In a conventional card payment journey, customers are redirected to the bank’s page to collect the One-Time Password (OTP). With Cashfree’s seamless OTP payments feature, you can enhance the customer experience by collecting the OTP at your own page and submit it to Cashfree using our Authentication APIs. This eliminates the need for redirecting to the bank’s page, reducing payment failures that can happen due to redirection drop-offs or slow internet speeds.

Difference between Bank OTP Payment and Seamless OTP Payment

This feature is only enabled on request. Please reach out to us at care@cashfree.com to get this feature enabled for your account.

Implement Seamless OTP Payments

To implement seamless OTP payments, follow these steps:

1

Call the Order Pay API with the channel object set to post for card payments

native-otp initiate request
curl --request POST \
  --url https://sandbox.cashfree.com/pg/orders/sessions \
  --header 'Content-Type: application/json' \
  --header 'x-version: <<LATEST_VERSION>>' \
  --data '{
  	"payment_session_id": "session_Cke8Y9LKs2CQP9KuTzsomExG1x5CKBLo8MynNCv8QT",
  	"payment_method":{
  		"card":		{
  			"channel":"post",				 
  			"card_cvv": "123",
  			"card_holder_name": "rohit",
  			"card_number":"4706131211212123",
  			"card_expiry_mm": "03",
  			"card_expiry_yy": "27"
  		}
  	}
  }'
2

If the native OTP flow is enabled for the account, the response will return an action as post and an authentication API URL where you need to submit the OTP

response
{
	"action": "post",
	"cf_payment_id": 14909602643,
	"channel": "post",
	"data": {
		"url": "https://sandbox.cashfree.com/pg/orders/pay/authenticate/14909602643",
		"payload": null,
		"content_type": "application/json",
		"method": "post"
	},
	"payment_amount": 1.10,
	"payment_method": "card"
}
3

Collect the OTP from your page and submit it to Cashfree using the Submit or Resend OTP API

You can read more about the API here.

authenticate request
curl --request POST \
     --url https://sandbox.cashfree.com/pg/orders/pay/authenticate/{payment_id} \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --header 'x-api-version: <<LATEST_VERSION>>' \
     --data '
{
  "action": "SUBMIT_OTP",
  "otp": "111000"
}
'

Was this page helpful?

Token VaultThird Party Validation