Verify that a Razorpay payment completed successfully by submitting the order ID, payment ID, and signature returned by the Razorpay checkout flow. This endpoint does not require authentication.
Request
POST /payments/verify
Content-Type: application/json
The Razorpay order ID returned when the order was created (POST /payments/order).
The Razorpay payment ID provided by Razorpay after the user completes checkout.
The HMAC-SHA256 signature provided by Razorpay. Used to confirm the payment is authentic.
The payment mode used during checkout (e.g. upi, card). Optional.
Razorpay provides the paymentId and signature in the handler callback of the checkout SDK after the user completes payment on the client.
Response
true if the signature is valid and the payment is verified; false otherwise.
A human-readable description of the verification result.
Always verify the Razorpay signature server-side before marking a ride as paid or updating ride status. Never trust the result of client-side payment callbacks alone.
Example
curl -X POST http://localhost:8080/payments/verify \
-H "Content-Type: application/json" \
-d '{
"orderId": "order_OmXy1234abcd",
"paymentId": "pay_OmXy9876wxyz",
"signature": "a3f1c2d4e5b6...",
"paymentMode": "upi"
}'