[Feature]: Missing Invoice Payment Signature Verification in Docs/SDK

[AxatSachani]

The current Razorpay Node.js SDK and documentation only cover order-based payment verification. However, many of us are using the Invoice API to create invoices and collect payments (especially for tax/compliance reasons and downloadable PDFs).

After payment, Razorpay returns these fields:

{
  razorpay_payment_id: "pay_XXXX",
  razorpay_invoice_id: "inv_XXXX",
  razorpay_invoice_status: "paid",
  razorpay_invoice_receipt: "receipt_XXXX",
  razorpay_signature: "generated_signature"
}

Suggested Solution

The correct payload format (after testing and verifying manually) is:

razorpay_invoice_id | razorpay_invoice_receipt | razorpay_invoice_status | razorpay_payment_id

You can verify the signature like this in Node.js:

const crypto = require("crypto");

const secret = "YOUR_KEY_SECRET";
const data = "inv_XXXX|receipt_XXXX|paid|pay_XXXX";

const expectedSignature = crypto
  .createHmac("sha256", secret)
  .update(data)
  .digest("hex");

// Compare expectedSignature with razorpay_signature

Alternatives

No response

Additional Information

Please consider:

• Adding a utility method in the SDK for validatePaymentVerification().

• Updating the docs (paymentVerification.md) to include invoice verification as well.

PR

• feat: extend validatePaymentVerification to support invoice payments #451