STRABL Checkout Integration

REST API Documentation

This document provides the official integration guide for STRABL Hosted Checkout using REST APIs.
It covers the complete checkout lifecycle, environment configuration, API usage, redirection flow, and webhook handling.

This documentation is divided into two sections:

Merchant Guide – Business-level understanding and flow

Developer Guide – Technical implementation details

Part 1: Merchant Guide

1. Introduction

STRABL Hosted Checkout allows merchants to accept payments securely without handling sensitive payment information.

STRABL provides:

A hosted checkout page

Secure payment processing

OTP-based authentication

PCI-compliant infrastructure

Webhook-based payment notifications

Merchants are responsible for:

Creating checkout sessions

Redirecting customers to STRABL Checkout

Handling post-payment order fulfillment

2. Checkout Lifecycle (Merchant Perspective)

Customer initiates payment on merchant website or application

Merchant backend creates a checkout session with STRABL

Customer is redirected to STRABL Hosted Checkout

Customer completes payment

STRABL redirects customer back to merchant

STRABL sends webhook events to confirm payment status

💡

Important:

Customer redirection does not confirm payment success.

Webhooks are the authoritative source of payment status.

3. Supported Environments

3.1 Sandbox Environment

The sandbox environment is used for development and testing.

Configuration	Value
API Base URL	https://sandbox.api.strabl.com
Checkout URL	https://sandbox.checkout.strabl.io
OTP	123456

3.2 Production Environment

The production environment is used for live transactions.

Configuration	Value
API Base URL	https://api.strabl.com
Checkout URL	https://checkout.strabl.io

4. Customer Redirection Flow

Once a checkout session is created:

Customers are redirected to STRABL Checkout

Payment details are entered securely on STRABL

Customers are redirected back to the merchant website after completion

Merchants must validate payment outcomes using webhook notifications.

5. Post-Payment Notifications

STRABL sends webhook notifications for all order and payment events, including:

Payment success

Payment failure

Checkout cancellation

Abandoned checkout

Refunds

Merchants must implement webhook endpoints to process these events reliably.

Part 2: Developer Guide

6. Technical Flow Overview

Create a checkout session (cart)

Receive a unique cartId

Redirect customer to STRABL Checkout

Receive webhook notifications

Update internal order status

7. Create Checkout Session API

This API is used to create a checkout session (cart) in STRABL.
A successful request returns a unique cartId which is required to redirect the customer to STRABL Checkout.

7.1 Endpoint

POST /v2/public/api/cart/

7.2 Base URLs

Sandbox
https://sandbox.api.strabl.com

Production
https://api.strabl.com

8. Request Object Definitions

8.1 Store Object

Field	Type	Description
name	String	Display name of the store
url	String	Store website URL
logo	String	Publicly accessible logo URL
platformUuid	String	STRABL-assigned platform UUID

8.2 Cart Object

Field	Type	Description
currency	String	ISO currency code (e.g. USD, AED)
country	String	ISO country code
items	Array	List of cart items
merchantUrls.successUrl	String	Redirect URL after successful payment
merchantUrls.failureUrl	String	Redirect URL after failed or cancelled payment

8.3 Item Object

Field	Type	Description
title	String	Item title
description	String	Item description
price	Number	Unit price
sku	String	Merchant SKU
quantity	Number	Quantity of the item

9. Create Cart API Response

Please checkout, how to create a checkout session for complete api

10. Redirect to STRABL Checkout

After receiving the cartId, redirect the customer to STRABL Hosted Checkout.

10.1 Sandbox Redirect URL

https://sandbox.checkout.strabl.io/?token={cartId}

10.2 Production Redirect URL

https://checkout.strabl.io/?token={cartId}

10.3 Redirect Notes

Redirection can be performed from frontend or backend

Each cartId is valid for a single checkout attempt and only valid for 45 minutes.

11. Payment Processing

Payment is processed entirely on STRABL infrastructure

Customers enter payment details on STRABL Checkout

OTP authentication is mandatory

Sandbox OTP for testing: 123456

STRABL ensures PCI DSS compliance

12. Post-Payment Redirection

After checkout completion:

Scenario	Redirect URL
Payment Success	`merchantUrls.successUrl`
Payment Failure / Cancel	`merchantUrls.failureUrl`

Important:

Redirect URLs should not be used to confirm payment status.

Webhooks must be used as the final confirmation mechanism.

13. Webhook Integration

STRABL sends webhook notifications to inform merchants of order and payment status changes.

13.1 Common Webhook Events

Event	Description
`order_created`	Order created
`order_updated`	Payment or order status updated
`order_cancelled`	Order cancelled
`order_refunded`	Payment refunded
`order_abandoned`	Checkout not completed

13.2 Webhook Security

All webhook requests include the X-Client-Signature header

Merchants must validate the signature using the shared secret

Webhook endpoints must return HTTP 200 OK

13.3 Webhook Best Practices

Process webhooks idempotently

Log webhook payloads for audit and reconciliation

Do not perform long-running operations synchronously upon receiving the webhook

Always acknowledge webhooks quickly

14. Best Practices & Recommendations

Do not rely on frontend redirects for payment confirmation

Use HTTPS for all merchant endpoints

Handle duplicate and retry webhook events safely

Maintain proper order-to-cart mapping

15. Sandbox to Production Checklist

Before going live:

Switch API base URL to production

Switch checkout redirect URL to production

Configure production webhook secrets

Perform end-to-end testing

Monitor initial live transactions

16. Environment Quick Reference

Category	Sandbox	Production
API Base URL	`https://sandbox.api.strabl.com`	`https://api.strabl.com`
Checkout URL	`https://sandbox.checkout.strabl.io`	`https://checkout.strabl.io`
OTP	`123456`	Live OTP

17. Support

For integration support, contact STRABL with the following details:

Environment (Sandbox or Production)

Cart ID

Timestamp of the request

Relevant webhook payloads

REST Integration

STRABL Checkout Integration#

REST API Documentation#

Part 1: Merchant Guide#

1. Introduction#

2. Checkout Lifecycle (Merchant Perspective)#

3. Supported Environments#

3.1 Sandbox Environment#

3.2 Production Environment#

4. Customer Redirection Flow#

5. Post-Payment Notifications#

Part 2: Developer Guide#

6. Technical Flow Overview#

7. Create Checkout Session API#

7.1 Endpoint#

7.2 Base URLs#

8. Request Object Definitions#

8.1 Store Object#

8.2 Cart Object#

8.3 Item Object#

9. Create Cart API Response#

10. Redirect to STRABL Checkout#

10.1 Sandbox Redirect URL#

10.2 Production Redirect URL#

10.3 Redirect Notes#

11. Payment Processing#

12. Post-Payment Redirection#

13. Webhook Integration#

13.1 Common Webhook Events#

13.2 Webhook Security#

13.3 Webhook Best Practices#

14. Best Practices & Recommendations#

15. Sandbox to Production Checklist#

16. Environment Quick Reference#

17. Support#

STRABL Checkout Integration

REST API Documentation

Part 1: Merchant Guide

1. Introduction

2. Checkout Lifecycle (Merchant Perspective)

3. Supported Environments

3.1 Sandbox Environment

3.2 Production Environment

4. Customer Redirection Flow

5. Post-Payment Notifications

Part 2: Developer Guide

6. Technical Flow Overview

7. Create Checkout Session API

7.1 Endpoint

7.2 Base URLs

8. Request Object Definitions

8.1 Store Object

8.2 Cart Object

8.3 Item Object

9. Create Cart API Response

10. Redirect to STRABL Checkout

10.1 Sandbox Redirect URL

10.2 Production Redirect URL

10.3 Redirect Notes

11. Payment Processing

12. Post-Payment Redirection

13. Webhook Integration

13.1 Common Webhook Events

13.2 Webhook Security

13.3 Webhook Best Practices

14. Best Practices & Recommendations

15. Sandbox to Production Checklist

16. Environment Quick Reference

17. Support