Authorize Payment (Auth Only)

POST

payments

initiate

paycollect

PayCollect authorize payment — auth only (request body)

curl --request POST \
  --url https://api.payglocal.in/gl/v1/payments/initiate/paycollect \
  --header 'Content-Type: application/json' \
  --header 'x-gl-token-external: <api-key>' \
  --data '
{
  "merchantTxnId": "23AEE8CB6B62EE2AF07",
  "merchantUniqueId": "IFNN939494NJFJ",
  "captureTxn": false,
  "paymentData": {
    "totalAmount": "10.00",
    "txnCurrency": "INR",
    "billingData": {
      "firstName": "John",
      "lastName": "Doe",
      "addressStreet1": "221B Baker Street",
      "addressCity": "Bengaluru",
      "addressCountry": "IND",
      "emailId": "[email protected]",
      "callingCode": "+91",
      "phoneNumber": "9999999999"
    }
  },
  "merchantCallbackURL": "https://api.prod.payglocal.in/gl/v1/payments/merchantCallback"
}
'

{
  "gid": "gl_o-a057c4d6b6c620741apzp0ZX2",
  "status": "INPROGRESS",
  "message": "Transaction Created Successfully",
  "timestamp": "02/06/2026 21:47:33",
  "reasonCode": "200",
  "data": {
    "redirectUrl": "https://api.uat.payglocal.in/gl/payflow-ui/?x-gl-token=example",
    "statusUrl": "https://api.uat.payglocal.in/gl/v1/payments/gl_o-a057c4d6b6c620741apzp0ZX2/status?x-gl-token=example",
    "merchantTxnId": "23AEE8CB6B62EE2AF07"
  },
  "errors": null
}

Authorize a PayCollect payment without capturing funds immediately. This flow places a hold on the customer’s funds so you can capture or reverse the authorization later. The customer completes authentication on PayGlocal’s hosted checkout (redirectUrl). You do not send card or token data in the API request. The same PayCollect initiate API as GPI is used for authorization. Set captureTxn to false in Request body.

When to Use

Use this flow when you need to verify and reserve funds before completing the transaction, such as:

Hotel and hospitality bookings
Vehicle rentals
Delayed order fulfillment
Inventory confirmation workflows
Any scenario requiring payment approval before final settlement

After authorization, you can:

Capture the authorized amount to complete the payment — standalone capture
Reverse the authorization to release the held funds — auth reversal

Supported payment methods

Authorize (auth only) on hosted checkout supports cards and international Apple Pay only. UPI and net banking are not supported for auth transactions (they are available on GPI sale flows).

Method	Domestic	International
Cards	✓	✓
Apple Pay	—	✓

Notes

Do not send cardData or tokenData — payment details are collected on the hosted page.
Set captureTxn to false in Request body, with paymentData (amount, currency, billingData) as for GPI.

API


Method	`POST`
Path	`/gl/v1/payments/initiate/paycollect`
Production	`https://api.payglocal.in/gl/v1/payments/initiate/paycollect`
Sandbox	`https://api.uat.payglocal.in/gl/v1/payments/initiate/paycollect`

GPI, on-demand SI, auto-debit, and authorize all call this path. Only the JSON request body differs.

Headers

Header	Mandatory	Description
`Content-Type`	Yes	`application/json`
`x-gl-token-external`	Yes	RSA-signed JWS of the request body (see Key Management)
`x-gl-merchantid`	Yes	Your PayGlocal merchant ID (MID)
`x-gl-kid`	Yes	Key ID of the private key used to sign the JWS

Sign the JSON from Request body below as the JWS in x-gl-token-external, then POST to the URL above.

Only one successful capture is allowed per authorisation.

Next steps

Action	API
Capture	POST /payments//capture
Reverse hold	POST /payments//auth-reversal
Status	Get transaction status — expect `AUTHORIZED` until capture
Refund	After `SENT_FOR_CAPTURE` — Refund

Authorizations

x-gl-token-external

string

header

required

RSA-signed JWS (JSON Web Signature) token carrying the request payload.

Header: { "alg": "RS256", "kid": "<merchant-key-id>", "iss": "<merchant-id>", "x-gl-enc": "false", "is-digested": "true" }
Payload: the exact JSON body sent in the request (or its SHA-256 digest when is-digested=true).
Signed with the merchant's RSA private key; PayGlocal verifies with the matching public key. Used by all /gl/v1/payments/* endpoints.

Body

application/json

PayCollect auth-only initiate (captureTxn must be false). Do not send cardData, tokenData, or standingInstruction in the request body. Hosted checkout for auth supports cards and international Apple Pay only — not UPI or net banking.

merchantTxnId

string

required

Merchant's unique transaction identifier. Alphanumeric only.

Required string length: 4 - 50

Example:

"23AEE8CB6B62EE2AF07"

merchantCallbackURL

string<uri>

required

Customers are redirected here post payment completion.

Example:

"https://api.prod.payglocal.in/gl/v1/payments/merchantCallback"

paymentData

object

required

Hosted checkout payment details for PayCollect standing instruction registration. Do not send cardData, tokenData, or authenticationData — the customer registers the mandate on redirectUrl.

Show child attributes

captureTxn

enum<boolean>

required

Must be false for authorise-only.

Available options:

false

merchantUniqueId

string

Optional stable merchant-side ID for idempotency and reconciliation. Alphanumeric only.

Required string length: 15 - 40

Example:

"IFNN939494NJFJ"

riskData

object

Recommended for fraud checks and processor compliance.

Show child attributes

Response

Returned immediately from initiate. Redirect the customer to data.redirectUrl, then poll data.statusUrl or Get Transaction Status. Expect AUTHORIZED until you capture. No mandateId in data.

Response envelope for PayCollect initiate (200).

gid

string

PayGlocal transaction ID. Use for status, capture, and refund APIs.

Example:

"gl_9c2645ed09edb22e"

status

string

High-level status. Typically INPROGRESS immediately after initiate.

Example:

"INPROGRESS"

message

string

Human-readable status message.

Example:

"Transaction Created Successfully"

timestamp

string

Response timestamp (DD/MM/YYYY HH:MM:SS).

Example:

"02/06/2026 21:47:33"

reasonCode

string

Success code on initiate (e.g. 200). See 4xx responses for error codes.

Example:

"200"

data

object

Show child attributes

errors

object

null on success.

Show child attributes

Standing instruction — auto debit

SI Subsequent Payment

PayCollect authorize payment — auth only (request body)

curl --request POST \
  --url https://api.payglocal.in/gl/v1/payments/initiate/paycollect \
  --header 'Content-Type: application/json' \
  --header 'x-gl-token-external: <api-key>' \
  --data '
{
  "merchantTxnId": "23AEE8CB6B62EE2AF07",
  "merchantUniqueId": "IFNN939494NJFJ",
  "captureTxn": false,
  "paymentData": {
    "totalAmount": "10.00",
    "txnCurrency": "INR",
    "billingData": {
      "firstName": "John",
      "lastName": "Doe",
      "addressStreet1": "221B Baker Street",
      "addressCity": "Bengaluru",
      "addressCountry": "IND",
      "emailId": "[email protected]",
      "callingCode": "+91",
      "phoneNumber": "9999999999"
    }
  },
  "merchantCallbackURL": "https://api.prod.payglocal.in/gl/v1/payments/merchantCallback"
}
'

{
  "gid": "gl_o-a057c4d6b6c620741apzp0ZX2",
  "status": "INPROGRESS",
  "message": "Transaction Created Successfully",
  "timestamp": "02/06/2026 21:47:33",
  "reasonCode": "200",
  "data": {
    "redirectUrl": "https://api.uat.payglocal.in/gl/payflow-ui/?x-gl-token=example",
    "statusUrl": "https://api.uat.payglocal.in/gl/v1/payments/gl_o-a057c4d6b6c620741apzp0ZX2/status?x-gl-token=example",
    "merchantTxnId": "23AEE8CB6B62EE2AF07"
  },
  "errors": null
}

Documentation Index