Verify Pay API Documentation
Verify Pay provides a REST API that allows you to accept and automatically verify mobile payments from bKash, Nagad, Rocket, and Upay in Bangladesh.
๐ Base URL: https://fllbpnbosmitytxxqutk.supabase.co/functions/v1
All API endpoints use HTTPS. Requests must include your API key in the x-api-key header.
๐ Authentication
Every API request must include your API key. You can find your keys in the Dashboard โ API Keys section.
Headers
| Header | Value | Required |
|---|---|---|
| x-api-key | Your live or test API key | Required |
| Content-Type | application/json | Required |
| x-idempotency-key | Unique key to prevent duplicates | Optional |
โ ๏ธ Live keys (vp_live_*) process real payments. Test keys (vp_test_*) use the sandbox environment.
๐ Quick Start
Get started in 3 steps:
- Sign up at verifypay.eu.cc and get your API key
- Install the Android app on the phone that receives payments
- Create a payment using the API below
curl -X POST "https://fllbpnbosmitytxxqutk.supabase.co/functions/v1/create-payment" \
-H "Content-Type: application/json" \
-H "x-api-key: vp_live_YOUR_API_KEY" \
-d '{
"amount": 500,
"method": "bkash",
"sender_number": "01712345678",
"external_id": "order_123"
}'๐ณ Create Payment
Creates a new payment request. The payment will be in pending status until matched with a notification from the Android app.
Request Body
| Parameter | Type | Description |
|---|---|---|
| amount | number | Payment amount in BDT Required |
| method | string | bkash, nagad, rocket, upay Optional |
| sender_number | string | Expected sender phone number Optional |
| external_id | string | Your order/reference ID Optional |
| metadata | object | Custom metadata Optional |
Response
{
"success": true,
"payment": {
"id": "uuid-here",
"amount": 500,
"method": "bkash",
"status": "pending",
"payment_page_url": "https://verifypay.eu.cc/pay/uuid",
"expires_at": "2026-03-29T13:00:00Z",
"created_at": "2026-03-29T12:30:00Z"
}
}๐ Payment Status
Check the current status of a payment.
curl "https://fllbpnbosmitytxxqutk.supabase.co/functions/v1/payment-status?payment_id=UUID" \ -H "x-api-key: vp_live_YOUR_API_KEY"
Payment Statuses
โ Manual Verify
Manually verify a payment that is in matched or pending status. Useful for payments that scored below the auto-approve threshold.
| Parameter | Type | Description |
|---|---|---|
| payment_id | string | Payment UUID Required |
| action | string | "verify" or "reject" Required |
๐ Webhook Events
Verify Pay sends webhooks to your configured URL when payment events occur. Configure your webhook URL in the Dashboard.
Event Types
| Event | Description |
|---|---|
| payment.verified | Payment has been automatically verified |
| payment.matched | Payment matched but requires manual review |
| payment.failed | Payment verification failed |
| payment.expired | Payment expired without verification |
Webhook Payload
{
"event": "payment.verified",
"payment_id": "uuid-here",
"external_id": "order_123",
"amount": 500,
"method": "bkash",
"confidence": 95,
"verified_at": "2026-03-29T12:30:15Z"
}๐ก๏ธ Webhook Security (HMAC)
Every webhook includes an X-Verify Pay-Signature header containing an HMAC-SHA256 signature. Always verify this signature to ensure the webhook came from Verify Pay.
# Webhook payload sent to your URL: # Headers: # X-Verify Pay-Signature: sha256=HMAC_HASH # X-Verify Pay-Event: payment.verified # X-Verify Pay-Timestamp: 2026-03-29T12:00:00Z
๐ฆ JavaScript SDK
npm install @Verify Pay/sdk
import { Verify Pay } from '@Verify Pay/sdk';
const vp = new Verify Pay('vp_live_YOUR_API_KEY');
const payment = await vp.createPayment({
amount: 500,
method: 'bkash',
sender_number: '01712345678',
external_id: 'order_123',
});
console.log(payment.id, payment.payment_page_url);๐ฆ PHP SDK
composer require Verify Pay/Verify Pay-php
<?php
use Verify Pay\Verify PayClient;
$vp = new Verify PayClient('vp_live_YOUR_API_KEY');
$payment = $vp->createPayment([
'amount' => 500,
'method' => 'bkash',
'sender_number' => '01712345678',
'external_id' => 'order_123',
]);
echo $payment['id'];๐ฆ Node.js SDK
npm install @Verify Pay/node
const { Verify Pay } = require('@Verify Pay/node');
const vp = new Verify Pay('vp_live_YOUR_API_KEY');
const payment = await vp.createPayment({
amount: 500,
method: 'bkash',
senderNumber: '01712345678',
externalId: 'order_123',
});
console.log(payment.id);๐ฆ Python SDK
pip install Verify Pay
from Verify Pay import Verify Pay
vp = Verify Pay(api_key="vp_live_YOUR_API_KEY")
payment = vp.create_payment(
amount=500,
method="bkash",
sender_number="01712345678",
external_id="order_123",
)
print(payment["id"])๐งช Sandbox Mode
Use test API keys (vp_test_*) to simulate the full payment flow without real transactions. Generate your test keys from the Dashboard โ Sandbox page.
Sandbox Endpoints
| Action | Endpoint | Description |
|---|---|---|
| Create Payment | ?action=create-payment | Create a fake payment |
| Simulate Notify | ?action=simulate-notify | Simulate notification & match |
| List Payments | ?action=list | List sandbox payments |
| Reset | ?action=reset | Clear all sandbox data |
โ Error Codes
| Status | Code | Description |
|---|---|---|
| 400 | invalid_request | Missing or invalid parameters |
| 401 | unauthorized | Invalid or missing API key |
| 403 | forbidden | Insufficient permissions |
| 404 | not_found | Payment or resource not found |
| 409 | conflict | Idempotency conflict |
| 429 | rate_limited | Too many requests |
| 500 | server_error | Internal server error |
โฑ๏ธ Rate Limits
| Plan | Requests/Hour | Verifications/Day |
|---|---|---|
| Free | 100 | 10 |
| Pro | 5,000 | 1,000 |
| Enterprise | 100,000 | Unlimited |
Rate limit info is returned in response headers: X-RateLimit-Remaining, Retry-After.
๐ Payment Flow
This is the complete lifecycle of a payment verification:
- Create Payment โ Your server calls
create-paymentAPI - Show Payment Page โ Customer sees bKash/Nagad number to pay
- Customer Pays โ Sends money via their mobile banking app
- Notification Captured โ Android app captures the payment notification
- Matching Engine โ System matches notification to your payment request
- Verification โ Score โฅ90 โ Auto-verified, 60-89 โ Manual review
- Webhook โ Your server receives the
payment.verifiedevent - Done โ Fulfill the order!