Getting Started

Welcome

Welcome to the TouchPay API Suite — your gateway to fast, reliable, and secure digital transactions. Our APIs enable effortless integration for both Payin (money collection) and Payout (fund transfer) workflows, designed to simplify financial automation for businesses of any scale.

Make sure to get your App ID and Secret Key from your dashobard. You will find them in the Developer section present in Sidebar.

For Security

Never share your Secret Key with anyone. It is used to authenticate your API requests and to generate encrypted payload.
You can create new Secret Key from your TouchPay dashboard if you suspect it has been compromised.
We do not accept raw payload. All requests must be sent in encrypted format (You will find encryption logic down the documentation).
The dashboard will log you out in every fifteen minutes for compliance purpose.

Before Accessing APIs

Use the /generate-token endpoint to obtain an authentication token. Provide your registered email and password in the request body.
Ensure your server IP address is whitelisted before accessing any API endpoints.
For Payin transactions, configure a webhook endpoint to receive real-time payment status updates.
The generated token must be sent in the Authorization header for all subsequent API requests.
Tokens issued by the system do not expire automatically. You only need to regenerate a new token if you update your login credentials or wish to invalidate the previous one.

Webhook Notifications

TouchPay supports webhook callbacks to automatically notify your application about transaction status updates in real time:

Payin Webhook — Triggered whenever a customer payment is successful or failed.
Payout Webhook — Triggered when a disbursement is processed, completed, or rejected.

These event-driven notifications ensure your backend stays perfectly in sync with TouchPay’s systems, allowing instant status updates and business logic execution without manual intervention.

Encryption

Request Headers

All API calls to the TouchPay Payin and Payout services must include specific HTTP headers. These headers ensure that each request is properly authenticated and processed by our system.

Required Headers:

Header Name	Description	Example Value
`Content-Type`	Specifies the format of the request payload. Always set to JSON.	`application/json`
`Authorization`	Used to authenticate every API request. Pass the token obtained from the `/generate-token` endpoint as a Bearer token.	`Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6...`
`Accept`	Specifies the expected format of the response payload from the server. Typically set to JSON.	`application/json`

Payin Methods

TouchPay supports multiple payment methods that allow users to complete transactions seamlessly through cards, net banking, or UPI. Each payin method is securely processed and instantly verified through our APIs.

Card Payments

Accept payments via all major debit and credit cards (Visa, Mastercard, RuPay, etc.). Transactions are processed through secure payment gateways with instant authorization.

Supports debit & credit cards
Instant confirmation
PCI DSS compliant processing

Net Banking

Enable customers to pay directly from their bank accounts using Internet banking from over 50+ supported banks.

Supports major Indian banks
Secure bank redirection flow
Instant settlement confirmation

UPI Payments

Accept payments through popular UPI apps like Google Pay, PhonePe, Paytm, and BHIM. Fast, secure, and user-friendly transactions with auto-status updates.

Supports all UPI handles
QR-based or intent-based payment
Real-time status notifications

Payout Methods

TouchPay supports fast and reliable payout options to transfer funds directly to beneficiaries via UPI or Bank Account (Account Number & IFSC). Choose the method that best fits your business workflow for instant or same-day settlements.

Bank Account Payout

Send payouts directly to a beneficiary’s bank account using their Account Number and IFSC Code. This method is secure, widely supported, and suitable for all bank transfers.

Supports only IMPS mode
Reliable for large-value transfers
24x7 availability for IMPS and instant settlement

Required Parameters:

account_number – Beneficiary account number
ifsc – Bank IFSC code
recipient_name – Name of the beneficiary
amount – Transfer amount

APIs

Introduction

The Payin and Payout APIs offer complete control and transparency over your transactions, enabling seamless automation, enhanced efficiency, and reduced manual effort. With real-time tracking and secure integrations, you can easily manage payments at scale. These APIs are designed to simplify financial operations and ensure a smooth, reliable payment experience for your business.

Every request to the Payin & Payout REST APIs must include specific HTTP headers to ensure secure and valid communication.

API Status Codes:

Status Code	Description
`401`	Unauthorized.
`422`	Unprocessable content or Validation errors.
`201`	Transaction has been created or initiated.
`200`	Transaction Fetched.
`404`	Transaction not found.
`400`	Bad Request.
`500`	Internal Server Error.

Generate Token

The Generate Token API provides a secure way to authenticate your requests by generating a unique Bearer Token. This token must be included in the header of all subsequent API calls to ensure authorized and encrypted communication between your application and the TouchPay system. It helps safeguard sensitive data, prevent unauthorized access, and maintain the integrity of every transaction request.

Request Requirements:

You will get the API URI from us.

Method	`POST`
Endpoint	`/api/generate-token`
Headers	`Accept: 'application-json'` `Content-Type: 'application-json'`
IP Address	`IP Address must be whitelist with us.`

Request Body:

Name	Description	Example Value
`email`	Required Your Registered Email	`merchant@company.com`
`password`	Required Your Touchpay Login Passsword	`************`

Request Body Structure:


{
  "email": "merchant@company.com",
  "password": "************"
}

Response Structure:


{
  "status":1,
  "message": "The Token is generated successfully.",
  "token" : "eyJaOeaadjgkAbwtCdEfGhIjKlMnOpQrStUvWxYz************************"
}

Fetch Wallet Balance

The Fetch Wallet Balance API allows you to securely retrieve the current wallet balance associated with your account in real time. It provides accurate and up-to-date balance details, enabling your application to display or validate available funds before initiating transactions, while maintaining data integrity and system security.

Request Requirements:

Domain Url : crm.touchpay.cloud

Method	`POST`
Endpoint	`{{domain}}/getBalance`
Headers	`Content-Type: 'application-json'`
IP Address	`IP Address must be whitelisted with us.`

Request Body:

Name	Description	Example Value
`appId`	Required Application ID provided by the panel.	`APP245260921847`
`data`	Required Encrypted transaction payload in Base64 format.	`SGVsbG8sIFdvcmxkIQ==`

Decrypted `data` Payload Structure:

When decrypted, the `data` field contains the actual transaction details:

Name	Description	Example Value
`appId`	Required Application ID provided by the panel..	`APP245260921847`
`date`	Required Current date/time when the request is generated.	`SGVsbG8sIFdvcmxkIQ==`
`referenceNumber`	Required Unique identifier for this request.	`TXN12893353`

Request Body Structure:

{
  "appId": "APP245260921847",
  "data": "SGVsbG8sIFdvcmxkIQ== "
}

Response Structure:


{
  "statusCode": 200,
  "error": null,
  "data": {
      "appId": "APP245260921847",
      "requestedDate": "24 Sep 2025 05:37:00 PM",
      "accountBalance": "564.0"
  }
}

Initiate Payout

Payout is a service that allows businesses to send payments directly to the accounts of their customers, vendors, or service providers and handles outgoing transactions. They are essential for businesses that need to disburse funds regularly, such as payroll for employees, commissions for affiliates, or payments to freelancers.

Request Requirements:

Domain Url : crm.touchpay.cloud

Method	`POST`
Endpoint	`{{domain}}/payoutTransferApi`
Headers	`Content-Type: 'application-json'`
IP Address	`IP Address must be whitelist with us.`

Request Body:

Name	Description	Example Value
`appId`	Required Application ID provided by the panel.	`APP245260921847`
`data`	Required Encrypted transaction payload in Base64 format.	`SGVsbG8sIFdvcmxkIQ==`

Decrypted `data` Payload Structure::

When decrypted, the `data` field contains the actual transaction details:

Name	Description	Example Value
`orderId`	Required Unique transfer identifier.	`TXN123456789`
`transactionBankTransferMode`	Required Transfer mode (e.g., NEFT, IMPS, RTGS).	`IMPS`
`transactionAmmount`	Required Beneficiary transfer amount.	`100`
`accountNo`	Required Beneficiary Account Number.	`102759398573`
`ifscCode`	Required Beneficiary's Account IFSC.	`AQC023433`
`name`	Required Beneficiary Name.	`John Doe`
`nickname`	Required Beneficiary Nick Name.	`John`
`mobile`	Required Beneficiary's Mobile Number (10 digits)	`92840*****`
`email`	Required Beneficiary's Email Address	`john@gmail.com`

Request Body Structure:

{
  "appId": "APP245260921847",
  "data": "SGVsbG8sIFdvcmxkIQ== "
}

Response Structure:

{
  "statusCode": 201,
  "error": null,
  "data": {
      "orderId": "TXN123456789",
      "transactionStatus": "PENDING",
      "statusCode": "001",
      "createDate": "24 Sep 2025 04:59:02 PM"
  }
}

Payin Link

Easily collect payments by generating unique, one-time payment links that can be instantly shared with your customers. These links direct users to a secure hosted page where they can complete their payments seamlessly.

Request Requirements:

Domain Url : crm.touchpay.cloud

Method	`POST`
Path	`{{domain}}/payment/paymentInit`
Headers	`Content-Type: 'application-json'`
IP Address	`IP Address must be whitelist with us.`

Request Body:

Name	Description	Example Value
`appId`	Required Application ID provided by the panel.	`APP245260921847`
`data`	Required Encrypted transaction payload in Base64 format.	`SGVsbG8sIFdvcmxkIQ==`

Decrypted `data` Payload Structure:

When decrypted, the `data` field contains the actual transaction details.

Name	Description	Example Value
`orderId`	Unique & Required Your unique transaction id.	`TXN12893353`
`amount`	Required Amount for the payment collection.	`100`
`appId`	Required Application ID provided by the panel.	`APP245260921847`
`returnUrl`	Required To redirect user after payment completion.	`http://{{redirect_url}}`
`custPhone`	Required User's mobile number	`9748271230`
`custEmail`	Required User's email address	`johndoe@gmail.com`
`custFirstName`	Required User's first name	`John`

Request Body Structure:

{
  "appId": "APP245260921847",
  "data": "SGVsbG8sIFdvcmxkIQ== "
}

Response Structure:

{
  "statusCode": 200,
  "error": null,
  "data": {
      "appId": "APP6041769037343",
      "paymentLink": "{{domain}}/pay/dCYHIwJ1gfKbmLKN8YYr20pRsIcRmDkTerjtwognqxEUlus=PAYINAPP60017668"
  }
}

Note: You will be notify as well using webhook for the Payin Approved or Rejected.

What after Pay Link Generation:

Once the user is redirected to the Pay Link, the Payment Page will appear. After completing the payment, the user will be redirected back to your specified redirect_url.

The redirection URL will include a query parameter named signature, for example:

https://redirect_url.com?signature=base64_encoded_string

You can Base64 decode this signature to verify the payment status. Additionally, the same payment status will also be sent via webhook notifications for confirmation.

Decoded Base64 Response Structure:

{
'success' : true,
'statusCode' : 200,
'message' : "Transaction successful",
'event_type' : 'payment_success',
'data' : [
     'client_id' : 'TXN12893353',
     'reference_number' : "o_G1LvGrE5BlMpyOg5-oJ6X7",
     'transaction_amount' : 100,
     'status' : 1,
     'transaction_type' : 'payment'
 ]                
}

Payout Status

The Payout Status API lets you verify the current state of a payout request. Using the unique transaction reference (such as transaction_id), you can check whether a payout is Pending, Approved, Rejected.

Request Requirements:

Domain Url : crm.touchpay.cloud

Method	`POST`
Path	`{{domain}}/payoutStatusApi`
Headers	`Content-Type: 'application-json'`
IP Address	`IP Address must be whitelist with us.`

Request Body:

Name	Description	Example Value
`appId`	Required Application ID provided by the panel.	`APP245260921847`
`data`	Required Encrypted transaction payload in Base64 format.	`SGVsbG8sIFdvcmxkIQ==`

Decrypted `data` Payload Structure:

When decrypted, the `data` field contains the actual transaction details.

Name	Description	Example Value
`orderId`	Unique & Required Your unique transaction id.	`TXN12893353`

Request Body Structure:


{
  "appId": "APP245260921847",
  "data": "SGVsbG8sIFdvcmxkIQ== "
}

Response Structure:


{
  "statusCode": 200,
  "error": null,
  "data": {
      "orderId": "TXN12893353",
      "transactionId": "POTAX164112",
      "transactionReceiptId": "01240925073",
      "utr": null,
      "transactionAmmount": "1.0",
      "transactionType": "IMPS",
      "transactionStatus": "FAILED",
      "name": "Shashi dhar",
      "accountNo": "abcd502839",
      "ifscCode": "ICIC0007391",
      "transactionBankTransferMode": null,
      "txnDate": "2025-09-24 16:59:02.0",
      "netAmount": "1.0",
      "txnMessage": "99"
  }
}

Note: You will be notify as well using webhook for the Payout Approved or Rejected.

Payin Status

The Payin Status API lets you verify the current state of a payment request. Using the unique transaction reference (such as orderId), you can check whether a payment is Pending, Approved, Rejected.

Request Requirements:

Domain Url : crm.touchpay.cloud

Method	`POST`
Path	`{{domain}}/payment/payin-status`
Headers	`Content-Type: 'application-json'`
IP Address	`IP Address must be whitelist with us.`

Request Body:

Name	Description	Example Value
`appId`	Required Application ID provided by the panel.	`APP245260921847`
`data`	Required Encrypted transaction payload in Base64 format.	`SGVsbG8sIFdvcmxkIQ==`

Decrypted `data` Payload Structure

When decrypted, the `data` field contains the actual transaction details:

Name	Description	Example Value
`appId`	Required Application ID provided by the panel.	`APP245260921847`
`orderId`	Required Unique order identifier to fetch status.	`TXN12893353`

Request Body Structure:


{
  "appId": "APP245260921847",
  "data": "SGVsbG8sIFdvcmxkIQ"
}

Response Structure:


{
  "statusCode": 200,
  "error": null,
  "data": {
      "txnId": "TXN795222440",
      "orderId": "TXN12893353",
      "appId": "APP60417668645343",
      "status": "PENDING",
      "statusCode": "001",
      "responseMessage": "Payment request pending at PG",
      "merchantTdr": null,
      "gst": null,
      "netAmount": null,
      "amount": "5.0",
      "currencyCode": null,
      "paymentTypeCode": "UP",
      "mopCode": "INTENT",
      "transactionType": "SALE",
      "productDesc": "Test Transaction",
      "custEmail": "test@gmail.com",
      "custPhone": "9058440246",
      "cardNumber": null,
      "custVpa": null,
      "utr": null
  }
}

Note: You will be notify as well using webhook for the Payin Approved or Rejected.

Webhooks

Webhooks allow your application to receive real-time updates from our system whenever specific events occur — such as payment success, failure, or refund. Instead of continuously polling our APIs, you can configure a webhook endpoint to automatically get notified with structured event data, ensuring instant synchronization between our platform and your system.

Payin Webhook

The Payin Webhook allows you to receive real-time notifications whenever the status of a payin transaction is updated. Once a payin is processed, the system will send a request to your configured webhook URL containing details such as Transaction ID, amount, status. Use this to automatically update your system without polling the status API.

Payin Webhook Response:

{
  "status" : 1,
  "message" : "Payment Success",
  "event_type" : "payment_success",
  "data" :{
        "transaction_id" : "TXN12893353",
        "amount" : 100,
        "txn_status" : "success",
        "utr_number" : "o_G1LvGrE5BlMpyOg5-oJ6X7",
  }
}

Payout Webhook

The Payout Webhook allows you to receive real-time notifications whenever the status of a payout transaction is updated. Once a payout is processed, the system will send a request to your configured webhook URL containing details such as order ID, transaction ID, amount, status, and timestamp. Use this to automatically update your system without polling the status API.

Payout Webhook Response:

{
  "status": 1,
  "message": "Transaction processed successfully",
  "data": {
    "transaction_id": "TXN123456789",
    "amount": 500.00,
    "txn_status": "success",
    "reference_id": "RPT987654321",
    "utr_number": "AXISN12345"
  }
}