Authorise script

This is the script which does all the job related to payments authorization. It may show a credit card form, an iframe or redirect a user to gateway side. The action provides some basic security features. It is completely unique for each payment, and once we done the url invalidated. When the authorization is done a user is redirected to after url, in our case it is done script.


use Payum\Core\Payum;
use Payum\Core\Request\Authorize;
use Payum\Core\Reply\HttpResponse;
use Payum\Core\Reply\ReplyInterface;

include __DIR__.'/config.php';

/** @var Payum $payum */

$token = $payum->getHttpRequestVerifier()->verify($_REQUEST);
$gateway = $payum->getGateway($token->getGatewayName());

try {
    $gateway->execute(new Authorize($token));

    if (! isset($_REQUEST['noinvalidate'])) {

    header("Location: ".$token->getAfterUrl());
} catch (HttpResponse $reply) {
    foreach ($reply->getHeaders() as $name => $value) {
        header("$name: $value");

    echo ($reply->getContent());

} catch (ReplyInterface $reply) {
    throw new \LogicException('Unsupported reply', null, $reply);

Note: If you've got the "Unsupported reply" you have to add an if condition for that reply. Inside the If statement you have to convert the reply to http response.

This is how you can create a authorize url.

Back to examples

Supporting Payum

Payum is an MIT-licensed open source project with its ongoing development made possible entirely by the support of community and our customers. If you'd like to join them, please consider:

Last updated