Skip to main content


Affirm Merchant Help

Direct Checkout

Server-side webhook (optional)

Authorization flow
  1. User successfully completes an Affirm checkout & confirms their loan.
  2. A webhook request to an optional, self-hosted webhook endpoint URL is initiated by the Affirm API servers
  3. The HTTP POST request to the webhook endpoint URL contains the checkout_token in the request form, and has an "event" of "confirmed".
  4. Your webhook endpoint reads the request form and temporarily stores this checkout_token.
  5. Your webhook endpoint sends a POST request to the Affirm API authorization endpoint (/api/v2/charges/) with the saved checkout_token.
  6. Your webhook endpoint expects a response from the Affirm API with the charge information
  7. Your webhook endpoint validates that the authorized amount is equal to the order total and that the Order_ID matches the order
  8. If the amount and order_id are valid, your webhook endpoint stores the 'id' from the returned charge object. This Charge ID is attached to the order; and is used to uniquely identify the order. All future charge actions require this identifier.
  9. Order is created.
  10. Customer is presented with order confirmation page/message.

The customer has confirmed the loan. This is the last step of the Affirm checkout flow, which should subsequently trigger charge authorization.

    "checkout_token": "XVCZEXIR8NSJC5GK",
    "event_timestamp": "2017-09-27T06:25:31.316430",
    "created": "2017-09-27T06:24:35.787108",
    "event": "confirmed"

  • Was this article helpful?