---
page_title: Merchant Guide
product: Merchant Specs
page_source: https://juspay.io/pe/docs/upi-merchant-stack-pe/docs/overview/merchant-guide
llms_txt: https://juspay.io/pe/docs/llms.txt
product_llms_txt: https://juspay.io/pe/docs/upi-merchant-stack-pe/llms.txt
---


# **MERCHANT ONBOARDING** 



To accommodate varying technical capabilities and operational scales, Juspay offers three onboarding approaches for onboarding merchants and sub-merchants. The appropriate approach can be selected based on the onboarding entity's integration readiness and transaction volume.


### **1. Dashboard Onboarding** 



The onboarding entity can onboard merchants and sub-merchants manually through the Juspay admin dashboard. The onboarding entity is responsible for accessing the dashboard and entering all required merchant profile and business details to successfully complete the onboarding process.


### **2. API Onboarding** 



Juspay provides onboarding APIs that enable onboarding entities to onboard merchants and sub-merchants. The onboarding entity submits the required merchant details through the API, and upon successful onboarding, Juspay returns the merchant credentials and onboarding information in the API response.


### **3. Onboarding Form** 



Merchants and sub-merchants can also be onboarded by submitting an onboarding form provided by Juspay. Once the completed form is received and the onboarding process is successfully completed, the merchant credentials and relevant onboarding details will be shared with the respective merchant.


## **Merchant Credentials** 



Once a Bank Partner is chosen and merchant is onboarded, Juspay will then provide the following merchant credentials which are required for making API calls. Here’s a quick understanding of the credentials that we share.

1. **Merchant Id :**  A unique identifier for the Merchant in the PSP system.
2. **Merchant Channel Id :** Unique id for the channel via which request is made.
3. **Merchant VPA :**  This is the Virtual Payment Address assigned to the merchant for receiving payments.
4. **MCC :** A 4-digit Merchant Category Code used to categorize the payee.
5. **KID :**  A unique Key ID to identify the public-private key pair used for signature generation within the PSP system(Merchant KID, PSP KID).
6. **PG Public Key :**  This is the PSP's public key, employed for the verification of API responses and callbacks.

> **Error**
> 1. For merchants with different LOBs(Line of Business), separate VPA needs to be created for each use case and with correct MCC.
> 2. The VPA should consist of alphabetic characters from A–Z and a–z, numeric digits from 0–9, accented vowels (á, é, í, ó, ú), vowels with diaeresis (ä, ë, ï, ö, ü), and the characters ñ and Ñ. In addition, only three special characters are permitted: underscore (_), hyphen (-), and dot (.).
> 3. Once the merchant receives the details mentioned above, the merchant will be required to provide a **Merchant Callback URL** for receiving Webhooks and the **Merchant Public Key**  for verifying the requests sent by the merchant. After these details are shared, Juspay will enable the merchant and can start hitting the APIs. For guidance on generating a Public-Private key pair and understanding the callback URL, please refer below.




## **Generate API Keys** 



We use JSON Web Signature (JWS) to ensure the integrity of data exchanged between merchant and our system. Private key is used to generate the JWS Signature and Public key is used for verifying it. It is crucial to securely store the Private Key within a cryptographic vault on the merchant's servers and under no circumstances should the Private Key be exposed to the client or any external parties.

Here are the step-by-step instructions to generate a 2048 bit public-private key pair(KeyFormat-PEM).

1. Generating Private Key
   
   To generate the Private Key, run the below command on terminal. 
   
   
   #### Shell Code Snippet:
   
   ```shell
   openssl genrsa -out privateKey.pem 2048
   ```
   
   
   The private key generated will be stored as a file named ‘**privateKey.pem** ’ and is to be used to generate the Public key using the procedure given below.
2. Generating Public Key
   
   Public key is always generated on top of the private key as they both come in pair. To generate the Public key, run the below command on the terminal. 
   
   
   #### Shell Code Snippet:
   
   ```shell
   openssl rsa -in privateKey.pem -outform PEM -pubout -out publicKey.pem
   ```
   
   
   The public key generated will be stored as a file named ‘**publicKey.pem** ’ and is required to be shared with payment gateway for verifying the requests sent by the merchant.


## **Callback URL** 



For every API call made, we provide a callback (commonly known as a webhook) to your server. These callbacks serve as direct notifications, updating you on events status for transactions, refunds etc. Configuring callbacks remains is mandatory step in our process. As a merchant, it is required to share your designated callback URL with Juspay to receive these callbacks for API calls.

---

## See Also

- [Introduction](https://juspay.io/pe/docs/upi-merchant-stack-pe/docs/overview/introduction)
- [API Guide](https://juspay.io/pe/docs/upi-merchant-stack-pe/docs/overview/api-guide)