The Recurring API allows merchants to charge customers on a recurring basis (e.g., monthly, weekly) for subscription-based services. This is an unscheduled recurring API, giving merchants the flexibility to manage their own billing cycles and call the recurring API as needed.
Endpoint
POST https://api.edfapay.com/payment/post
Content-Type: application/json
Request Body (JSON)
| Field | Type | Required | Description |
|---|---|---|---|
| order_id | string | Yes | New unique order ID for this recurring transaction |
| client_key | string | Yes | Merchant key provided by Edfapay |
| hash | string | Yes | Security hash generated to authorize the request |
| action | string | Yes | Action type: must be RECURRING_SALE |
| order_amount | number | Yes | The amount to be charged must be entered in whole digits only |
| recurring_first_trans_id | string | Yes | The order ID of the original transaction (first payment) |
| order_description | string | Yes | Description of the order |
| payer_ip | string | No | IP address of the payer used in original transaction (first payment) |
| recurring_token | string | Yes | Token received after the initial transaction with recurring_init=Y |
Example Request
curl --location 'https://api.edfapay.com/payment/post' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'order_id=reccurring1' \
--data-urlencode 'client_key=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXX' \
--data-urlencode 'hash=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' \
--data-urlencode 'action=RECURRING_SALE' \
--data-urlencode 'order_amount=10' \
--data-urlencode 'recurring_first_trans_id=Test_order_101' \
--data-urlencode 'order_description=Test' \
--data-urlencode 'payer_ip=192.1.1.1' \
--data-urlencode 'recurring_token=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXXXXXX'Important Note — Hash Generation
The hash parameter included in the request body is dynamically generated for each request and must not be hardcoded.
The hash value is calculated using specific request parameters combined with your merchant secret key. Any change in the request data requires regenerating the hash before sending the request.
🔗 For detailed steps and the exact formula used to generate the hash, refer to the Hash Generation Section.
How to Get recurring_token
recurring_tokenTo use the Recurring API, the recurring_token must be obtained in advance. This token is provided to the merchant’s notification endpoint under the following conditions:
- The initial Initiate API call must include
"recurring_init": "Y" - The merchant must be enabled for recurring payments
- The initial payment must be successful
Please contact Edfapay onboarding team to enable recurring payments for your merchant account.
Hash Calculation
The hash parameter must be calculated to secure the request. It is based on a combination of order details and your merchant password.
Formula:
hash = SHA1(MD5(to_md5.toUpperCase()))String to hash:
var to_md5 = recurring_init_trans_id + recurring_token + order_number + order_amount + order_description + merchant_pass;JavaScript Example using CryptoJS
var to_md5 = recurring_init_trans_id + recurring_token + order_number + order_amount + order_description + merchant_pass;
var hash = CryptoJS.SHA1(CryptoJS.MD5(to_md5.toUpperCase()).toString());
var result = CryptoJS.enc.Hex.stringify(hash);Note
merchant_passis the shared secret provided by Edfapay for secure communication.
recurring_init_trans_idis the Payment ID of original transaction (first payment).
recurring_tokenis the Token returned in the Webhook response.
Success Response
{
"result": "SUCCESS",
"message": "Recurring payment processed successfully",
"transaction_id": "txn_00"
}Error Response
{
"statusCode": 400,
"responseBody": "Invalid Hash value"
}Authentication
Authentication is handled via the hash parameter, using a SHA1-of-MD5 encoding scheme to validate request integrity.