Create a checkout with the Storefront API

This tutorial shows you how to create a checkout in Shopify. It also covers how to update the checkout, including changing line items, populating the shipping address, and setting the shipping rate.

The final sections of the tutorial describe how to associate a customer with a checkout and complete the checkout.

Requirements

To complete the checkout in this tutorial using the checkoutCompleteWithCreditCardV2 or checkoutCompleteWithTokenizedPaymentV3 mutations, you need to have the write_checkouts_payments scope enabled for your app. The scope is enabled by requesting payment processing.

Limitations

Shopify limits the number of checkouts that can be created on the Storefront API per minute. For more information, refer to Shopify API rate limits.

Query product variants

Mutations often require that data is first returned by running a query. In the case of the checkoutCreate mutation, you need to return product variants before you can populate the checkout input fields with the required line item data.

The following query returns the first two product variants from your store, and specifies the ID as the payload object:

POST /api/2021-07/graphql.json

View response

JSON response

Create the checkout

You can use the checkoutCreate mutation to create a new checkout. The return fields include the Checkout object with the webUrl field.

The following mutation creates the checkout and returns the checkout id, the added line items, and the webUrl field that you'll use later to redirect the user to the web checkout.

POST /api/2021-07/graphql.json

The checkoutCreate mutation in detail

Let’s examine the checkoutCreate mutation in more detail.

In the following snippet, checkoutCreate is the name of the mutation, and input is the required argument. The required argument value is an input object type that includes the lineItems field, an array that includes variantId and quantity as required fields.

The rest of the mutation defines the return fields for the payload object. The return fields of the checkout show that id and webUrl fields can be returned, and that a lineItems connection can be specified.

The lineItems connection data must be accessed with edges. The node at the end of the CheckoutLineItemConnection type is a CheckoutLineItem and requires title and quantity:

View response

JSON response

Update the checkout

After creating the checkout using the checkoutCreate mutation, you can update the checkout by changing the line items, or the customer's shipping address.

Change line items on a checkout

To change the line items on a checkout, you can use the checkoutLineItemsReplace mutation. The mutation replaces the checkout's existing lineItems array with a new array that's specified in the mutation.

The following example replaces the existing line item with two new line items. The checkoutId argument identifies the checkout to update, and the lineItems argument specifies the variants and quantities to add to the checkout:

POST /api/2021-07/graphql.json

View response

JSON response

Populate the shipping address

Before you can properly complete a checkout, you need to set the customer shipping address by using the checkoutShippingAddressUpdateV2 mutation.

The following example defines the customer's shipping address using GraphQL variables:

POST /api/2021-07/graphql.json

GraphQL variables

View response

JSON response

Set the shipping rate

You can query Shopify for the shipping rates that are available for the checkout. Then you can select the applicable rate using the handle of the shippingRates and apply it to the checkout.

To return the availableShippingRates, you can query the Checkout object using node. The following query returns the shippingRates for the checkout:

POST /api/2021-07/graphql.json

View response

JSON response

Poll shipping rates

Because retrieving shipping rates can cause asynchronous recalculation, you might have to poll multiple times to return the list of rates. The following response indicates that you need to poll again:

After you've received the list of rates, you can then set the shippingRateHandle using the checkoutShippingLineUpdate mutation:

POST /api/2021-07/graphql.json

GraphQL variables

View response

JSON response

Associate a customer

You can associate a customer with a checkout so that the customer doesn't have to enter customer information when checking out. You can associate the customer to Shopify's web checkout or to a checkout that will be completed through the API.

Associate customers to web checkouts

If you're using Shopify's web checkout, then you can use the Multipass resource to log in customers and redirect them to a web checkout link. You can enable Multipass in a Shopify store, obtain the token identifying the customer, and log in the customer.

Redirect the customer to the web checkout URL

To get the Multipass token for the customer, you need to provide some customer information. During this step, you can provide a redirect URL using the return_to field to specify the URL of the web checkout. When customers are redirected to the checkout URL, they stay logged in to the Shopify store.

Associate customers to Storefront API checkouts

If you're not using Shopify's web checkout, then you need to get a customer access token to associate the customer with the checkout. You can get the access token using either the customerAccessTokenCreate or customerAccessTokenCreateWithMultipass mutations.

After you have the customer access token, you can use the checkoutCustomerAssociateV2 mutation.

Associate a customer to a checkout

After you've created a customer with a customer access token, you can use the token to associate the customer to the checkout. The following mutation uses the customer's access token and the checkout ID to associate the customer with the checkout.

POST /api/2021-07/graphql.json

GraphQL variables

View response

JSON response

Complete the checkout

After you've finished creating and performing any updates to the checkout, you can complete the checkout. There are several ways to complete a checkout:

Complete a checkout for a logged in customer

If you complete a checkout for a logged in customer, then the customer is prompted to log in again.

You can't use the X-Shopify-Customer-Access-Token header to preserve authentication when the customer is associated to the checkout. If the store is on a Shopify Plus plan, then you can use the Multipass resource to preserve authentication and associate the customer with the checkout.

If the customer doesn't have an account, then you can use the customerCreate mutation to create one.

Shopify web checkout

The simplest way to complete a checkout is to redirect the customer to Shopify's web checkout form using the returned webUrl field.

At any point during the checkout flow, you can redirect the user to this form by querying the webUrl field on the Checkout:

POST /api/2021-07/graphql.json

Notice the inline fragment ...on Checkout. This is required to show which object type should be queried for using id. Starting from the query root, node is an interface that implements the type Checkout.

You can pass the id of the Checkout to the node interface, and the inline fragment indicates that the id should be passed to the Checkout type.

A successful query to the Checkout object for webUrl returns the following data object:

JSON response

Shopify card vault

You can complete the checkout by sending credit card information to Shopify's PCI-compliant card vault. Then you can use the returned payment vault ID with the checkoutCompleteWithCreditCardv2 mutation.

Get the vault ID

To get the vault ID to complete a payment, you need to send a POST request to the Shopify card vault. The credit card information is sent in the body of the request, and a valid request returns an ID formatted as follows:

JSON response

Complete the checkout

To complete the checkout, send the payment information, including the amount, currencyCode and billingAddress fields. Send the payment vault ID as the vaultID.

POST /api/2021-07/graphql.json

GraphQL variables

View response

JSON response

The response includes the payment ID of the completed checkout:

3D Secure payments

If you're located in an area impacted by PSD2, then you need to implement 3D Secure payment processing into your app or sales channel. To implement 3D Secure, the following steps are required:

  • After completing a checkout with the checkoutCompleteWithCreditCardV2 mutation, redirect the customer to the URL that's returned by the nextActionUrl field so that they can complete the 3D Secure authentication.
  • Poll the checkout until the payment is complete and the ready field returns true.

For a detailed guide, refer to Authenticating payments with 3D Secure.

Stripe

You can use Shopify's integration with Stripe to tokenize credit cards on behalf of merchants that have enabled Shopify Payments as their payment gateway solution.

You can complete the checkout by sending credit card information to Stripe. Then you can use the returned token with the checkoutCompleteWithTokenizedPaymentV3 mutation.

Setup requirements

Shopify's integration with Stripe has the following requirements:

Requirement Description
The merchant must have Shopify Payments enabled. Each merchant that installs your app must have Shopify Payments enabled to use the Stripe integration.

You can enable Shopify Payments for your store from the payments settings.
You need a Stripe platform account with Connect integration. Visit Stripe to sign up for a Connect integration.
You need access to create tokens on behalf of Shopify's Custom accounts in Stripe. When your app creates a new checkout for a store with Shopify Payments enabled, Shopify creates a Stripe account for the merchant as part of the Connect integration, and returns the shopify_payments_account_id. You can then get a credit card token from Stripe to complete the payment.

To get access, provide Shopify with your Stripe platform account ID. You can query for this ID using the Stripe API.

Get the Stripe token

To get a Stripe token for payment, you need to send the credit card information to the Stripe create a card token endpoint. You can use the returned token to complete the payment.

Replace {secret_key} with the test or live key token used for your Stripe platform account.

View response

JSON response

The response includes the token in the id field:

Complete the checkout

To complete the checkout, send the payment information in the payment argument of the checkoutCompleteWithTokenizedPaymentV3 mutation. Send the Stripe token in the paymentData field.

POST /api/2021-07/graphql.json

GraphQL variables

View response

JSON response:

The response includes the payment ID of the completed checkout:

Spreedly

You can use Spreedly to send customer credit card information to Shopify's PCI compliant card vault. The process of exchanging credit card information for a Shopify payment vault ID is a multi-step process.

To obtain the vault ID, the following flow is observed:

  1. You get a token from the Spreedly payment_methods endpoint.
  2. You send the token and credit card information to the Spreedly deliver endpoint.
  3. You use the returned Shopify vault ID sent to you by Spreedly to complete the checkout with the checkoutCompleteWithCreditCardV2 mutation.

Setup requirements

Shopify's integration with Spreedly has the following requirements:

  1. You add the Shopify receiver to your Spreedly account.
  2. You add a credit card in Spreedly.
  3. You deliver the payment information to Shopify's card vault using Spreedly's deliver endpoint.

Add Shopify as a receiver in Spreedly

Spreedly lets you distribute vaulted credit card data to non-gateway third parties called receivers. You need to add Shopify as a receiver in your Spreedly account so Spreedly can send credit card information to Shopify's card vault.

To add Shopify as a receiver, send a POST request to the Spreedly receiver endpoint including the receiver object in the body of the request. The receiver object includes "shopify" as the receiver_type.

View response

JSON response

The response includes the receiver token required for the call to the Spreedly deliver endpoint:

Add a credit card in Spreedly

To get a vault ID, you first need to tokenize a credit card with Spreedly. This should be done using an iFrame payment form or Spreedly Express for less PCI scope.

To get the token, send a POST request to the Spreedly payment_methods endpoint, and include the credit card information in the body of the request.

View response

JSON response

The response includes the payment_method_token needed to complete the call to the Spreedly deliver endpoint:

Deliver the payment information

After you get a payment method token, you can get the Shopify card vault ID from the Spreedly deliver endpoint. Spreedly delivers the payment method to Shopify's receiver endpoint, and in response Shopify returns the vault ID.

To get the vault ID, send a POST request to the Spreedly deliver endpoint. You need to include Shopify's receiver token as a path parameter, and the payment method token in the body of the request. This tells Spreedly to deliver the credit card associated with the payment method token to the Shopify card vault. You also need to include properly formatted JSON syntax in the body object.

POST https://core.spreedly.com/v1/receivers/{receiver_token}/deliver.json

View response

JSON response

The body property of the response object includes the Shopify card vault ID ("west-5dc7e488afe4fea418036b0c44bf0039") that you need to complete the checkout:

Complete the payment

After you get the Shopify payment vault ID, you can complete the payment using the checkoutCompleteWithCreditCardV2 mutation.

To complete the checkout, send the payment information in the payment argument of the checkoutCompleteWithCreditCardV2 mutation. Send the vault ID as the vaultId.

POST /api/2021-07/graphql.json

GraphQL variables

View response

JSON response

The response includes the payment ID of the completed checkout:

Next steps

  • Learn how to manage customer accounts with the Storefront API.
  • Support multiple languages on a storefront with the Storefront API.
  • Retrieve metafields with the Storefront API to access additional information from different types of resources.
  • Learn about the different tools that you can use to create unique buying experiences anywhere your customers are, including websites, apps, and video games.