Platform
Chatbot Builder Bulk Messaging Team Inbox Mini CRM API & Webhooks AI Integration WhatsApp Flows
Industries
E-commerce & D2C Real Estate Education Healthcare Finance & BFSI Logistics Hospitality Retail
Integrations
Learn
Learning Hub Help & Docs Connect Guides Automation Codex Blog Message Templates
Pricing Get Started →
Connect  ›  Connect Cashfree to WhatsApp
Payment connection guide

Connect Cashfree to WhatsApp

Cashfree uses a different auth pattern from Razorpay: two custom headers instead of Basic Auth, plus a required API version header. This guide gives you the exact values for every field in the External API Request step.

 Published 21 June 2026  8 min read  Live-researched  India-first

Cashfree is a popular Indian payment gateway with strong UPI, card, and net banking support. Its API uses custom headers rather than standard Basic Auth, and requires a version header on every request. Once you know these three header values, the setup is straightforward.

New to the External API Request step? Read the foundation guide first.

Step 1: Get your Cashfree credentials

1

Log in to your Cashfree Merchant Dashboard

Go to merchant.cashfree.com and log in.
2

Open Developers and then API Keys

Click the Developers icon in the right-side navigation. Under API Keys, select Payment Gateway. The sandbox credentials are auto-generated; for production, click Generate.
3

Copy your App ID and Secret Key

The App ID is your x-client-id. The Secret Key is your x-client-secret. Both are required in every request header.

 Separate credentials for sandbox and production

Cashfree issues different App IDs and Secret Keys for sandbox and production. Switching from test to live requires updating both header values. The endpoint base URL also changes from sandbox.cashfree.com/pg to api.cashfree.com/pg.

Step 2: Fill in the External API Request step

External API Request
Method
POST
Request URL
https://api.cashfree.com/pg/orders
Auth Type
Custom headers
Header Parameters
x-client-id
YOUR_APP_ID
x-client-secret
YOUR_SECRET_KEY
x-api-version
2025-01-01
Content-Type
application/json
Body Type
JSON (raw)
Response Type
Default Response
SaveRun and Save

 Three headers, all required

Unlike most APIs that need only one auth header, Cashfree requires three: x-client-id, x-client-secret, and x-api-version. Missing any one will return an authentication or validation error. The version value 2025-01-01 is current as of mid-2026; check Cashfree's changelog if you get an api_version error.

Request URL

EnvironmentBase URL
Sandbox (testing)https://sandbox.cashfree.com/pg/orders
Production (live)https://api.cashfree.com/pg/orders

Body

JSON body
{
  "order_id": "order_{{unique_id}}",
  "order_amount": 500.00,
  "order_currency": "INR",
  "customer_details": {
    "customer_id": "cust_{{customer_phone}}",
    "customer_name": "{{customer_name}}",
    "customer_email": "{{customer_email}}",
    "customer_phone": "{{customer_phone}}"
  },
  "order_meta": {
    "return_url": "https://yoursite.com/payment-success?order_id={order_id}"
  }
}

order_id must be unique per transaction. A common approach is to combine a prefix with a timestamp or your internal order number. order_amount is in rupees (not paise, unlike Razorpay).

Step 3: Send the payment link on WhatsApp

Response (key fields)
{
  "order_id": "order_12345",
  "order_status": "ACTIVE",
  "payment_session_id": "session_...",
  "order_expiry_time": "2026-06-22T18:30:00+05:30"
}

For WhatsApp, the most practical option is to construct the Cashfree payment URL directly from the order_id. Cashfree's hosted payment page follows a predictable URL pattern, or you can use the payment_session_id with Cashfree's JavaScript SDK on a web page. For a simple WhatsApp link, many businesses direct customers to their own checkout page that loads the Cashfree SDK with the session ID from this response.

 Official source

For the full response schema and the hosted checkout URL pattern, see docs.cashfree.com/docs/create-order.

Troubleshooting

SymptomLikely causeFix
401 UnauthorizedWrong App ID or Secret KeyRe-check both values; confirm you are using sandbox credentials with the sandbox URL
422 UnprocessableMissing or invalid x-api-version headerAdd x-api-version: 2025-01-01 to the headers
order_id already existsDuplicate order IDUse a unique value per order; append a timestamp or UUID
Customer phone invalidPhone number format wrongUse a 10-digit Indian mobile number without the country code in customer_phone
Response from wrong environmentMixing sandbox keys with production URLCheck that sandbox keys go to sandbox.cashfree.com and live keys go to api.cashfree.com

Common questions

Where do I get my Cashfree API credentials?
+
Log in to your Cashfree Merchant Dashboard. Click the Developers icon in the right navigation, then click API Keys under Payment Gateway. In the sandbox environment, Cashfree auto-generates your keys. For production, generate them separately. You receive an App ID (x-client-id) and a Secret Key (x-client-secret).
Why does Cashfree use custom headers instead of Basic Auth?
+
Cashfree's API does not use standard HTTP Basic Auth. Instead, it uses two custom request headers: x-client-id for your App ID and x-client-secret for your Secret Key. A third required header, x-api-version, tells the API which version of the response format you expect. The current value is 2025-01-01.
What is the x-api-version header?
+
This is a required header on every Cashfree API request that specifies the API version. The current value is 2025-01-01. Including an outdated or missing version header will cause the request to fail or return a deprecated response format. Check Cashfree's changelog for updates.
What is the difference between sandbox and production endpoints?
+
Cashfree has two base URLs. Sandbox is sandbox.cashfree.com/pg for testing; no real money moves. Production is api.cashfree.com/pg for live payments. The only change between test and production is the base URL; all headers, endpoints, and body fields are identical.
What does the payment_session_id in the response do?
+
The payment_session_id from the create order response is used to initiate a Cashfree payment form on your website. For a WhatsApp use case, the more practical field is the order's payment link URL from the response, which you can send directly to the customer to open a hosted checkout page.
Does this cost anything on WA.Expert?
+
WA.Expert does not add a charge for the External API Request step beyond standard automation action pricing. The WhatsApp message is free inside an active service window. Cashfree charges a transaction fee per payment, deducted from the settlement amount.
Related

Keep building

Send payment links from inside every WhatsApp conversation.

Free trial, no credit card required. And if you ever get stuck, we are the only platform in India that answers you live on WhatsApp.

Start Free →Book Demo
1