Integrate with PayFast for payment gateway processing in South Africa. Use this skill whenever the user wants to accept payments via PayFast, process subscriptions, manage refunds, handle merchant payments, verify transactions, or work with PayFast's API in any way. Also trigger when the user mentions 'PayFast', 'South African payments', 'PayFast subscriptions', 'merchant payments', or needs payment processing with subscription support.
PayFast (now part of Network International) is South Africa's longest-running payment processor. It handles online payments, subscriptions, and merchant services with both form-based redirect flows and REST API endpoints. PayFast supports card payments, bank transfers, and recurring billing for millions of South African customers.
You're building a payment system that needs to accept payments in South Africa with strong subscription support — an e-commerce checkout, a SaaS platform with recurring billing, a marketplace, or any solution requiring ZAR payment processing. PayFast is ideal for businesses targeting the South African market with excellent local market penetration and support for card, bank transfer, and alternative payment methods.
PayFast uses merchant credentials and signature-based authentication for security:
Authentication Components:
⚠️ Use SHA256 for new integrations, not MD5. PayFast supports both MD5 (legacy) and SHA256 (recommended). MD5 is documented first because it's most common in older integrations, but SHA256 is significantly more secure. For new integrations, use SHA256 throughout. PayFast's ITN (Instant Transaction Notification) verification should always use SHA256.
ℹ️ Rebrand note: PayFast was acquired by Network International in 2023. The product continues to operate as "PayFast by Network International." API endpoints and credentials are unchanged, but support channels, contracts, and billing may route through Network International for new merchants.
Store credentials in environment variables: PAYFAST_MERCHANT_ID, PAYFAST_MERCHANT_KEY, and PAYFAST_PASSPHRASE. Never hardcode credentials.
Environments:
https://sandbox.payfast.co.za (for testing)https://www.payfast.co.za and https://api.payfast.co.za (for live transactions)Initiate a payment by redirecting the customer to PayFast's hosted payment form. This is the most common integration method.
Endpoint:
POST https://www.payfast.co.za/eng/process
(Sandbox: POST https://sandbox.payfast.co.za/eng/process)
Content-Type: application/x-www-form-urlencoded
Form Parameters:
merchant_id=10001234
merchant_key=abc123xyz
return_url=https://yoursite.com/payment/success
cancel_url=https://yoursite.com/payment/cancel
notify_url=https://yoursite.com/payment/notify
[email protected]
item_name=Premium Subscription
item_description=1 Month Premium Access
amount=199.99
custom_str1=ORDER-12345
custom_str2=user_metadata_here
signature=MD5_HASH_HERE
Important Notes:
MD5(merchant_id&merchant_key&return_url&cancel_url¬ify_url&email_address&item_name&item_description&amount&custom_str1&custom_str2&PASSPHRASE)
custom_str1 and custom_str2 if you're using them. If passphrase is empty, still include the & separator.Example HTML Form:
<form method="POST" action="https://www.payfast.co.za/eng/process">
<input type="hidden" name="merchant_id" value="10001234">
<input type="hidden" name="merchant_key" value="abc123xyz">
<input type="hidden" name="return_url" value="https://yoursite.com/payment/success">
<input type="hidden" name="cancel_url" value="https://yoursite.com/payment/cancel">
<input type="hidden" name="notify_url" value="https://yoursite.com/payment/notify">
<input type="hidden" name="email_address" value="[email protected]">
<input type="hidden" name="item_name" value="Premium Subscription">
<input type="hidden" name="item_description" value="1 Month Premium Access">
<input type="hidden" name="amount" value="199.99">
<input type="hidden" name="custom_str1" value="ORDER-12345">
<input type="hidden" name="signature" value="abc123def456xyz789">
<button type="submit">Pay with PayFast</button>
</form>
Response: Customer is redirected to PayFast's payment page. After payment, they're redirected to your return_url with query parameters including payment status.
Create recurring payment subscriptions via form redirect.
Endpoint: Same as regular payments
POST https://www.payfast.co.za/eng/process
Additional Parameters for Subscriptions:
subscription=1
frequency=3
billing_date=2025-03-23
recurring_amount=99.99
initial_payment=0
cycle_period=3
Frequency Values (frequency field):
3 = Monthly4 = Quarterly5 = Semi-annually (bi-annually)6 = AnnuallyNote: Values 1 and 2 represent per-hour and daily billing (uncommon). 12 is not a valid frequency code.
Example Subscription Form:
<form method="POST" action="https://www.payfast.co.za/eng/process">
<!-- Standard payment fields -->
<input type="hidden" name="merchant_id" value="10001234">
<input type="hidden" name="merchant_key" value="abc123xyz">
<input type="hidden" name="email_address" value="[email protected]">
<input type="hidden" name="item_name" value="Monthly Premium">
<input type="hidden" name="amount" value="0">
<!-- Subscription fields -->
<input type="hidden" name="subscription" value="1">
<input type="hidden" name="recurring_amount" value="99.99">
<input type="hidden" name="frequency" value="1">
<input type="hidden" name="billing_date" value="2025-03-23">
<input type="hidden" name="cycle_period" value="1">
<input type="hidden" name="signature" value="MD5_HASH">
<button type="submit">Subscribe Now</button>
</form>
Response: PayFast returns a subscription token in the webhook. Store this token to manage the subscription later.
Fetch the current status of a subscription using its token.
Endpoint:
GET https://api.payfast.co.za/subscriptions/{token}/fetch
Headers:
merchant-id: YOUR_MERCHANT_ID