## Zoho Payments Documentation Index

Access the complete documentation index at:
https://www.zoho.com/in/payments/llms.txt

Use this file to discover all available documentation pages before proceeding.

# Signature Verification

Zoho Payments generates a signature to ensure the security and integrity of the transaction data. Signature verification confirms that the data has not been tampered with and authenticates the payment details received after a transaction. Signature verification can be performed for payments received via:

*   [Widget Response](#widget-response)
*   [Return URL](#return-url)

*   [Widget Response](#widget-response)
*   [Return URL](#return-url)

* * *

## Widget Response

After initiating the payment successfully, the checkout widget will return a response with the `payment_id` and a `signature`. The signature will be included only if you’ve generated a signing key under _Settings > Developer Space._ Once the payment is completed, the widget returns the following parameters:

**Parameter**

**Description**

`payment_session_id`

A unique identifier for the payment session.

`payment_id`

A unique identifier for payments made through Zoho Payments.

`signature`

A signature generated using your Signing Key to verify the widget response.

To verify the signature:

1.  Use the following parameters, concatenate them in this order, and use a pipe (|) as the separator:

`payment_id` | `payment_session_id`

2.  Generate an HMAC-SHA256 signature using the concatenated string and your signing key.
    
3.  Compare the generated signature with the signature parameter for validation.
    

Successful validation confirms that the data is secure and has not been tampered with.

* * *

## Return URL

Signature verification for the return URL ensures data integrity and confirms the authenticity of the response returned via payment links. The parameters shown in the table below are sent through the return URL, which is the page the customer is redirected to after a successful payment.

**Parameter**

**Description**

`payment_link_id`

A unique identifier for the payment link.

`payment_id`

A unique identifier for payments made through Zoho Payments.

`amount`

The payment amount.

`status`

The status of the payment.

`payment_link_reference`

An alphanumeric identifier for the link provided during link creation. This is an optional parameter and will not be included in the return\_url unless specified.

`signature`

A signature to verify the authenticity of the parameters in the `return_url`.

To verify the signature:

1.  Extract the following parameters from the return URL and concatenate in this order and use period (.) as a separator:

`payment_link_id.payment_id.amount.status.payment_link_reference`

2.  Generate an HMAC-SHA256 signature using the concatenated string and your signing key.
    
3.  Compare the generated signature with the signature parameter from the return URL.
    

Successful validation confirms that the data is secure and has not been tampered with.