# 1. Get Payment URL

### Swagger Link

{% tabs %}
{% tab title="Production " %}

```shortcode
https://bhpayapi.casheer.com/V1/
```

{% endtab %}

{% tab title="Sandbox" %}

```
https://bhpayapisb.casheer.com/V1/
```

{% endtab %}
{% endtabs %}

### API Endpoints

{% tabs %}
{% tab title="Production Endpoint " %}

```
https://bhpayapi.casheer.com/V1/api/GenToken/Validate
```

{% endtab %}

{% tab title="Sandbox Endpoint" %}

```
https://bhpayapisb.casheer.com/V1/api/GenToken/Validate
```

{% endtab %}
{% endtabs %}

#### **Sample Request & Response**

Use the below parameters and hashing function for order creation. The request should contain the following inputs to make sure inputs should be encrypted using our hashing function show in the following example to prevent exposure. For parameters description please refer [here](https://bhpaydocs.casheer.com/parameters-and-description)

{% tabs %}
{% tab title="Sample Request" %}

```coffeescript
"ValidatePaymentRequest" : {
  "merchantCode": "xxxxx"    
  "authKey": "xxxxxxxxx",
  "currency": "KWD",   
  "pc": "KWKFHMPGSCCKWD",  
  "tunnel": "",    
  "amount": 1 ,   
  "doConvert": "N",
  "sourceCurrency":"conditional",
  "description": "optional",
  "referenceID": "(15 digit random number)",     
  "timeStamp": "yyyy/MM/dd HH:mm:ss tt",
  "language": "en",
  "callbackURL": "Your website URL",
  "hash": "ComputedHash",  
  "userReference": 0,   
  "billingDetails": 
  {
  "fName": "First Name",
  "lName": "last Name",
  "mobile": "mobile",
  "email": "email",
  "city": "city",
  "pincode": "pincode",
  "state": "state",
  "address1": "address1",
  "address2": "address2"
  }
}
```

{% endtab %}

{% tab title="Sample Response" %}

```
{
  "errorCode": 0,
  "errorMessgae": "string",
  "result": 
  {
    "redirectURL": "string",
    "tokenID": "string",    
    "orderAmount": 0,
    "paidAmount": 0,
    "serviceAmount": 0,
    "commissionAmount": 0,   
    "originalAmount": "string"
  }
}
```

{% endtab %}
{% endtabs %}

### **Sample Code to post data**

{% tabs %}
{% tab title="C#" %}

```csharp
public async Task> ValidatePayment(ValidatePaymentRequest obj)
  {
  Output dto = new Output();
  var url = {Provided End Point};
  var client = new HttpClient();
  client.BaseAddress = new Uri(url);
  try
  {
  obj.hash = ComputeHash(obj);
  var resultser = JsonConvert.SerializeObject(obj);
  client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
  client.DefaultRequestHeaders.TryAddWithoutValidation("Content-Type", "application/json; charset=utf-8");
  var response = client.PostAsJsonAsync(url, obj).Result;
  if (response.IsSuccessStatusCode)
  {
  var ss = response.Content.ReadAsStringAsync();
  var result = JsonConvert.DeserializeObject>(ss.Result);
  dto = result;
  }
  else
  {
  var ss = response.Content.ReadAsStringAsync();
  var resps = ss.Result.ToString();
  }
  }
  catch (HttpRequestException ex)
  {
  }
  return dto;
  }
```

{% endtab %}

{% tab title=" VB.Net" %}

```objectivec
  Class SurroundingClass
  Public Task As async
  
  Private Sub New(ByVal obj As ValidatePaymentRequest)
  Dim dto As Output = New Output()
  Dim url = {Provided End Point};
  Dim client = New HttpClient()
  client.BaseAddress = New Uri(url)
  
  Try
  obj.hash = ComputeHash(obj)
  Dim resultser = JsonConvert.SerializeObject(obj)
  client.DefaultRequestHeaders.Accept.Add(New System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"))
  client.DefaultRequestHeaders.TryAddWithoutValidation("Content-Type", "application/json; charset=utf-8")
  Dim response = client.PostAsJsonAsync(url, obj).Result
  
  If response.IsSuccessStatusCode Then
  Dim ss = response.Content.ReadAsStringAsync()
  Dim result = JsonConvert.DeserializeObject > (ss.Result)
  dto = result
  Else
  Dim ss = response.Content.ReadAsStringAsync()
  Dim resps = ss.Result
  Dim resultse = JsonConvert.SerializeObject(resps.ToString())
  End If
  
  Catch ex As HttpRequestException
  End Try
  
  Return dto
  End Sub
  End Class
```

{% endtab %}

{% tab title="PHP" %}

```php
<?php
// store order id
$order = 12 xxxx;
// referenceID must be 15 digit unique number
$referenceID = mt_rand(100000000000000, 999999999999999); 
$timestamp = date( "y-m-d H:m:s t" );
$userReference = 0;
$amount = 1;
$authKey = 'Your Authorization Key';
$merchantID = 'Your Merchent Key';
$currency = 'KWD';
$paymentMethodCode = 'All';
$sourceCurrency = "";
$doConvert = 'N';
$tunnel='';
$description='';
$datatocomputeHash = ( float )$amount . $authKey . $currency . $merchantID . $paymentMethodCode .(int)$referenceID . $sourceCurrency . $timestamp . $tunnel . (int)$userReference;
// convert the concated string in to hash and convert all string in upper character.  
$hash = strtoupper(hash_hmac("sha256", $datatocomputeHash, "Your Secret Key"));
$data = array(
  'merchantCode' => $merchantID,
  'authKey' => $authKey,
  'currency' => $currency,
  'pc' => $paymentMethodCode,
  'tunnel' => $tunnel,
  'amount' => ( float )$amount,
  'doConvert' => $doConvert,
  'sourceCurrency' => $sourceCurrency,
  'description' => $description,
  'referenceID' => (int)$referenceID,
  'timeStamp' => $timestamp,
  'language' => 'en',
  'callbackURL' => 'https://www.example.com',
  'hash' => $hash,
  'userReference' => ( int )$userReference,
  'billingDetails' => array(
    'fName' => 'First Name',
    'lName' => 'Last Name',
    'mobile' => '0000000000',
    'email' => 'abcd@gmail.com',
    'city' => 'city',
    'pincode' => '000000',
    'state' => 'State',
    'address1' => 'Address 1',
    'address2' => 'Address 2'
  ),
);
$request = json_encode( $data, true );
 
  $curl = curl_init('Your End Point' );
 
curl_setopt( $curl, CURLOPT_POST, true );
curl_setopt( $curl, CURLOPT_POSTFIELDS, $request );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $curl, CURLOPT_HTTPHEADER, array( 'Content-Type:application/json' ) );
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
$ch = curl_exec( $curl );
curl_close( $curl );
$errno = curl_errno($curl);
  $err = curl_error($curl);
curl_close($curl);
	if(!$ch || strlen(trim($ch)) == 0)
	{
       if ($errno) {
            print "cURL Error #:" . $err;
        } 
    }
	else
	{		
		$response = json_decode($ch, true);
		if( $response["errorCode"]===0)
		{
		echo $response["result"]['redirectURL'];
			header("Location: " .$response["result"]['redirectURL']); 
			exit;
		}
		else{
			echo $response["errorMessgae"]
		}
	}
?>
```

{% endtab %}

{% tab title="TypeScript" %}

```typescript
pagecode:` public async Task> ValidatePayment(ValidatePaymentRequest obj)
  {
  Output dto = new Output();
  var url = {Provided End Point};
  var client = new HttpClient();
  client.BaseAddress = new Uri(url);
  try
  {
  obj.hash = ComputeHash(obj);
  var resultser = JsonConvert.SerializeObject(obj);
  client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
  client.DefaultRequestHeaders.TryAddWithoutValidation("Content-Type", "application/json; charset=utf-8");
  var response = client.PostAsJsonAsync(url, obj).Result;
  if (response.IsSuccessStatusCode)
  {
  var ss = response.Content.ReadAsStringAsync();
  var result = JsonConvert.DeserializeObject>(ss.Result);
  dto = result;
  }
  else
  {
  var ss = response.Content.ReadAsStringAsync();
  var resps = ss.Result;
  var resultse = JsonConvert.SerializeObject(resps.ToString());
  
  }
  }
  catch (HttpRequestException ex)
  {
  
  }
  
  return dto;
  
  }`;
```

{% endtab %}
{% endtabs %}

###