This ensures PCI DSS compliance and minimizes your liability, allowing you to focus on what you do best: growing your business.

▶️ Test in Postman

View WSDL Specification ›

How It Works

The Web Payment (Redirect) integration allows merchants to send a payment request to PayGate and receive a redirect URL. The customer is then redirected to PayGate's hosted payment page to complete the payment.

Payment Flow

sequenceDiagram
    participant C as Customer
    participant M as Merchant System
    participant PG as PayGate
    participant A as Acquirer

    C->>M: Initiates payment
    M->>PG: Send WebPaymentRequest
    PG-->>M: Return RedirectUrl
    M->>C: Redirect to PayGate Payment Page
    C->>PG: Complete payment
    PG->>C: Redirect back to merchant site
    PG->>M: NotifyUrl - Payment result
    M->>PG: Query transaction status
    PG-->>M: Return status (initial)

    alt Async method used
        A-->>PG: Final status sent
        PG->>M: NotifyUrl - Final status
        M->>PG: Query final status
        PG-->>M: Final result
    end

Example Request

<WebPaymentRequest>
  <Account>
    <PayGateId>10011072130</PayGateId>
    <Password>test</Password>
  </Account>
  <Customer>
    <Title>Mr</Title>
    <FirstName>Joe</FirstName>
    <LastName>Soap</LastName>
    <Email>joe@soap.com</Email>
  </Customer>
  <Redirect>
    <NotifyUrl>https://www.mytestsite.com/notify</NotifyUrl>
    <ReturnUrl>https://www.mytestsite.com/return</ReturnUrl>
  </Redirect>
  <Order>
    <MerchantOrderId>INV101</MerchantOrderId>
    <Currency>ZAR</Currency>
    <Amount>100</Amount>
    <TransactionDate>2025-06-17T12:00:00</TransactionDate>
    <BillingDetails>
      <Customer>
        <Title>Mr</Title>
        <FirstName>Joe</FirstName>
        <LastName>Soap</LastName>
        <Email>joe@soap.com</Email>
      </Customer>
      <Address>
        <Country>ZAF</Country>
      </Address>
    </BillingDetails>
  </Order>
</WebPaymentRequest>

💡
You can use a previously vaulted card by including a VaultId in your request.This avoids asking the customer for full card details again. A CVV is still required.

Request Field Reference

Field	Description	Type	Required
`Account`	PayGate credentials	PayGateAccountType	✅
`Customer`	Customer information	PersonType	✅
`Vault`	Tokenise card for reuse (optional)	VaultType	❌
`VaultId`	ID of previously tokenised card	VaultIdType	❌
`Redirect`	URLs for post-payment redirect and server notification	RedirectRequestType	✅
`Order`	Order-specific payment details	OrderType	✅
`Risk`	Optional – for accounts with Fraud & Risk screening	RiskType	❌
`Payment`	Limit visible payment methods for this transaction (optional)	PaymentType	❌
`BillingDescriptor`	Statement descriptor (ignored if not supported by the acquirer)	`String` (max 45)	❌
`UserDefinedField`	Custom fields for reporting/metadata	UserDefinedFieldType	❌

Example Redirect Response

Upon a successful request, PayGate returns a RedirectUrl like the following:

<Redirect>
  <RedirectUrl>https://secure.paygate.co.za/PayHost/process.trans</RedirectUrl>
  <UrlParams>
    <key>PAYGATE_ID</key>
    <value>10011072130</value>
  </UrlParams>
  <UrlParams>
    <key>PAY_REQUEST_ID</key>
    <value>F6601047-EA36-4E86-89E9-52345A8CB201</value>
  </UrlParams>
  <UrlParams>
    <key>REFERENCE</key>
    <value>INV101</value>
  </UrlParams>
  <UrlParams>
    <key>CHECKSUM</key>
    <value>2d58fcbde138d7e6dbea9a2fcb54724e</value>
  </UrlParams>
</Redirect>

💡
Use the RedirectUrland UrlParams key-value pairs from the response to construct the URL for your Hosted Payment Page.
Learn more about building the Hosted Payment Page URL →

Tips

Always verify transactions with a final QueryRequest after NotifyUrl is received.
The NotifyUrl must respond withOK to acknowledge delivery.
Use the TransactionDate in ISO 8601 format: YYYY-MM-DDTHH:MM:SS