Enable customers to complete payments via a secure, hosted PayGate payment page. No card data ever touches your server.
This ensures PCI DSS compliance and minimizes your liability, allowing you to focus on what you do best: growing your business.
How It Works
The Web Payment (Redirect) integration allows merchants to send a payment request to PayGate and receive a redirect URL. The customer is then redirected to PayGate's hosted payment page to complete the payment.
Payment Flow
sequenceDiagram
participant C as Customer
participant M as Merchant System
participant PG as PayGate
participant A as Acquirer
C->>M: Initiates payment
M->>PG: Send WebPaymentRequest
PG-->>M: Return RedirectUrl
M->>C: Redirect to PayGate Payment Page
C->>PG: Complete payment
PG->>C: Redirect back to merchant site
PG->>M: NotifyUrl - Payment result
M->>PG: Query transaction status
PG-->>M: Return status (initial)
alt Async method used
A-->>PG: Final status sent
PG->>M: NotifyUrl - Final status
M->>PG: Query final status
PG-->>M: Final result
end
Example Request
<WebPaymentRequest>
<Account>
<PayGateId>10011072130</PayGateId>
<Password>test</Password>
</Account>
<Customer>
<Title>Mr</Title>
<FirstName>Joe</FirstName>
<LastName>Soap</LastName>
<Email>[email protected]</Email>
</Customer>
<Redirect>
<NotifyUrl>https://www.mytestsite.com/notify</NotifyUrl>
<ReturnUrl>https://www.mytestsite.com/return</ReturnUrl>
</Redirect>
<Order>
<MerchantOrderId>INV101</MerchantOrderId>
<Currency>ZAR</Currency>
<Amount>100</Amount>
<TransactionDate>2025-06-17T12:00:00</TransactionDate>
<BillingDetails>
<Customer>
<Title>Mr</Title>
<FirstName>Joe</FirstName>
<LastName>Soap</LastName>
<Email>[email protected]</Email>
</Customer>
<Address>
<Country>ZAF</Country>
</Address>
</BillingDetails>
</Order>
</WebPaymentRequest>
You can use a previously vaulted card by including aVaultIdin your request.This avoids asking the customer for full card details again. A CVV is still required.
Request Field Reference
| Field | Description | Type | Required |
|---|---|---|---|
Account | PayGate credentials | PayGateAccountType | ✅ |
Customer | Customer information | PersonType | ✅ |
Vault | Tokenise card for reuse (optional) | VaultType | ❌ |
VaultId | ID of previously tokenised card | VaultIdType | ❌ |
Redirect | URLs for post-payment redirect and server notification | RedirectRequestType | ✅ |
Order | Order-specific payment details | OrderType | ✅ |
Risk | Optional – for accounts with Fraud & Risk screening | RiskType | ❌ |
Payment | Limit visible payment methods for this transaction (optional) | PaymentType | ❌ |
BillingDescriptor | Statement descriptor (ignored if not supported by the acquirer) | String (max 45) | ❌ |
UserDefinedField | Custom fields for reporting/metadata | UserDefinedFieldType | ❌ |
Example Redirect Response
Upon a successful request, PayGate returns a RedirectUrl like the following:
<Redirect>
<RedirectUrl>https://secure.paygate.co.za/PayHost/process.trans</RedirectUrl>
<UrlParams>
<key>PAYGATE_ID</key>
<value>10011072130</value>
</UrlParams>
<UrlParams>
<key>PAY_REQUEST_ID</key>
<value>F6601047-EA36-4E86-89E9-52345A8CB201</value>
</UrlParams>
<UrlParams>
<key>REFERENCE</key>
<value>INV101</value>
</UrlParams>
<UrlParams>
<key>CHECKSUM</key>
<value>2d58fcbde138d7e6dbea9a2fcb54724e</value>
</UrlParams>
</Redirect>
Use theRedirectUrlandUrlParamskey-value pairs from the response to construct the URL for your Hosted Payment Page.Learn more about building the Hosted Payment Page URL →
Tips
-
Always verify transactions with a final
QueryRequestafter NotifyUrl is received. -
The NotifyUrl must respond with
OKto acknowledge delivery. -
Use the
TransactionDatein ISO 8601 format:YYYY-MM-DDTHH:MM:SS