Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/ALEJ4NDRO2025/urban-store/llms.txt

Use this file to discover all available pages before exploring further.

After Stripe redirects the user back to your success page, call this endpoint with the order_id and the payment_intent_id extracted from the URL parameters. The server retrieves the PaymentIntent directly from Stripe to verify its status — if it is succeeded, the order is marked paid, paid_at is recorded, and expires_at is cleared. No reliance on webhooks is required for this flow.

Endpoint

POST /api/payments/confirm-payment/

Authentication

Bearer token required. Returns 401 if the token is missing or invalid.

Request Body

order_id
string
required
MongoDB ObjectId of the order being paid. The order must belong to the authenticated user.
payment_intent_id
string
required
Stripe PaymentIntent ID, beginning with pi_. This value is available as the payment_intent query parameter in Stripe’s redirect URL after a successful checkout.

Behavior

  1. Both order_id and payment_intent_id are required; a 400 is returned if either is missing.
  2. The order is fetched and verified to belong to the authenticated user (404 if not found).
  3. stripe.PaymentIntent.retrieve(payment_intent_id) is called. A StripeError returns 400.
  4. If intent.status == 'succeeded':
    • order.status"paid"
    • order.paid_at → current UTC time
    • order.expires_atNone
    • Order is saved.
  5. Any other Stripe status returns 400 with the raw status string.
Typical frontend flow: Stripe redirects to https://yourstore.co/order/success?payment_intent=pi_...&order_id=.... On that page, read both parameters from the URL and POST them to this endpoint before showing the confirmation UI.

Request Example

{
  "order_id": "664f1a2b3c4d5e6f7a8b9c0d",
  "payment_intent_id": "pi_3PQ1RxKZ2eZvKYlo1AbCdEfG"
}

curl -X POST https://api.urbanstore.co/api/payments/confirm-payment/ \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "order_id": "664f1a2b3c4d5e6f7a8b9c0d",
    "payment_intent_id": "pi_3PQ1RxKZ2eZvKYlo1AbCdEfG"
  }'

Response — 200 OK (payment succeeded)

status
string
Always "paid" when the payment was successfully confirmed.
message
string
Human-readable confirmation message: "Pago confirmado".
{
  "status": "paid",
  "message": "Pago confirmado"
}

Response — 400 (payment not completed)

When Stripe’s PaymentIntent status is anything other than succeeded, the server returns 400 with the raw Stripe status: 
{
  "status": "requires_action",
  "message": "Pago no completado. Estado actual: requires_action"
}

Error Responses

StatusCondition
401 UnauthorizedToken missing, malformed, or expired
400 Bad Requestorder_id or payment_intent_id not provided
400 Bad RequestStripe returned a non-succeeded status
400 Bad RequestStripe API returned a StripeError
404 Not FoundOrder not found or does not belong to authenticated user

Build docs developers (and LLMs) love

Get started for freeTalk to us