BLIK Recurring
The API has been extended to support recurring transactions without the buyer's involvement (known as MIT – Merchant Initiated Transaction). To use this functionality, a prior payment involving the buyer (known as CIT – Customer Initiated Transaction) must be registered, resulting in the creation of a PAYID-type payment token.
To activate the service, it is necessary to sign an annex to the existing agreement.
When integrating BLIK recurring payments, it is important to review the documentation and requirements available on the BLIK Recurring Payments page.
The client has the option to delete a token on the bank's side. If a token is removed in this way, it will no longer appear when retrieving the list of available tokens.
General Information about BLIK Recurring Payments
After saving the PAYID token, the merchant gains the ability to initiate recurring transactions, where the merchant determines the frequency and amount of each charge. In this model:
- The merchant can initiate transactions with variable amounts and frequencies.
- The maximum allowable amount for a single transaction is 2000 PLN (transactions exceeding this limit are automatically declined).
- In the event of insufficient funds, exceeded limits, lack of support for recurring payments by the bank, or any other technical issue, the system will return an appropriate error message, and the payment will not be automatically retried — it is the merchant's responsibility to initiate the retry attempt.
Using this transaction model means the merchant assumes responsibility for potential fraud. This is indicated by setting the recommendedAuthLevel
parameter to NO_CONFIRMATION. Including this parameter indicates that the merchant is acting knowingly.
Currently, it is not possible to register a recurring payment with a zero amount. If activation involves charging the customer and it is not a fee for a service, the merchant is required to refund the activation charge.
Security Requirements and Recommendations
Before integrating the service, make sure to review the requirements and recommendations provided by our security experts. This will help you safeguard against potential fraud.
BLIK Recurring Payment with PAYID Token Registration
To register a PAYID token, you should extend the standard order with a payMethods
section containing a blikData
object with the register
parameter set to true, and a buyer
section extended with extCustomerId
. Additionally, you must include a recurring
section indicating the type of payment.
{
...
"buyer": {
"extCustomerId": "",
"email": ""
},
"totalAmount": <activation amount>,
"payMethods": {
"payMethod": {
"type": "BLIK_AUTHORIZATION_CODE",
"value": "<t6 code used for authorization>",
"blikData": {
"registerTokenValue": "<registered PAYID token value>",
"aliasLabelProposal": "<recurring payment title>",
"register": true,
"recurring": {
"type": "O",
"initializationDate": "<first MIT transaction date>",
"expirationDate": "<PAYID token expiration date>"
}
}
}
}
}
For details on parameters, refer to the Create an Order section in our API Reference.
If you manage your customers tokens yourself, you should include the value of the generated PAYID token in the registerTokenValue
field. Otherwise, omit this parameter during token registration — PayU will automatically generate a unique value.
The initializationDate
and expirationDate
parameters are optional.
The value of aliasLabelProposal
should be easily recognizable to the buyer and clearly reference the specific recurring transaction.
Currently, registering a BLIK recurring payment requires submitting a non-zero activation amount. If the activation involves charging the customer and it is not a service fee, the merchant is required to refund the activation charge.
Http Status | Status Code | Description |
---|---|---|
400 | ERROR_AUTHORIZATION_CODE / AUTH_CODE_EXPIRED | The authorization code has expired. |
400 | ERROR_AUTHORIZATION_CODE / AUTH_CODE_LIMIT_EXCEEDED | The limit for the authorization code has been exceeded. |
400 | ERROR_AUTHORIZATION_CODE / AUTH_CODE_CANCEL | The authorization code has been canceled. |
400 | ERROR_AUTHORIZATION_CODE / AUTH_CODE_USED | The authorization code has already been used. |
400 | ERROR_AUTHORIZATION_CODE / AUTH_CODE_INVALID | Invalid authorization code. |
400 | ERROR_VALUE_MISSING / MISSING_AUTHORIZATION_CODE | Validation error, authorization code T6 BLIK required for authorization. |
400 | ERROR_VALUE_INVALID / INVALID_BLIK_CODE | Incorrect authorization code BLIK. The BLIK authorization code should consist of 6 digits. |
400 | ERROR_VALUE_INVALID / INVALID_AUTHORIZATION_CODE_USAGE | authorizationCode field cannot be used in this context. |
400 | ERROR_VALUE_INVALID / INVALID_RECOMMENDED_AUTH_LEVEL_USAGE | recommendedAuthLevel field cannot be used in this context. |
400 | ERROR_VALUE_INVALID / INVALID_APP_KEY_USAGE | appKey field cannot be used in this context. |
400 | ERROR_VALUE_MISSING / MISSING_REGISTER_TOKEN_VALUE | registerTokenValue field is required for merchants maintaining tokens. |
400 | ERROR_VALUE_MISSING / INVALID_CURRENCY_CODE | Incorrect currency code. |
400 | ERROR_VALUE_MISSING / MISSING_BUYER_EMAIL | Validation error, missing email field in the buyer section. |
400 | ERROR_VALUE_MISSING / MISSING_BUYER_EXT_CUSTOMER_ID | Validation error, missing extCustomerId field in the buyer section. |
400 | ERROR_VALUE_INVALID / INVALID_COUNTRY_CODE | Validation error, countryCode field in the blikData section. An unsupported country code was used. |
400 | ERROR_VALUE_INVALID / INVALID_BLIK_RECURRING_TYPE | Validation error, type field in the recurring section. An unsupported type was used. |
400 | ERROR_VALUE_INVALID / MISSING_ALIAS_LABEL_PROPOSAL | Validation error, missing aliasLabelProposal field in the blikData section. |
400 | ERROR_VALUE_INVALID / INVALID_INITIALIZATION_DATE | Validation error, initializationDate field in the recurring section. The date cannot be set to later than value of the expirationDate field. |
400 | ERROR_VALUE_INVALID / INVALID_EXPIRATION_DATE | Validation error, expirationDate field in the recurring section. The date cannot be set to earlier than value of the initializationDate field. If the date is defined, it cannot be set further in the future than 10 years. |
400 | ERROR_TOKEN / AUTH_TOKEN_EXISTS | Registration of the token failed because the token already exists. |
400 | BUSINESS_ERROR / RECURRING_TOKEN_PAYMENT_NOT_ALLOWED | The recurring payment service has not been made available by PayU. |
400 | ERROR_TOKEN / AUTH_TOKEN_TYPE_NOT_SUPPORTED_BY_ISSUER | No possibility to register the token, the selected bank does not support recurring payments. |
BLIK Recurring Payment with PAYID Token
To initiate a subsequent BLIK recurring payment, you need to extend the standard order with a payMethods
section containing the PAYID token and a blikData
object. In the blikData
object, in addition to the bank app identifier appKey
, you should include a recurring
section specifying the request type.
{
...
"payMethods": {
"payMethod": {
"type": "BLIK_TOKEN",
"value": "<PAYID token value used for authorization>",
"blikData": {
"appKey":"<the identifier of the customer's chosen bank mobile application>",
"recommendedAuthLevel": "NO_CONFIRMATION",
"recurring": {
"type": "O"
}
}
}
}
}
For details on parameters, refer to the Create an Order section in our API Reference.
Including the recommendedAuthLevel
parameter with the value NO_CONFIRMATION indicates that the merchant is acting knowingly. The merchant assumes responsibility for any potential fraud.
Http Status | Status Code | Description |
---|---|---|
400 | ERROR_TOKEN / AUTH_TOKEN_NOT_FOUND | Given token does not exist. |
400 | ERROR_TOKEN / AUTH_TOKEN_NOT_ACTIVE | Given token is not active. |
400 | ERROR_VALUE_MISSING / INVALID_CURRENCY_CODE | Incorrect currency code. |
400 | ERROR_VALUE_INVALID / INVALID_COUNTRY_CODE | Validation error, countryCode field in the blikData section. An unsupported country code was used. |
400 | ERROR_VALUE_MISSING / MISSING_APPKEY | Validation error, missing appKey field in the blikData section. |
400 | ERROR_VALUE_INVALID / INVALID_ALIAS_LABEL_PROPOSAL_USAGE | The aliasLabelProposal field cannot be used during token payment, in the case of tokens managed by PayU. |
400 | ERROR_VALUE_MISSING / MISSING_ALIAS_LABEL_PROPSAL | The aliasLabelProposal field is required during the PAYID token payment, in the case of tokens managed by merchant. |
400 | ERROR_VALUE_INVALID / INVALID_REGISTER_TOKEN_VALUE_USAGE | The registerTokenValue field cannot be used during PAYID token payment. |
400 | ERROR_VALUE_MISSING / MISSING_AUTHORIZATION_CODE_OR_TOKEN | Validation error, authorization data required - missing token. |
400 | ERROR_VALUE_INVALID / AMBIGUOUS_AUTHORIZATION_USAGE | Two authorization instruments were provided, in order to carry out the payment, only the value field should be filled, in which the token will be placed. |
400 | ERROR_VALUE_MISSING / MISSING_BUYER_EMAIL | Validation error, missing email field in the buyer section. |
400 | ERROR_VALUE_MISSING / MISSING_BUYER_EXT_CUSTOMER_ID | Validation error, missing extCustomerId field in the buyer section. |
400 | ERROR_VALUE_INVALID / INVALID_BLIK_RECURRING_TYPE | Validation error, type field in the recurring section. An unsupported type was used. |
400 | ERROR_VALUE_INVALID / INVALID_INITIALIZATION_DATE_USAGE | The initializationDate field cannot be used during token payment. |
400 | ERROR_VALUE_INVALID / INVALID_EXPIRATION_DATE_USAGE | The expirationDate field cannot be used during token payment. |
400 | ERROR_VALUE_INVALID / TOTAL_AMOUNT_REQUIRE_SCA | The totalAmount field cannot exceed the set threshold for transactions initiated by the merchant. |
400 | BUSINESS_ERROR / RECURRING_TOKEN_PAYMENT_NOT_ALLOWED | The recurring payment service has not been made available by PayU. |
400 | ERROR_VALUE_INVALID / INITIALIZATION_DATE_NOT_MET | Validation error, initializationDate field in the recurring section. Attempt to perform a transaction before the defined time. |
400 | ERROR_VALUE_INVALID / EXPIRATION_DATE_NOT_MET | Validation error, expirationDate field in the recurring section. Attempt to perform a transaction after the defined time. |
400 | ERROR_VALUE_INVALID / NO_CONFIRMATION_AUTH_LEVEL_REQUIRED | Validation error, recommendedAuthLevel field in the blikData section. The value of the field must be set to NO_CONFIRMATION . |