Stash Documentation
Integration GuidesAPI ReferenceWork with Us

Confirm payment completion

Step 2A: Confirms and completes a pending purchase that was previously registered. IMPORTANT: Expects HTTP error status (3xx, 4xx, 5xx) codes for failed purchases.

POST
/api/v1/purchase/confirm

Authorization

stash-hmac-signature<token>

HMAC signature generated by signing the request body with the Egress API key from Stash Studio. Used for secure server-to-server communication between game backends and Stash services.

In: header

Request Body

Request to confirm and complete a pending purchase that was previously registered.

playerIdstring

The user confirming the purchase

transactionIdstring

Transaction identifier to confirm

checkoutLinkId?string

Optional checkout link identifier if purchase was made through a checkout link

currencystring

Currency code (ISO-4217 code, e.g., 'USD', 'EUR')

taxinteger

Tax amount in smallest currency unit (e.g. 99 for $0.99, can be 0)

Formatint64
totalinteger

Total purchase amount in smallest currency unit including tax (e.g. 1098 for $10.98)

Formatint64
timeMillisstring

Timestamp when the purchase was completed (milliseconds since Unix epoch)

Formatint64
itemsarray<Purchased Item>

List of items in this purchase

platform?- PURCHASE_PLATFORM_UNSPECIFIED: Default unknown platform

Platform making the purchase

Default"PURCHASE_PLATFORM_UNSPECIFIED"
Value in"PURCHASE_PLATFORM_UNSPECIFIED" | "PURCHASE_PLATFORM_IOS" | "PURCHASE_PLATFORM_ANDROID" | "PURCHASE_PLATFORM_WEBSTORE"
browser?string

Browser information for web purchases (e.g., 'Chrome/91.0', 'Firefox/89.0', 'Safari/14.1', 'any')

deviceId?string

Device identifier for tracking and fraud prevention (can be generated client-side)

source?- PURCHASE_SOURCE_UNSPECIFIED: Default unknown source - PURCHASE_SOURCE_CART: Purchase initiated from cart in webstore - PURCHASE_SOURCE_DIRECT: Purchase initiated from direct StashPay checkout link

Source of the purchase for analytics

Default"PURCHASE_SOURCE_UNSPECIFIED"
Value in"PURCHASE_SOURCE_UNSPECIFIED" | "PURCHASE_SOURCE_CART" | "PURCHASE_SOURCE_DIRECT"
ipAddress?string

Customer IP address for fraud prevention and compliance

region?string

Region/country code using ISO-3166-1 alpha-2 code (e.g., 'US', 'CA', 'GB')

emailMarketingOptIn?boolean

Optional flag indicating if customer opted in to email marketing

extraInGameCurrency?integer

Optional extra in-game currency bonus

Formatint64
extraLoyaltyPoints?integer

Optional extra loyalty points bonus

Formatint64
extraLoyaltyCredits?integer

Optional extra loyalty credits bonus

Formatint64

Response Body

curl -X POST "https://loading/api/v1/purchase/confirm" \  -H "Content-Type: application/json" \  -d '{    "playerId": "string",    "transactionId": "string",    "currency": "string",    "tax": 0,    "total": 0,    "timeMillis": "string",    "items": [      {        "guid": "string",        "productId": "string",        "quantity": 0,        "cents": 0      }    ]  }'
{
  "results": [
    {
      "guid": "string",
      "productId": "string"
    }
  ]
}
{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string",
      "property1": null,
      "property2": null
    }
  ]
}

How is this guide?