Payment Engine

A powerful, developer‑friendly payment gateway service. Accept payments through SSLCommerz with a simple REST API. Build once, integrate everywhere.

Read Docs Admin Panel
API response example
{
  "success": true,
  "statusCode": 200,
  "message": "Payment initiated successfully",
  "data": {
    "transactionId": "txn_1709912345_a1b2c3d4e5f6",
    "gatewayUrl": "https://sandbox.sslcommerz.com/gwprocess/v4/gw.php?..."
  }
}

Features

Everything you need to accept payments

Simple REST API

Integrate payments with a single API call. We handle the complexity so you don't have to.

Multi‑Project Support

Create and manage multiple projects, each with their own API keys and SSLCommerz credentials.

Enterprise Security

SHA‑256 hashed API keys, timing‑safe comparisons, and validated callbacks for every transaction.

Auto Callbacks

Automatic success, fail, and cancel redirects handled transparently for your end users.

Transaction Dashboard

Monitor payments, view statuses, and track revenue across all projects in real time.

Role‑Based Access

Super admins and admins with granular permissions to manage your payment infrastructure.

How It Works

Three simple steps to accept payments

1
Create a Project

Set up a project with your SSLCommerz credentials and callback URLs. You'll get a unique Client Key and Secret Key.

2
Call the Payment API

Send a POST request to /api/v1/payment/create with amount and customer info. We return a gateway URL.

3
User Pays & Redirects

Redirect the user to the gateway URL. After payment, they're sent back to your success/fail/cancel URL.

Security

Built with security at every layer

SHA‑256 Hashed Secret Keys

Secret keys are hashed before storage. Raw keys are shown only once during project creation.

Timing‑Safe Comparisons

All key verifications use crypto.timingSafeEqual to prevent timing attacks.

Validated Gateway Callbacks

Every SSLCommerz callback is validated against the gateway's validation API before updating payment status.

Idempotent Status Updates

Duplicate callbacks won't corrupt data — only pending transactions can be updated.

Ready to accept payments?

Get started with PayEngine in minutes. Read our documentation and integrate effortlessly.

View Documentation Admin Login