Checkout
Checkout sessions separate the authenticated merchant session creation from the public buyer actions.
Authentication
There are two secure ways to create a session:
- Your backend: use a secret key with the
checkout_sessions.createscope. - Official MuPag widget: use a publishable key with the
checkout_sessions.createscope.
Never expose a secret key in the browser. A publishable key can only access operations explicitly allowed for frontend use.
Flow
- Your backend or the official widget creates the session with
POST /v1/checkout-sessions. - The frontend uses the public session endpoints to pick a method, apply a coupon and pay.
- The final status is confirmed by session reads and webhook events.
Key fields
success_urlandcancel_urlitemscustomer_idorcustomer_dataallowed_payment_methodsaffiliate_codeandcoupon_idwhen relevant
Use checkout when you need a cart-oriented payment experience with item detail and buyer-side interaction.
Did this page unblock the next step?
Feedback stays inside the docs flow and should never include customer or card data.