OwnPay is a self-hosted payment gateway platform that exposes a clean REST API for accepting payments, querying transactions, and reacting to real-time events. This guide walks you from zero to a working integration — API key in hand, first payment created, and webhook handler verified — in five minutes or less.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/own-pay/OwnPay-Documentation/llms.txt
Use this file to discover all available pages before exploring further.
Every API request is authenticated with a Bearer token issued from your OwnPay admin panel. Keys are shown only once at creation time, so store yours in a secrets manager immediately.
Never commit API keys to source control. Store them as environment variables and load them at runtime.
Choose the SDK that matches your stack. Both clients wrap the same REST API and share identical behavior.
A payment intent represents a pending checkout session. After creating one, redirect your customer to the returned
checkout_url.A successful response returns a
payment_id, a one-time token, and the checkout_url your customer visits to pay:{
"success": true,
"data": {
"payment_id": "a810b445-564a-4e20-80a5-f1261d7b328a",
"token": "tok_4821a8f902bd3f46",
"checkout_url": "https://pay.your-domain.com/checkout/tok_4821a8f902bd3f46",
"status": "created"
}
}
Save the
payment_id to your database before redirecting — you’ll need it to verify payment status in your callback handler and in webhook events.OwnPay sends a signed HTTP POST to your webhook endpoint when a payment is completed, failed, or refunded. Always verify the
X-OwnPay-Signature header before processing any event — it proves the payload originated from your OwnPay instance.https://your-store.com/webhooks/ownpayOWNPAY_WEBHOOK_SECRET in your environment.Return HTTP
200 as quickly as possible. OwnPay times out after 10 seconds and will retry delivery up to 5 times with exponential backoff (1 min → 5 min → 30 min → 2 h → 12 h). Offload heavy work to a background queue.Before going live, run your integration against OwnPay’s sandbox environment. No real charges are made; all webhooks and order status updates fire exactly as in production.
ngrok
Tunnel a local port to a public HTTPS URL. Register the ngrok URL as your webhook endpoint in the OwnPay admin panel.
Webhook.cool
Temporary webhook URL for inspecting raw payloads before writing your handler.
API Quick Reference
All endpoints are relative to your brand’s base URL:https://{your_brand_domain}/api/v1
| Method | Endpoint | Scope | Purpose |
|---|---|---|---|
| POST | /payments | write | Create a new payment intent |
| GET | /payments/{id} | read | Retrieve payment details and current status |
| GET | /transactions | read | List all transactions with filters |
| GET | /transactions/{id} | read | Retrieve a single transaction by ID |
| POST | /refunds | write | Request a full or partial refund |
| GET | /refunds | read | List refunds |
| GET | /refunds/{id} | read | Retrieve a single refund by ID |
| GET | /customers | read | List customers |
| POST | /customers | write | Create a customer |
| GET | /customers/{identifier} | read | Retrieve a customer by identifier |
| GET | /api-keys | read | List API keys |
| POST | /api-keys | write | Create an API key |
| DELETE | /api-keys/{id} | write | Delete an API key |
| POST | /webhooks/tests | write | Fire a test payment.completed event |
| GET | /webhooks/deliveries | read | View recent webhook delivery attempts |
| GET | /health | None | System health check (no auth required) |
The full interactive OpenAPI reference with request/response schemas, field validation rules, and a live API tester is available at docs.ownpay.org.
Common Troubleshooting
“Invalid API key” error Verify the key hasn’t been revoked in Developer Hub → API Keys. Regenerate and update your environment variables if needed. Webhook not received Confirm your endpoint is publicly reachable over HTTPS and that your server firewall allows inbound connections from your OwnPay instance’s IP. Check Developer Hub → Webhooks → Delivery Log for error details. Payment stuck inpending
Check that your OwnPay cron job is running: php public/index.php cron. The cron process advances payment states.
CORS errors on payment creation
Expected behavior — always call the OwnPay API from your backend, never directly from the browser.
Next Steps
PHP SDK Guide
Full reference for the PHP client: payment intents, payment links, transactions, and error handling.
Node.js SDK Guide
Full reference for the TypeScript/Node.js client with type definitions and Express examples.
Webhooks Deep Dive
All event types, retry behavior, delivery logs, and idempotency best practices.
WooCommerce Plugin
Install and configure the OwnPay gateway plugin for WordPress WooCommerce stores.