Key capabilities
- Full checkout session lifecycle for the ACP spec
- Delegated payment endpoint with vault token support
- Optional Stripe PaymentIntent integration
- Idempotency keys and request tracing
- Swagger UI at
/docsand OpenAPI JSON at/openapi.json - gRPC API mirroring the HTTP endpoints
Architecture overview
Quickstart
http://0.0.0.0:8080 by default. The gRPC server listens on 0.0.0.0:50051.
To run the demo flow:
Create a checkout session
Core endpoints
| Method | Endpoint | Description |
|---|---|---|
| POST | /checkout_sessions | Create a checkout session |
| GET | /checkout_sessions/:id | Retrieve a checkout session |
| POST | /checkout_sessions/:id | Update a checkout session |
| POST | /checkout_sessions/:id/complete | Complete checkout and create order |
| POST | /checkout_sessions/:id/cancel | Cancel a checkout session |
| POST | /agentic_commerce/delegate_payment | Delegated payment (vault token) |
| GET | /health | Health check |
| GET | /ready | Readiness check |
| GET | /docs | Swagger UI |
| GET | /openapi.json | OpenAPI spec |
Delegated payments
The delegated payment endpoint accepts payment tokens from a PSP vault. Tokens are validated for allowance and expiry and are consumed after use.Stripe integration
Set the following environment variables before starting the server to process delegated payments with Stripe:STRIPE_SECRET_KEYSTRIPE_PUBLISHABLE_KEY(optional)STRIPE_WEBHOOK_SECRET(optional, for webhook signature verification)
gRPC access
The gRPC API mirrors the HTTP endpoints and uses the same API keys. Sendauthorization: Bearer <api_key> as gRPC metadata.
Related components
The repository also includes:- A Next.js dashboard for monitoring checkout sessions
- A ChatGPT widget server for MCP-based agent flows
- Kubernetes and Docker Compose deployment assets