ReadyCMS Checkout Service

ReadyCMS Checkout API

A headless, server-to-server checkout service that handles order creation, payment gateway routing, callback processing, and order fulfillment for any ReadyCMS-powered storefront.

🔒

Secure by Default

HMAC-SHA256 request signing, per-tenant key derivation, anti-replay protection with nonces and timestamp validation. Your payments are safe.

🔬

Multi-Gateway

Stripe, PayPal, NestPay, WSPay, AllSecure, 2Checkout built-in. Add new gateways by extending PaymentPluginBase with a single class.

Zero Frontend

No UI to build or maintain. Your client website collects order data, sends one POST, and the checkout service handles everything else.

API Endpoints

POST /create Create order & initiate payment
GET /nonce Generate anti-replay nonce
GET /callback/{gateway} Payment provider callback
POST /callback/{gateway} Webhook receiver
GET /health Service health check
GET /docs Developer documentation

Supported Payment Gateways

Stripe PayPal NestPay (3D Secure) WSPay AllSecure 2Checkout (Verifone) Mock (Development)

Quick Start

// 1. Send a POST to /create with your order data const response = await fetch('https://checkout.readycms.io/create', { method: 'POST', headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${app_id}:${app_secret}` }, body: JSON.stringify({ namespace: 'your-store', app_id: 'your-app-id', amount: 5000, // $50.00 in cents currency: 'USD', payment_type: 'card', gateway: 'stripe', items: [{ id: 1, quantity: 2 }], signature: computedHmac, timestamp: Math.floor(Date.now() / 1000), nonce: generatedNonce, return_urls: { success: 'https://your-store.com/success', cancel: 'https://your-store.com/cancel' } }) }); // 2. Handle the response const data = await response.json(); if (data.data.flow === 'card_redirect') { window.location.href = data.data.redirect_url; // Stripe, PayPal, etc. } else if (data.data.flow === 'non_card') { showConfirmation(data.data.order_id); // Cash on delivery, bank transfer }