v2.0.0 — Available Now PhonePe Official API v2

Accept UPI Payments
on Any WordPress Site

DirectPay lets you drop a payment form onto any WordPress page with a single shortcode — no WooCommerce, no complexity, and ✓ live in 5 minutes.

Accepts UPI Debit / Credit Cards PhonePe Wallet Net Banking
Get DirectPay — $29 See Demo →
Encrypted credentials
5-minute setup
WP.org standards
No WooCommerce needed
0
Lines of Production Code
0
Widget Styles
0
Shortcodes
0
WooCommerce Required
Everything You Need

Built for Real-World Use,
Not Just a Demo

Every feature in DirectPay solves a problem we've seen Indian site owners face — from missed redirects to admin email alerts and everything in between.

PhonePe OAuth2 API v2 — Current & Supported

Runs on PhonePe's newest Business API using proper OAuth2 client credentials. Tokens are fetched automatically, cached in WP transients, and refreshed before expiry — you never touch auth manually.

  • Access tokens cached and auto-refreshed
  • Sandbox and Production modes switchable in one click
  • One-click "Test Connection" in admin panel
// Token endpoint (auto-handled)
POST /v1/oauth/token
client_id: "SU260…"
client_secret: "••••••••"
client_version: 1
grant_type: "client_credentials"
// Payment initiation
POST /checkout/v2/pay
// Status check with retry logic
GET /checkout/v2/order/{id}

3 Distinct Widget Styles

Card, Minimal, and Elegant (dark theme) — each built as a real CSS/HTML widget with proper field validation, not just a styled button. Pick per shortcode or override colours globally in settings.

Automatic Email Receipts

Customers get a branded HTML receipt the moment their payment confirms. You get an admin alert with a one-click link to the transactions dashboard. Both are fully customisable and toggle-able in settings.

Full Transaction Dashboard

Every payment is stored with full details — amount, status, customer name and email, PhonePe reference, and timestamp. Filter by status, search by email, and sync individual pending rows manually when needed.

One-Click CSV Export

Download all transactions as a clean CSV file directly from the admin panel. Works with any date range or status filter — useful for accountants, reconciliation, or feeding data into your CRM.

Background Payment Recovery

A WordPress cron job runs hourly to catch any payment whose redirect never reached your server — a dropped connection, browser close, or mobile network switch. Those transactions are resolved automatically, no manual intervention needed.

Session-Safe Redirect Flow

PhonePe's redirect URL stays completely clean — no sensitive IDs or nonces in the URL that PhonePe could mishandle. A server-side session token maps back to the transaction safely, eliminating the "Something went wrong" error.

Payment Receipt Page Shortcode

Add [directpay_receipt] to your success page. It automatically reads the transaction from the URL and renders a full styled receipt card — amount, order ID, and PhonePe reference included.

Security-First Architecture

Every security decision in DirectPay was deliberate — written from the first line with WordPress hardening standards in mind, not added as a patch afterward.

Client Secret encrypted at rest Nonce on every AJAX action Fully prepared SQL queries Capability checks on all admin endpoints Rate limiting on payment initiation All output escaped (esc_html / esc_attr / esc_url) index.php sentinel in every directory
Simple to Use

Three Shortcodes.
Endless Possibilities.

Drop any of these onto any page — post, page, widget area, or page builder block. They work anywhere WordPress outputs content.

Full Form

[directpay]

The complete payment form — name, email, optional mobile number, and pay button. Validates inputs before calling PhonePe. Pre-fills name and email for logged-in WordPress users automatically.

[directpay amount="500" description="Consultation Fee"]
[directpay style="elegant" countdown="yes" redirect="/thank-you"]
[directpay description="Donation" allow_custom="yes" min_amount="10"]
amount Fixed INR amount. Omit for custom input.
style card · minimal · elegant
allow_custom yes to show amount field
countdown 20-minute session timer
redirect Override success URL
button_text Customise button label
Button Only

[directpay_button]

No contact fields — just a pay button. Ideal for checkout pages, product listings, membership tiers, or anywhere you already have the customer's details elsewhere on the page.

[directpay_button amount="999" description="Premium Plan"]
[directpay_button description="Donate" allow_custom="yes" style="minimal"]
amount Fixed or leave blank for custom
description Payment purpose shown to customer
min_amount Minimum for custom input (default: 1)
max_amount Maximum for custom input
button_text Custom button label
Success Page

[directpay_receipt]

Place this on your Payment Success page. It automatically reads the transaction ID from the URL, looks up the payment details, and renders a complete receipt card — no configuration needed.

[directpay_receipt]

Add this shortcode to the page you set as Success Page URL in DirectPay settings. Works automatically — no attributes needed.

Shows: amount, status, order ID, PhonePe reference
Handles SUCCESS, FAILED, and PENDING states
PENDING status shows auto-refresh notice every 15s
Zero Configuration Needed

Up and Running
in Under 5 Minutes

Installing DirectPay is a standard WordPress plugin install. There's no server config, no webhook setup, and no external service to register with beyond your existing PhonePe Business account.

Install & Activate

Upload the zip to WordPress, activate — the DirectPay menu appears in your sidebar immediately.

Enter API Keys

Copy your Client ID, Client Secret, and Merchant ID from business.phonepe.com → API Keys. Paste, save, and click Test Connection.

Add Shortcode

Drop [directpay amount="500"] onto any page. Customers can pay immediately — PhonePe handles the checkout.

Receive Payments

Confirmed payments appear in the Transactions dashboard. You and your customer both get an email. That's it.

Match Any Design

Three Widget Styles.
One Plugin.

Card suits most sites. Minimal drops inline without a frame. Elegant brings a dark, premium feel — choose per shortcode, not per plugin setting.

Card Style

The default — a clean, light-background payment card complete with a header bar, session countdown, input fields for name and email, a pay button, and a payment methods strip. Works perfectly on white or light-grey site backgrounds.

[directpay amount="500" style="card" description="Consultation Fee"]
  • Header bar with PhonePe branding and SSL indicator
  • 20-minute session countdown timer
  • Full form with name, email, and optional mobile
  • Payment methods strip: UPI, Cards, Wallet, Net Banking
  • Animated pay button with shimmer effect on hover
DirectPay · Secure
🔒 SSL
500
Consultation Fee
⏱ Session valid for19:42
Full Name *
Email Address *
Pay with PhonePe
Pay via UPI Cards Wallet

Minimal Style

Stripped of the card frame. The amount, description, and button render inline — no border, no shadow, no header. It disappears into any layout without fighting the surrounding design. Perfect for sidebars, pricing tables, or product pages where you want the button to feel native.

[directpay_button amount="299" style="minimal" description="Starter Plan"]
  • No card frame — floats inline with your content
  • Inherits your page background automatically
  • Supports custom amount input when amount is left blank
  • Use with [directpay_button] for no contact fields

— Your page content here —

299
Starter Plan
Pay with PhonePe

— Your page content here —

Elegant Style

A dark, rich variant that belongs on agencies, premium SaaS products, luxury service sites, and any dark-themed WordPress build. The palette uses deep purples with a violet pay button — visually distinct from everything around it.

[directpay style="elegant" amount="2999" description="Premium Membership"]
  • Deep dark background with violet accents
  • All three have identical functionality — only appearance differs
  • Great for dark-mode WordPress themes
  • Same countdown, fields, receipt — fully functional
DirectPay · Secure
🔒 SSL
2,999
Premium Membership
Full Name
Email Address
Pay with PhonePe
Security & Privacy

Secure by Design,
Not as an Afterthought

DirectPay was written with WordPress security standards in mind from the first line of code — not patched in later.

Encrypted Credential Storage

Your Client Secret is encrypted using an XOR cipher keyed from your WordPress AUTH_KEY before it touches the database. It's never stored or logged in plain text after the initial save.

Nonce Verification on Every Action

Every AJAX handler, every admin form submission, and every CSV export is protected by WordPress nonces. Capability checks (manage_options) guard all admin-only endpoints.

Session-Based Redirect, Not URL Tokens

Transaction IDs are never appended to the redirect URL that PhonePe receives. An opaque random token maps server-side to the transaction, so nothing sensitive is exposed in URLs or browser history.

Fully Prepared SQL Queries

Every database query uses $wpdb->prepare() with whitelist-validated ORDER BY clauses. No raw user input ever reaches the database.

Rate Limiting on Payments

Payment initiation is rate-limited per IP address using WP transients. Rapid repeated requests (abuse, bots, accidental double-submits) are blocked before they reach PhonePe's API.

Sanitized Input, Escaped Output

Every piece of user data is sanitized on the way in and escaped on the way out — following WordPress coding standards throughout. Output uses esc_html(), esc_attr(), and esc_url() consistently.

Real Users, Real Results

What Site Owners
Are Saying

★★★★★

"I ran a coaching website for three years with a clunky WooCommerce setup just to take payments. DirectPay replaced the entire payment part in one afternoon. My students pay directly on the enrollment page now — it's cleaner and faster."

Rahul Mehra
Online Coaching Institute, Jaipur
★★★★★

"The CSV export and email receipts are the two features I was missing from every other plugin I tried. We process 200+ consultation fees a month and every payment lands in the spreadsheet without us touching anything."

Priya Sundaram
Healthcare Clinic, Chennai
★★★★★

"We run a charitable trust and needed a simple way to accept donations without the overhead of a shop plugin. The Elegant dark widget looks professional on our site and donors comment on how smooth the experience is."

Arjun Krishnan
Charitable Trust, Bengaluru
★★★★★

"Setting up took less than 10 minutes. I already had a PhonePe Business account, dropped in the credentials, tested the connection, put the shortcode on my services page, and my first booking payment came in that same evening."

Sanjana Iyer
Freelance Designer, Pune
★★★★★

"I appreciated that the developer actually solved the redirect issue properly instead of just documenting a workaround. The payment flow is clean end to end — PhonePe redirects back, status checks, success page — all without a single error."

Vikram Tiwari
SaaS Product, Hyderabad
★★★★★

"As a WordPress developer I've seen a lot of payment plugins. This one is cleanly coded — separate concerns, no spaghetti, proper sanitization. I can trust it on client sites without auditing every line myself."

Nisha Varma
WordPress Developer, Mumbai
Common Questions

Frequently Asked Questions

If your question isn't answered here, reach us at directpay.quixfo.com/support

No — DirectPay is fully standalone. It has no dependencies other than WordPress itself (6.0+) and PHP 8.1+. You do not need WooCommerce, Easy Digital Downloads, or any other commerce plugin.
DirectPay uses PhonePe's v2 Business API with OAuth2 authentication. This is the current and actively maintained API (as of 2024). The deprecated v1 Salt Key approach is not used. You need a PhonePe Business account with API access enabled at business.phonepe.com.
All payment methods supported by PhonePe: UPI (any UPI app — Google Pay, Paytm, BHIM, PhonePe app, etc.), debit cards, credit cards, net banking for all major banks, and PhonePe Wallet. The customer selects their preferred method on PhonePe's own hosted checkout page.
DirectPay handles this with a two-layer approach. First, when PhonePe does redirect back, the plugin retries the status check up to 4 times with a short delay — handling the common 1-3 second API lag. Second, a WordPress cron job runs hourly and checks all PENDING transactions older than 15 minutes. So even if the browser was closed before the redirect, the payment will be confirmed and the email sent within the hour.
Yes. Each shortcode accepts its own amount, description, redirect, style, and button_text attributes. You can have a ₹500 Consultation Fee shortcode on one page, a ₹2999 Membership shortcode on another, and an open-amount Donation widget on a third — all fully independent.
Customer name, email, and payment details are stored in your own WordPress database only — nothing is sent to Quixfo IT International or any third-party service. The only external communication is between your server and PhonePe's API during payment initiation and status checks. The Client Secret is stored encrypted in the database.
Yes. Any page builder that supports WordPress shortcodes will work. In Elementor, add a Shortcode widget and paste your [directpay] shortcode. In Divi, use a Code module. In Gutenberg (the block editor), use a Shortcode block. The plugin works wherever WordPress processes shortcodes.
Yes — DirectPay includes a Sandbox mode that uses PhonePe's UAT environment. Switch between Sandbox and Production in the plugin settings. We strongly recommend running several test transactions in Sandbox before going live. The "Test API Connection" button in settings lets you verify your credentials instantly without initiating a payment.
🏆 Premium WordPress Plugin

Start Accepting Payments
on Your WordPress Site Today

Everything set up in under 5 minutes. No monthly fees. No commission per transaction. One purchase, lifetime use.

Buy on Envato Market — $29 Read Documentation
Regular License
6 Months Support Included
Full Documentation
Future Updates Included