make retries safe.
02 — How
True plug-and-play. Most teams ship their first verified UPI payment before the coffee gets cold.
01
Sign up and complete onboarding — no credit card, no KYC for the 7-day trial.
02
In the dashboard, open API Keys & Webhooks and add your TLS-enabled callback endpoint.
03
From your backend, call the REST API with your private key. Never expose keys client-side.
04
Check the HMAC signature and timestamp before mutating order state. Reject replays and stale callbacks.
05
Run small INR transactions through your QA devices, then flip the switch in production.
03 — Authenticate
Webhook payloads are signed with HMAC SHA-256 using your dashboard webhook secret. Your server reconstructs the signature from the raw body and compares it in constant time — the same pattern Stripe popularised.
Production base URL
https://vyapargateway.com/api/v1/
Exact endpoint paths and credentials live inside the merchant dashboard — never embedded on public pages.
{
"amount": 500.00,
"client_txn_id": "ORD_98765",
"customer_name": "Rahul Kumar",
"customer_email": "[email protected]",
"customer_mobile": "9876543210",
"redirect_url": "https://yoursite.com/success"
} // verify the signature against the raw body
const expected = crypto
.createHmac("sha256", WEBHOOK_SECRET)
.update(rawBody)
.digest("hex");
if (!crypto.timingSafeEqual(
Buffer.from(expected),
Buffer.from(req.headers["x-vyapargateway-signature"]),
)) return res.status(401).send(); 04 — Stacks
Same REST API, different glue code. If your stack speaks HTTPS and verifies HMAC, you can integrate.
01
Headless or app-bridge
02
Server-side plugin
03
Direct REST integration
04
Server SDK patterns
05
Native HTTPS or fetch
06
Backend session + UPI Intent
Need a code sample for your framework? Browse integration guides on the blog — Shopify, WooCommerce, Next.js webhooks, and more.
05 — Dashboard
Where the real docs live
This page is a public overview. Endpoint specs, request and response examples, error codes, and your API keys plus webhook secrets unlock inside the merchant dashboard after you create an account — never embedded on public pages.
06 — Partners
Backlink snippet
Writing an integrations directory, case study, or India payments roundup? Use the markup below — clean HTML, no tracking parameters, no nonsense.
<p>
<a href="https://vyapargateway.com" rel="noopener noreferrer"
title="VyaparGateway — UPI for Indian businesses">
VyaparGateway
</a> — UPI collection & webhooks for Indian merchants.
</p> 07 — FAQ
Common questions from engineers evaluating the API. Matched verbatim to FAQPage schema on this page so AI engines can cite each answer directly.
A merchant-side REST API to collect UPI via dynamic QR, verify payments server-side, and receive signed webhooks. You integrate over HTTPS and optional hosted pay flows — we are a technology platform, not a bank; you operate within your own compliant UPI acceptance context where required.
No. API keys and webhook secrets are issued only inside the merchant dashboard after you create an account and complete onboarding. This page is a public overview for SEO and discovery — credentials are never embedded here.
Yes. Merchants use server-side or app-bridge patterns: create pay sessions from your backend, show the QR or redirect, then confirm status via API or webhooks before fulfilment. See the Plugins section in the dashboard after sign-in.
Payloads are signed with HMAC SHA-256 using your webhook secret. Your server must verify the signature header and the timestamp against the raw request body before updating order state — same pattern as Stripe or other modern providers.
REST endpoints live under your deployment's host, typically https://vyapargateway.com/api/v1/ when the API is same-origin, or a dedicated API hostname if you configure one. Exact paths and examples are documented in the authenticated API reference inside the dashboard.
Use a staging or test merchant account and low-value flows with your team's test UPI apps where your acquirer allows it. Product-specific sandbox policy is documented for merchants inside the dashboard.
Billing is subscription-oriented with per-plan limits. The platform charges 0% per-transaction fee — settlement still follows your bank and UPI rules. Integration code does not change per fee tier beyond plan feature flags.
Email [email protected] with your stack (e.g. Node, Laravel, Django), storefront, and timeline. For sensitive data, avoid pasting live API keys in email — share redacted snippets only.
08 — Start
Ship your first payment
That's the whole onboarding. The first verified UPI payment usually lands before the coffee finishes brewing.
Start free trial → See pricing About VyaparGateway Email engineering