Payout On Bank

API Endpoint:

This API for Payout on Bank will be a POST request.

{BaseUrl}/payouts/sendPayoutRequest

Description

The Payout on Bank API allows a user to initiate a payout to a customer's bank account. This is typically used to send payments directly to a customer's bank account.

Request:

Request Header

The request must include the following headers for authentication:

Request Header
{
 "apiKey": "your api key",
 "token": "your token",
 "content-type": "application/json"
}

apiKey: Your unique API key provided by PayHub.
token: A token that validates your session or request.
content-type: Specifies that the request body is in JSON format.

Request Body (Before Encryption)

The body of the request should include the following parameters before encryption:

Request Body
{
  "amount": 100,
  "customer_name": "customer's name",
  "customer_email": "customer's email",
  "customer_phone": "customer's phone",
  "account_number": "customer's account number",
  "bank_ifsc": "customer's bank IFSC code",
  "account_name": "customer's Account Holder name",
  "bank_name": "customer's bank name",
  "orderId": "merchant order id",
  "method":"bank",
  "payment_mode":"mode of transfer", (Allowed modes: "NEFT", "IMPS")
}

Encryption Process

To enhance security, the request payload must be encrypted using AES-256-CBC before sending the request.

Step 1: Get Your Encryption Key

You need to get your encryption key from the PayHub Dashboard.

Step 2: Encrypt the Request Data

Use the following JavaScript (Node.js) code to encrypt your request data:

const CryptoJS = require('crypto-js');

const ENCRYPTION_KEY = 'your-encryption-key'; // Get from the dashboard
const IV_LENGTH = 16; // AES block size for CBC mode

// Function to derive a 32-byte key
function deriveKey(secret) {
    return CryptoJS.SHA256(secret).toString(CryptoJS.enc.Hex).substring(0, 32);
}

// Generate a random IV
function generateIV() {
    return CryptoJS.lib.WordArray.random(16).toString(CryptoJS.enc.Hex);
}

// Encrypt function
function encrypt(data, key) {
    const iv = generateIV();
    const cipherKey = CryptoJS.enc.Utf8.parse(deriveKey(key));
    const ivHex = CryptoJS.enc.Hex.parse(iv);

    const encrypted = CryptoJS.AES.encrypt(JSON.stringify(data), cipherKey, {
        iv: ivHex,
        mode: CryptoJS.mode.CBC,
        padding: CryptoJS.pad.Pkcs7
    });

    return iv + ':' + encrypted.ciphertext.toString(CryptoJS.enc.Hex);
}

// Original request payload
const requestData = {
    "amount": 100,
    "customer_name": "customer's name",
    "customer_email": "customer's email",
    "customer_phone": "customer's phone",
    "account_number": "customer's account number",
    "bank_ifsc": "customer's bank IFSC code",
    "account_name": "customer's Account Holder name",
    "bank_name": "customer's bank name",
    "orderId": "merchant order id"
    "method": "bank",
    "payment_mode":"mode of transfer", (Allowed modes: "NEFT", "IMPS", "RTGS")
};


// Encrypt the data
const encryptedData = encrypt(requestData, ENCRYPTION_KEY);
console.log("Encrypted Data:", encryptedData);

Step 3: Send Encrypted Data in Request

After encryption, send the request body as follows:

Encrypted Request Body
{
  "encryptedData": "your-encrypted-string"
}

Body schema

Request body schema
 {
  "amount": {
    "type": "number",
    "format": "float(10,2)",   // up to 2 decimal places
    "min": 1,
    "max": 50000
  },
  "customer_name": {
    "type": "string",
    "maxLength": 100
  },
  "customer_email": {
    "type": "string",
    "maxLength": 254
  },
  "customer_phone": {
    "type": "string",
    "maxLength": 13, 
    "pattern": "^(\\+91)?[6-9]\\d{9}$" // allows 10 digits or +91XXXXXXXXXX
  },
  "account_number": {
    "type": "string",
    "maxLength": 18,
    "pattern": "^[0-9]{9,18}$"
  },
  "bank_ifsc": {
    "type": "string",
    "maxLength": 11,
    "pattern": "^[A-Z]{4}0[A-Z0-9]{6}$"
  },
  "account_name": {
    "type": "string",
    "maxLength": 100
  },
  "bank_name": {
    "type": "string",
    "maxLength": 50,
    "optional": true
  },
  "orderId": {
    "type": "string",
    "maxLength": 20,
    "pattern": "^[A-Za-z0-9]{1,25}$", // only alphanumeric
    "optional": true
  },
  "method": {
    "type": "string",
    "enum": ["bank"],
    "optional": true
  },
  "payment_mode": {
    "type": "string",
    "enum": ["NEFT", "IMPS", "RTGS"]
  }
};

Possible Responses:

Success Response

Success Response
{
  "responseCode": 200,
  "responseMessage": "Success",
  "responseData": {
      "message": "Payment request submitted",
      "transaction_id": 9811167405953,
      "orderId":45676543
  }
}

Invalid API Key Response

Invalid API Key
{
  "responseCode": 401,
  "responseMessage": "Invalid apiKey"
}

Error Response

Error Response
{
  "responseCode": 422,
  "responseMessage": "Failed to process transaction",
  "responseData": "You don't have enough balance to process this transaction"
}

Invalid Account Number

Error Response
{
    "responseCode": 400,
    "responseMessage": "Invalid account number"
}

Invalid IFSC Code

Error Response
{
    "responseCode": 400,
    "responseMessage": "Invalid ifsc code"
}

Notes

You must use AES-256-CBC encryption before sending the request.
Always retrieve your encryption key from the PayHub Dashboard.
Ensure the encryptedData field is sent correctly in the request body.

Payout On Bank

API Endpoint:​

Description​

Request:​

Request Header​

Request Body (Before Encryption)​

Encryption Process​

Step 1: Get Your Encryption Key​

Step 2: Encrypt the Request Data​

Step 3: Send Encrypted Data in Request​

Body schema​

Possible Responses:​

Success Response​

Invalid API Key Response​

Error Response​

Invalid Account Number​

Invalid IFSC Code​

Notes​