---
title: Checkout
description: >-
  The `authenticate.public.checkout` function ensures that checkout extension
  requests are coming from Shopify, and returns helpers to respond with the
  correct headers.
api_version: v1
api_name: shopify-app-remix
source_url:
  html: >-
    https://shopify.dev/docs/api/shopify-app-remix/v1/authenticate/public/checkout
  md: >-
    https://shopify.dev/docs/api/shopify-app-remix/v1/authenticate/public/checkout.md
---

# Checkout

The `authenticate.public.checkout` function ensures that checkout extension requests are coming from Shopify, and returns helpers to respond with the correct headers.

## authenticate.​public.​checkout(**[request](#authenticatepubliccheckout-propertydetail-request)**​,**[options](#authenticatepubliccheckout-propertydetail-options)**​)

Authenticates requests coming from Shopify checkout extensions.

### Parameters

* **request**

  **Request**

  **required**

* **options**

  **AuthenticateCheckoutOptions**

### Returns

* **Promise\<CheckoutContext>**

### AuthenticateCheckoutOptions

* corsHeaders

  ```ts
  string[]
  ```

### CheckoutContext

Authenticated Context for a checkout request

* sessionToken

  The decoded and validated session token for the request Refer to the OAuth docs for the \[session token payload]\(https://shopify.dev/docs/apps/auth/oauth/session-tokens#payload).

  ```ts
  JwtPayload
  ```

* cors

  A function that ensures the CORS headers are set correctly for the response.

  ```ts
  EnsureCORSFunction
  ```

Examples

### Examples

* #### Using the decoded session token

  ##### Description

  Get store-specific data using the \`sessionToken\` object.

  ##### app/routes/public/my-route.ts

  ```typescript
  import { LoaderArgs, json } from "@remix-run/node";
  import { authenticate } from "../shopify.server";
  import { getMyAppData } from "~/db/model.server";

  export const loader = async ({ request }: LoaderArgs) => {
    const { sessionToken } = await authenticate.public.checkout(
      request
    );
    return json(await getMyAppData({shop: sessionToken.dest}));
  };
  ```

* #### Setting CORS headers for a public request

  ##### Description

  Use the \`cors\` helper to ensure your app can respond to checkout extension requests.

  ##### app/routes/public/my-route.ts

  ```typescript
  import { LoaderArgs, json } from "@remix-run/node";
  import { authenticate } from "../shopify.server";
  import { getMyAppData } from "~/db/model.server";

  export const loader = async ({ request }: LoaderArgs) => {
    const { sessionToken, cors } = await authenticate.public.checkout(
      request,
      { corsHeaders: ["X-My-Custom-Header"] }
    );
    const data = await getMyAppData({shop: sessionToken.dest});
    return cors(json(data));
  };
  ```