Validate an embedded checkout session
Validates a client_secret and returns session data needed to render the checkout form. No API key required — the client_secret serves as the auth token.
Authorization
apiKey Merchant API key. Publishable keys (pk_test_* / pk_live_) are safe for browser/frontend use and carry a limited scope set (sessions, payment_instruments, customers, orders writes; products, product_prices, payment_links reads). Secret keys (sk_test_ / sk_live_*) grant full admin access and must only be used server-side.
In: header
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
application/json
application/json
curl -X POST "https://loading/v1/api/embedded-checkout/validate" \ -H "Content-Type: application/json" \ -d '{ "client_secret": "ecs_abc123_secret_xyz789" }'{
"success": true,
"timestamp": "2019-08-24T14:15:22Z",
"data": null,
"message": "string"
}{
"success": false,
"timestamp": "2019-08-24T14:15:22Z",
"error": {
"code": "string",
"message": "string",
"details": null
}
}{
"success": false,
"timestamp": "2019-08-24T14:15:22Z",
"error": {
"code": "string",
"message": "string",
"details": null
}
}Create an embedded checkout session
Creates a new embedded checkout session. Returns a client_secret that the merchant passes to their frontend to render the checkout form in an iframe.
Get crypto payment status for a checkout session
Returns the crypto payment reference status for this session. No API key required — the session ID serves as identification.