Skip to main content
POST
/
subscriptions
/
pay
/
documents
/
{payment_id}
Upload file for Physical Nach Authorisation
curl --request POST \
  --url https://sandbox.cashfree.com/pg/subscriptions/pay/documents/{payment_id} \
  --header 'Content-Type: multipart/form-data' \
  --header 'x-api-version: <x-api-version>' \
  --header 'x-client-id: <api-key>' \
  --header 'x-client-secret: <api-key>' \
  --form action=UPLOAD \
  --form file='@example-file' \
  --form payment_id=payment-1234
import requests

url = "https://sandbox.cashfree.com/pg/subscriptions/pay/documents/{payment_id}"

files = { "file": ("example-file", open("example-file", "rb")) }
payload = {
"action": "UPLOAD",
"payment_id": "payment-1234"
}
headers = {
"x-api-version": "<x-api-version>",
"x-client-id": "<api-key>",
"x-client-secret": "<api-key>"
}

response = requests.post(url, data=payload, files=files, headers=headers)

print(response.text)
const form = new FormData();
form.append('action', 'UPLOAD');
form.append('file', '@'/Users/john/Downloads/pan.jpeg'');
form.append('payment_id', 'payment-1234');

const options = {
method: 'POST',
headers: {
'x-api-version': '<x-api-version>',
'x-client-id': '<api-key>',
'x-client-secret': '<api-key>'
}
};

options.body = form;

fetch('https://sandbox.cashfree.com/pg/subscriptions/pay/documents/{payment_id}', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://sandbox.cashfree.com/pg/subscriptions/pay/documents/{payment_id}",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"action\"\r\n\r\nUPLOAD\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"file\"; filename=\"example-file\"\r\nContent-Type: application/octet-stream\r\n\r\n@'/Users/john/Downloads/pan.jpeg'\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"payment_id\"\r\n\r\npayment-1234\r\n-----011000010111000001101001--",
CURLOPT_HTTPHEADER => [
"Content-Type: multipart/form-data",
"x-api-version: <x-api-version>",
"x-client-id: <api-key>",
"x-client-secret: <api-key>"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://sandbox.cashfree.com/pg/subscriptions/pay/documents/{payment_id}"

payload := strings.NewReader("-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"action\"\r\n\r\nUPLOAD\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"file\"; filename=\"example-file\"\r\nContent-Type: application/octet-stream\r\n\r\n@'/Users/john/Downloads/pan.jpeg'\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"payment_id\"\r\n\r\npayment-1234\r\n-----011000010111000001101001--")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("x-api-version", "<x-api-version>")
req.Header.Add("x-client-id", "<api-key>")
req.Header.Add("x-client-secret", "<api-key>")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://sandbox.cashfree.com/pg/subscriptions/pay/documents/{payment_id}")
.header("x-api-version", "<x-api-version>")
.header("x-client-id", "<api-key>")
.header("x-client-secret", "<api-key>")
.body("-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"action\"\r\n\r\nUPLOAD\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"file\"; filename=\"example-file\"\r\nContent-Type: application/octet-stream\r\n\r\n@'/Users/john/Downloads/pan.jpeg'\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"payment_id\"\r\n\r\npayment-1234\r\n-----011000010111000001101001--")
.asString();
require 'uri'
require 'net/http'

url = URI("https://sandbox.cashfree.com/pg/subscriptions/pay/documents/{payment_id}")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["x-api-version"] = '<x-api-version>'
request["x-client-id"] = '<api-key>'
request["x-client-secret"] = '<api-key>'
request.body = "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"action\"\r\n\r\nUPLOAD\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"file\"; filename=\"example-file\"\r\nContent-Type: application/octet-stream\r\n\r\n@'/Users/john/Downloads/pan.jpeg'\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"payment_id\"\r\n\r\npayment-1234\r\n-----011000010111000001101001--"

response = http.request(request)
puts response.read_body
{
  "payment_id": "payment-1234",
  "authorization_status": "INITIALIZED",
  "action": "SUBMIT_DOCUMENT",
  "payment_message": "file uploaded successfully."
}
{
"message": "bad URL, please check API documentation",
"help": "Check latest errors and resolution from Merchant Dashboard API logs: https://bit.ly/4glEd0W Help Document: https://bit.ly/4eeZYO9",
"code": "request_failed",
"type": "invalid_request_error"
}
{
"message": "authentication Failed",
"code": "request_failed",
"type": "authentication_error"
}
{
"message": "something is not found",
"help": "Check latest errors and resolution from Merchant Dashboard API logs: https://bit.ly/4glEd0W Help Document: https://bit.ly/4eeZYO9",
"code": "something_not_found",
"type": "invalid_request_error"
}
{
"message": "something is not found",
"help": "Check latest errors and resolution from Merchant Dashboard API logs: https://bit.ly/4glEd0W Help Document: https://bit.ly/4eeZYO9",
"code": "request_invalid",
"type": "idempotency_error"
}
{
"message": "Too many requests from IP. Check headers",
"code": "request_failed",
"type": "rate_limit_error"
}
{
"message": "internal Server Error",
"help": "Check latest errors and resolution from Merchant Dashboard API logs: https://bit.ly/4glEd0W Help Document: https://bit.ly/4eeZYO9",
"code": "internal_error",
"type": "api_error"
}

Authorizations

x-client-id
string
header
required

Client app ID. You can find your app id in the Merchant Dashboard.

x-client-secret
string
header
required

Client secret key. You can find your secret key in the Merchant Dashboard.

Headers

x-api-version
string
default:2025-01-01
required

API version to be used.

x-request-id
string

Request ID for the API call. Can be used to resolve tech issues. Communicate this in your tech related queries to Cashfree.

x-idempotency-key
string<UUID>

An idempotency key is a unique identifier you include with your API call. If the request fails or times out, you can safely retry it using the same key to avoid duplicate actions.

Path Parameters

payment_id
string
required

Provide the Payment ID using which the payment was created.

Body

multipart/form-data

Request parameters to upload file for Physical Nach Authorization.

file
file
required

Select the .jpg file that should be uploaded or provide the path of that file. You cannot upload a file that is more than 1MB in size.

payment_id
string
required

Authorization Payment Id for physical nach authorization.

action
string
required

Action to be performed on the file. Can be SUBMIT_DOCUMENT.

Response

Success response for uploading file for Physical Nach Authorization.

payment_id
string

The payment_id against which the pnach image is uploaded.

authorization_status
string

Authorization status of the subscription.

action
string

Action performed on the file.

payment_message
string

Message of the API.