Skip to content

Getting Started

Payment Request

  • base_url=https://api.thesmartgateway.com

    • For SandBox Testing: https://apisandbox.thesmartgateway.com:8080

  • pay_url = /pay/?api_key=<api_key>

  • Method: POST

  • Content-Type : application/json or application/x-www-form-urlencoded

Fields Description
OrderRemarks Description of the item(s)
MerchantTransactionID A unique ID of product or item or ticket etc
Amount Amount of product or item or ticket etc
Agents [Optional] Number of payment options that should be used. If left unused all available will be used. Possible values(ESEWA,KHALTI,CONNECTIPS). Only use with Content-Type application/json

Payment Request Examples

```js tab="Javascript" var data = { OrderRemarks: "pencil", Amount: 100, MerchantTransactionID: "b5e0d7434b19c6e9784", Agents: ["ESEWA", "KHALTI"], };

var settings = { async: true, crossDomain: true, url: "https://api.thesmartgateway.com/pay/?api_key=", method: "POST", headers: { "content-type": "application/json", }, processData: false, data: JSON.stringify(data), };

$.ajax(settings).done(function (response) { console.log(response); }); 


```go tab="Go"
package main

import (
    "bytes"
    "encoding/json"
    "fmt"
    "io/ioutil"
    "net/http"
)

func main() {

    url := "https://api.thesmartgateway.com/pay/?api_key=<PAY_API_KEY>"
    payload := struct {
        OrderRemarks          string
        Amount                string
        MerchantTransactionID string
        Agents                []string
    }{
        OrderRemarks:          "pen and pencil",
        Amount:                "100",
        MerchantTransactionID: "a3387d591d19b29",
        Agents:                []string{"ESEWA", "KHATLI"},
    }
    spayload, _ := json.Marshal(payload)
    req, err := http.NewRequest("POST", url, bytes.NewBuffer(spayload))

    req.Header.Add("content-type", "application/json")

    res, err := http.DefaultClient.Do(req)
    if err != nil {
        fmt.Println(err)

    }
    defer res.Body.Close()
    body, err := ioutil.ReadAll(res.Body)
    if err != nil {
        fmt.Println(err)

    }
    fmt.Println(string(body))

}

```python tab="Python" import requests

url = "https://api.thesmartgateway.com/pay/"

querystring = {"api_key":""}

payload = { "OrderRemarks": "13223", "Amount":100, "MerchantTransactionID": "FEFb33370dSFw591d19b299", "Agents": ["ESEWA", "KHATLI"] } headers = {'content-type': 'application/json'}

response = requests.request("POST", url, data=payload, headers=headers, params=querystring)

print(response.text) 


```c# tab="c#"
using Newtonsoft.Json.Linq;
using System;
using System.Collections.Generic;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;

namespace ConsoleApp1
{
    class Program
    {
        static async Task Main(string[] args)
        {
            using (var client = new HttpClient())
            {
                var payload = new Dictionary<string, object>
                {
                    {"OrderRemarks", "Pencil"},
                    {"Amount", 100 },
                    {"MerchantTransactionID", "b5e0d7434b196e00784" },
                    {"Agents", new string[]{ "ESEWA", "KHALTI" } }
                };
                var jsonString = JObject.FromObject(payload).ToString();
                var content = new StringContent(jsonString, Encoding.UTF8, "application/json");
                string url = "https://api.thesmartgateway.com/pay/?api_key=<PAY_API_KEY>";
                var response = await client.PostAsync(url, content);
                var result = await response.Content.ReadAsStringAsync();
                Console.WriteLine(result);
            }
        }
    }
}

optional query param

You can add an extra query param i.e ?redirect=true if you wish to be redirected directly. Use with Content-Type=application/x-www-form-urlencoded

Callback response

We use JWT(JSON web token) to send the final response about the transaction to your callback URL. JWT ensures that the data send to your callback URL is actually send by us. To validate the signature from the JWT you will use VIEW API KEY which can be found in settings -> developers after you login.

Note

VIEW API Key should be private and should not be exposed

Final response will be provided to you using query parameters.

  • https://merchant.com.np/callback&payload=asdkhfu3beaouf3ybrf3hjjvu2ve

Decode the payload using JWT package for your respective programming language of choice using the VIEW API KEY provided.

Note

On the Agent selection page there is a session timeout of 5 minutes, if user doesn't chooses any agent within the given time frame, he/she will be redirected to your callback URL with ref_id and agent as null

Data inside the payload will look like this:

```json tab="Decoded Response" { "status": "SUCCESS", "transaction_id": "asdkhfu3beaouf3ybrf3hjjvu2ve", "ref_id": "ANnd3nH43f3hjjvu2ve", "agent": "ESEWA" } 


|   **Fields**   |                      **Description**                      |
| :------------: | :-------------------------------------------------------: |
|     status     | Payment status. Possible values(SUCCESS,FAILED,CANCELLED) |
| transaction_id |     Your transaction ID provided to us during payment     |
|     ref_id     |     A unique payment reference code generated by us.      |
|     agent      |        Payment Agent used by customer for payment         |

## JWT Verification Examples

```python tab="python"
import jwt
payload = """eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdGF0dXMiOiJGQUlMRUQiLCJ0cmFuc2FjdGlvbl9pZCI6IjRjMjQ1MmRlLTU1ODEtNDFiYi1iYjk3LWU2OTY5OTU2Yzc4YSIsInJlZl9pZCI6Ik1STE4tTkJMOjU5NTczNTkwMjcyMTo0YzI0NTJkZS01NTgxLTQxYmItYmI5Ny1lNjk2OTk1NmM3OGEiLCJhZ2VudCI6Ik5BQklMIn0.GVVcGcJnvXjH6rgaunojqoTbPXFvax8d2yN4ujgXJ7c"""
data = jwt.decode(payload, key="<VIEW_API_KEY>")
print(data)

``javascript tab="javascript" import * as jwt from "jsonwebtoken"; const VIEW_KEY = "<VIEW_API_KEY>"; payload =eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdGF0dXMiOiJGQUlMRUQiLCJ0cmFuc2FjdGlvbl9pZCI6IjRjMjQ1MmRlLTU1ODEtNDFiYi1iYjk3LWU2OTY5OTU2Yzc4YSIsInJlZl9pZCI6Ik1STE4tTkJMOjU5NTczNTkwMjcyMTo0YzI0NTJkZS01NTgxLTQxYmItYmI5Ny1lNjk2OTk1NmM3OGEiLCJhZ2VudCI6Ik5BQklMIn0.GVVcGcJnvXjH6rgaunojqoTbPXFvax8d2yN4ujgXJ7c`;

let decoded_result = jwt.verify(payload, VIEW_KEY_DEMO); console.log(decoded_result); 


```go tab="go"
package main

import (
    "fmt"

    "github.com/dgrijalva/jwt-go"
)

func main() {
    tokenString := "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdGF0dXMiOiJGQUlMRUQiLCJ0cmFuc2FjdGlvbl9pZCI6IjRjMjQ1MmRlLTU1ODEtNDFiYi1iYjk3LWU2OTY5OTU2Yzc4YSIsInJlZl9pZCI6Ik1STE4tTkJMOjU5NTczNTkwMjcyMTo0YzI0NTJkZS01NTgxLTQxYmItYmI5Ny1lNjk2OTk1NmM3OGEiLCJhZ2VudCI6Ik5BQklMIn0.GVVcGcJnvXjH6rgaunojqoTbPXFvax8d2yN4ujgXJ7c"
    token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
        if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
            return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
        }
        return []byte("44a25ad224556352764cbc53181f3e76427e2udd"), nil
    })

    if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
        fmt.Printf("%+v", claims)
    } else {
        fmt.Println(err)
    }
}

```c# tab="c# console" using System; using Jose; using System.Text;

namespace JWTDecode { class Program { static void Main(string[] args) { string payload = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdGF0dXMiOiJGQUlMRUQiLCJ0cmFuc2FjdGlvbl9pZCI6IjRjMjQ1MmRlLTU1ODEtNDFiYi1iYjk3LWU2OTY5OTU2Yzc4YSIsInJlZl9pZCI6Ik1STE4tTkJMOjU5NTczNTkwMjcyMTo0YzI0NTJkZS01NTgxLTQxYmItYmI5Ny1lNjk2OTk1NmM3OGEiLCJhZ2VudCI6Ik5BQklMIn0.GVVcGcJnvXjH6rgaunojqoTbPXFvax8d2yN4ujgXJ7c"; string viewKey = ""; string result = JWT.Decode(payload, Encoding.ASCII.GetBytes(viewKey)); Console.WriteLine(result); } } } ```