Custom payment gateway: API
To use the custom payment gateway feature, you need to build an application—the external checkout mentioned in previous entries. This application will act as the integration point between our API and the payment methods of your choice.
Payment flow overview
Return payment methods
As demonstrated in the above diagram: once a customer reaches the payment step in the cart, we send your application a request using your configured payment methods URL. At this point, you can return a list of supported payment methods. They will be displayed as payment method options in the cart's payment step.
If a customer clicks on one of your payment methods, they will be redirected to your external checkout—which you develop and host yourself.
Note: a step-by-step tutorial for developing and integrating a custom payment gateway is coming soon.
A word on request validation
As an additional step, we highly recommend validating that any incoming request originates from Snipcart. Requests we send to your endpoint contain a query parameter named
publicToken. You can send this token back to the validation endpoint to ensure that the request originates from Snipcart.
If the response has a successful status code, you can assume that it originates from Snipcart.
For more information, read this entry on the technical reference of the validation endpoint.
Retrieve payment invoice
Once the customer ends up on your external checkout screen, you must display information about the order to be paid.
Once the customer is on your external checkout, the rest of the payment sequence is up to you. Generally, this is where you collect customer's payment information and process the charge through the payment gateway platform you integrate.
When the payment succeeds (or fails), your integration must signal the outcome to Snipcart using the payment update endpoint.
You'll then be ready to redirect the customer back to the merchant store.
A word on hosting
When it comes to creating your application, there are no restrictions. You can use any technology and host it as you wish.
In the upcoming examples, we use a frontend-centric approach with serverless functions to handle backend operations.