This API allows you to check the current status of a payment initiated through the EdfaPay platform.

Endpoint

POST https://api.edfapay.com/payment/status

Content-Type: application/json

Example cURL Request

curl --location 'https://api.edfapay.com/payment/status' \
--header 'Content-Type: application/json' \
--data '{
    "order_id": "1001",
    "merchant_id": "12345678-abcd-fedc-1234-abcdef123456",
    "gway_Payment_id": "XXXXXXXXXXXXXXXXXXXX",
    "hash": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}'

Request Parameters

Field	Type	Required	Description
order_id	string	Yes	Unique order ID
merchant_id`	string	Yes	Your EdfaPay merchant identifier (UUID format)
gway_Payment_id	string	Yes	Unique transaction ID from EdfaPay
hash	string	Yes	Hashed string to authenticate the request.

📘
Important Note
You can get the gway_Payment_id from Dashboard in the transaction page with name Payment ID. Webhook(callback) response with value of parameter trans_id.

Hash Generation (Request Authentication)

To ensure the request is secure, you must generate a hash using the following logic:

Formula

hash = SHA1(MD5(UPPERCASE(gway_Payment_id + merchant_password)))

Ensure you convert the string to uppercase before hashing.
The final result should be a lowercase hexadecimal string.

JavaScript Example (Postman)

var password = pm.variables.get("merchant_password");
var payment_id = "XXXXXXXXXXXXXXXXXXXX";
var to_md5 = (payment_id + password).toUpperCase();

var hash = CryptoJS.SHA1(CryptoJS.MD5(to_md5).toString());
var result = CryptoJS.enc.Hex.stringify(hash);

postman.setEnvironmentVariable('hash', result);

Successful Response (Example)

{
    "statusCode": 200,
    "responseBody": {
        "date": "01-01-2025 00:00",
        "status": "settled",
        "brand": "MADA",
        "order": {
            "number": "Order_ID",
            "amount": "1.00",
            "currency": "SAR",
            "description": "Payment for order #1000"
        },
        "customer": {
            "name": "Example",
            "email": "[email protected]"
        },
        "rrn": "XXXXXXXXXXXX",
        "payment_id": "XXXXXXXXXXXX"
    }
}

Failed Response (Example)

{
    "statusCode": 200,
    "responseBody": {
        "date": "01-01-2025 00:00,
        "status": "TXN_FAILURE",
        "brand": "MADA",
        "reason": "FAILURE",
        "order": {
            "number": "Order_ID",
            "amount": "1.00",
            "currency": "SAR",
            "description": "Payment for order #1000"
        },
        "customer": {
            "name": "Example",
            "email": "[email protected]"
        },
        "rrn": "XXXXXXXXXXXX",
        "payment_id": "XXXXXXXXXXXX"
    }
}

Notes

Always generate the hash on the server-side in production environments.
This API is used for post-transaction validation or reconciliation.
Ensure the gway_Payment_id is the same as returned in the original transaction response.