Expiring checkout pages
Handle expiry on 0Base checkout and payment-intent objects.
Expiring checkouts protect merchants and customers from stale amounts, stale payment instructions, expired quotes, and abandoned browser sessions. Expiry is not an error by itself; it is a normal lifecycle boundary that must be visible in product, support, and finance systems.
0Base availability is account-gated. Build against capabilities, merchant status, environment mode, and settlement settings instead of assuming that every payment method, asset, network, cadence, or refund path is enabled for every merchant.
0Base product docs and API details
These pages are public product guidance for merchant and platform developers. 0Base endpoint-level API pages are not published for partners yet; use this product documentation to understand the workflow, records, and launch boundaries.
End-to-end picture
This flow is intentionally shown as product infrastructure: Create checkout -> Expose expiry -> Customer action -> Expiry timer -> Expire or complete -> Recover with new object. The merchant application can make the customer experience simple, but the backend should keep each step visible enough for retries, support, and finance closeout.
Production contract
| Boundary | What to build | Why it matters |
|---|---|---|
| Expiry timestamp | Store and display expires_at from the checkout or deposit object. | Customers need a clear deadline. |
| Order lock | Prevent cart changes from silently altering a live checkout. | Preserves the payment promise. |
| Expire endpoint | Expire stale checkouts when the merchant order is cancelled or replaced. | Reduces accidental late payments. |
| Recovery UX | Create a fresh checkout when the user still wants to pay. | Keeps new amount/state separate. |
| Support visibility | Record whether expiry came from time, manual action, or replacement. | Support can explain what happened. |
Status and state handling
| State | What it means | Developer action |
|---|---|---|
| Open | Checkout can be paid before expiry. | Show timer where useful. |
| Completed | Payment reached terminal success before expiry. | Fulfill and ledger. |
| Expired | Checkout cannot be used as the current payment path. | Create a fresh path if needed. |
| Failed | Checkout ended in non-success. | Recover according to policy. |
Status handling should be strict even when the customer UI is friendly. Store raw 0Base statuses, map them to customer-safe labels at the edge, and keep the merchant order state separate from the payment object state. That separation lets you change customer copy without corrupting reconciliation.
Example implementation record
This is an application-side record shape for expiring checkouts. Keep exact request and response fields aligned with your enabled account contract when 0Base API access is released for your partner account; the point of this record is to keep product, support, and finance joined in your system.
{
"checkout_id": "chk_live_123",
"merchant_order_id": "ord_999",
"status": "open",
"expires_at": "2026-06-28T21:00:00Z",
"replacement_checkout_id": null,
"expiry_reason": "time_bound_checkout"
}Operational scenario
A checkout expiry should feel routine to the customer: the page says the session expired, the store keeps the order unpaid, and the backend creates a fresh checkout only if the order is still valid.
In practice, production 0Base integrations make the happy path fast while keeping exceptions predictable: retries return the same object, delayed notifications can be repaired, expired sessions do not become mystery payments, and finance exports can be traced back to the original merchant order.
Before and after
| Before 0Base | With 0Base |
|---|---|
| Expired sessions were treated as system failures. | Expiry is a normal terminal or recovery state. |
| Old checkout links stayed valid after cart edits. | Old objects are expired and replaced. |
| Support could not tell if customer paid late. | Expiry timestamp and event history are stored. |
| The UI refreshed the timer locally. | The backend object expiry is the source of truth. |
Evidence to keep
| Evidence | What to store |
|---|---|
| Expiry evidence | Object id, expiry timestamp, reason, old/new checkout ids. |
| Order evidence | Cart amount at checkout creation, cart revision, cancellation status. |
| Customer evidence | Last page state shown, retry link issued, support reference. |
| Event evidence | Expired/completed/failed event id and processed timestamp. |
| Recovery evidence | Fresh checkout id and idempotency key if recreated. |
This evidence is what makes the integration supportable at institutional scale. A developer should not need private operational knowledge to answer basic questions such as what the customer saw, which object owns the state, which event announced the change, and which ledger or report row closed the money movement.
Failure modes and recovery
| Failure mode | Recovery |
|---|---|
| Customer pays old instructions | Do not fulfill automatically; inspect current object state and recovery policy. |
| Timer differs between browser and backend | Use backend expiry and correct UI display. |
| Expire call races success | Read current status; terminal success should not be overwritten. |
| Repeated checkout recreation | Throttle or reuse pending order state with idempotency. |
Recovery should be idempotent and explainable. When the system is uncertain, preserve the current raw status, read the latest object state, attach a support reference, and avoid changing fulfillment or finance state until a trusted terminal condition is present.
API adjacency
| API area | Use it for |
|---|---|
POST /checkouts/{id}/expire | Expire checkout. |
POST /checkouts | Create replacement checkout. |
GET /payment_intents/{intentId} | Check payment state. |
GET /reports/transactions | Confirm closeout after expiry edge cases. |
For endpoint-level implementation, use the API reference as the source of truth for fields, enums, authentication, idempotency behavior, pagination, and response examples.
Why this matters for merchants and customers
Expiry is customer protection and merchant protection. It prevents stale amounts, stale instructions, and abandoned sessions from turning into unclear payment obligations.
At scale, the value of 0Base is not only that a payment can be created. The value is that the payment can be explained later: what the customer saw, which account capabilities allowed it, which backend state changed, which notification delivered it, and which ledger or report row closed it.
Worked API path
The example below shows the implementation shape for this page. Use merchant-specific capabilities, account settings, and API responses in production; the ids and values here are illustrative.
curl -X POST https://base-api-sandbox.0bit.app/v1/checkouts \
-H "Authorization: Bearer $OBIT_SECRET_KEY" \
-H "Content-Type: application/json" \
-H "Idempotency-Key: ord_100045:base:v1" \
-d '
{
"amount": "129.00",
"currency": "EUR",
"cryptoCurrency": "USDT",
"clientReference": "ord_100045"
}'Example response shape:
{
"checkout_id": "chk_test_123",
"status": "open",
"amount": "129.00",
"currency": "EUR",
"crypto_currency": "USDT",
"payment_intent_id": "pi_test_456",
"checkout_url": "https://checkout.0bit.app/c/chk_test_123",
"expires_at": "2026-06-28T21:00:00Z"
}Implementation checkpoints:
- Store your merchant reference before calling 0Base.
- Attach the returned object id to the same business record.
- Record the request id, idempotency key, raw status, and environment.
- Use webhook and report reads to repair delayed or missed state changes.
Data join map
This join map is the reason 0Base is infrastructure rather than a payment button. A merchant can change checkout UX, support tooling, or finance exports without losing the chain from customer action to backend state and settlement evidence.
Operator runbook
| Signal | Check first | Action |
|---|---|---|
| Customer reports payment not updating | Look up merchant order id, 0Base object id, raw status, and latest webhook delivery. | Read current object state before changing fulfillment. |
| Webhook delivery failed | Check delivery id, event id, attempts, last error, and handler logs. | Fix the handler, replay once, and dedupe by event id. |
| Finance cannot match a row | Compare client reference, intent id, settlement id, report period, and export row. | Move the item to reconciliation queue instead of closing by amount/date. |
| Customer paid but order is still pending | Check raw intent status, deposit-address status, confirmations, and latest report row. | Keep fulfillment pending until terminal success or documented manual review. |
The runbook should be available to support and finance teams before launch. A developer integration is not complete if only engineering can explain the state of a customer payment.
Developer checklist
- Display the real expiry timestamp.
- Expire replaced or cancelled checkouts.
- Do not mutate old checkout amounts.
- Create fresh objects for fresh payment attempts.
- Store expiry reason and replacement id.
- Test clock skew and browser resume cases.