POSTSend Transaction OTP
Request an OTP to the sender's mobile number to authorise an upcoming money transfer.
Sends an OTP to the sender's registered mobile number as a pre-authorisation step before initiating the actual money transfer. Provide the recipient_id, the transfer amount, and the sender's customer_id. The returned otp_ref_id must be passed to Initiate Transfer along with the OTP entered by the customer.
Body parameters
| Field | Type | Required | Description |
|---|---|---|---|
initiator_id | string | required | Registered mobile number of the API user (see Platform Credentials).e.g. 9962981729 |
user_code | string | required | User code of the retailer/agent the service is run for.e.g. 20810200 |
client_ref_id | string | optional | Unique reference id per API call, generated by your system.e.g. REQ-20260101-001 |
recipient_id | number | required | Unique recipient ID returned by Add Recipient or Get Recipients.e.g. 98765 |
amount | number | required | Transfer amount in INR (integer, no decimals).e.g. 500 |
customer_id | string | required | Sender's 10-digit mobile number.e.g. 9123456789 |
initiator_idstringRequiredRegistered mobile number of the API user (see Platform Credentials).
example: 9962981729
user_codestringRequiredUser code of the retailer/agent the service is run for.
example: 20810200
client_ref_idstringoptionalUnique reference id per API call, generated by your system.
example: REQ-20260101-001
recipient_idnumberRequiredUnique recipient ID returned by Add Recipient or Get Recipients.
example: 98765
amountnumberRequiredTransfer amount in INR (integer, no decimals).
example: 500
customer_idstringRequiredSender's 10-digit mobile number.
example: 9123456789
Headers
| Field | Type | Required | Description |
|---|---|---|---|
developer_key | string | required | Static API key issued to your account after KYC. |
secret-key | string | required | Dynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))). |
secret-key-timestamp | string | required | Current time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time. |
content-type | string | required | application/jsone.g. application/json |
developer_keystringRequiredStatic API key issued to your account after KYC.
secret-keystringRequiredDynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))).
secret-key-timestampstringRequiredCurrent time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time.
content-typestringRequiredapplication/json
example: application/json
Responses
statusnumberPrimary success indicator (0 = success).
messagestringHuman-readable response / error message.
response_status_idnumberGranular status id; see the shared error-codes table.
response_type_idnumberA unique id for every possible response shape (success or error) — useful for client logic branching and analytics.
dataobjectAPI-specific response payload.
otp_ref_idstringReference ID for the OTP sent. Must be passed to Initiate Transfer along with the customer-entered OTP.
mobilestringMasked mobile number to which the OTP was sent (for display to agent/customer).