Embed vs redirect
Always verify payment status on your server with webhooks or
GET /api/v1/payments/{id}. Client-side callbacks are for UX only.
Installation
npm
Script tag
Afternpm run build, the IIFE bundle is served from your Payoes host:
baseUrl: "http://localhost:3000".
End-to-end flow
1
Create a payment on your server
Use your secret API key to create a payment and read
id or checkout_url.2
Open checkout in the browser
Call
Payoes.openCheckout({ paymentId }) after the customer clicks Pay.3
Handle completion
Use
onComplete to update UI. Confirm the payment with webhooks before fulfilling orders.API
Payoes.openCheckout(options)
Payoes.closeCheckout()
Programmatically closes the modal and notifies the iframe.
Modal behavior
Customers can close with the X button, backdrop click, or Escape.
postMessage protocol
The iframe loads/c/{payment_id}?embed=1 and communicates with the parent page:
Troubleshooting
Iframe blocked or blank
Iframe blocked or blank
Ensure your Payoes host allows embedding. Checkout routes send
Content-Security-Policy: frame-ancestors * in v1.Wallet popup does not open on mobile
Wallet popup does not open on mobile
Some mobile wallets open in a separate app. After paying, return to the browser tab that opened the embed.
onComplete never fires
onComplete never fires
Confirm the payment reached
completed or refunded status. Use webhooks as the source of truth.Local development
Local development
Pass
baseUrl: "http://localhost:3000" and create sandbox payments with a sandbox API key.Related
- Hosted checkout: redirect flow and customer experience
- Webhooks: reliable payment confirmation
