Skip to main content

The callback flow

After a payment, Payshiga redirects the checkout iframe to your callbackUrl with query parameters indicating the outcome (e.g. ?status=success&reference=reeple_xxx). The SDK detects this same-origin navigation, reads the query params, and fires onSuccess(data) — then closes the modal automatically.
onSuccess is a convenience for updating your UI immediately. It fires from data read out of the browser URL, which a malicious user could tamper with. Always verify the transaction server-side before marking an order as paid.

ReepleSuccessData shape

interface ReepleSuccessData {
  amount: number;
  currency: string;
  reference: string;
  status: string;
  message: string;
  statusCode?: number;
  success?: boolean;
  // ...plus any additional query params Payshiga appends to your callbackUrl
}

Verifying on your server

Your server-side handler at callbackUrl should:
1

Read the query params

e.g. ?status=success&reference=reeple_xxx
2

Verify the transaction

Call Payshiga’s verify endpoint server-to-server, using the reference — never trust the browser params alone.
3

Update your order/database

Mark the order paid only after the server-side verification succeeds.
4

Return a response

The SDK closes the modal automatically once the callback URL is reached; your onSuccess callback handles the client-side redirect.
// Example Express.js callback handler
app.get('/payment/callback', async (req, res) => {
  const { reference, status } = req.query;

  // Verify with Payshiga server-to-server (see Payshiga's API docs)
  const verified = await verifyPayment(reference);

  if (verified.status === 'success') {
    await db.orders.markPaid(reference);
  }

  res.send('<html><body>Processing...</body></html>');
  // The SDK closes the modal; your onSuccess callback handles the UI redirect
});

Session timeout

If the checkout session isn’t completed within 10 minutes, onError fires and the session expires.