What You Can Do
With one-time payments, you can:- Generate Secure Payment Links: Create unique, time-limited checkout URLs for each transaction
- Accept Card Payments: Process credit and debit card payments through Compago’s PCI-compliant infrastructure
- Customize the Experience: Control where customers are redirected after payment completion
- Track Payments: Use your own external IDs to link Compago payments with your internal systems
- Offer Installment Plans: Support monthly installment payments (Meses Sin Intereses) when available
- Set Custom Expiration Times: Configure payment link expiration from 10 minutes to 48 hours based on your needs
Use Cases
One-time payments are perfect for:- Invoicing: Send payment links to customers via email or messaging
- Custom Integrations: Trigger payments from CRM, ERP, or internal tools
- eCommerce: Accept payments for online stores and marketplaces
- Service Businesses: Request deposits or full payments for appointments or bookings
- Point of Sale: Create payment links for in-person transactions (when integrated with terminal apps)
How It Works
- Create: Your backend calls the Compago API to create a payment link, providing the amount, customer details, and redirect URLs
- Receive: Compago returns a secure checkout URL where your customer will complete the payment
- Redirect: Send your customer to the checkout URL where they enter their payment details
- Process: Compago processes the payment securely through its payment infrastructure
- Callback: After successful payment, Compago redirects the customer back to your
redirectUrlwith query parametersidandexternalIdappended - Verify: On your callback page, extract the payment
idfrom the URL and fetch the final payment status using the GET endpoint - Fulfill: Update your internal systems (mark order as paid, send confirmation email, etc.)
Prerequisites
Before creating one-time payments, ensure you have:- An active Compago account with API access
- A valid API key (generate one at Configuraciones → Desarrollador in your Compago Dashboard)
- Your integration configured to use MXN currency
One-time payments currently support MXN (Mexican Peso) only. Transactions in other currencies will be rejected.
Creating a One-Time Payment
Endpoint
POST /one-time-payment
Authentication
Include your API key in the request headers:Request Body
Field Descriptions
| Field | Type | Required | Description |
|---|---|---|---|
amount | number | Yes | Payment amount in MXN. Must meet the minimum amount configured for your account. |
currency | string | Yes | Currency code. Must be "MXN". |
description | string | Yes | Description of the payment shown to the customer during checkout. |
externalId | string | Yes | Your unique identifier for this payment. Must be unique per organization. |
redirectUrl | string | Yes | URL where customers are redirected after payment. Compago appends id (payment ID) and externalId (your identifier) as query parameters. See Handling the Payment Callback. |
homepageUrl | string | Yes | Your homepage URL, used if the customer cancels or wants to return to your site. |
ttlMinutes | number | No | Optional time-to-live in minutes for the payment link. Minimum 10 minutes, maximum 2,880 minutes (48 hours). Defaults to 48 hours if not specified. See Custom Expiration Times. |
billingInformation | object | Yes | Customer billing details (see below). |
Billing Information
| Field | Type | Required | Description |
|---|---|---|---|
email | string | Yes | Customer’s email address. |
firstName | string | Yes | Customer’s first name. |
lastName | string | Yes | Customer’s last name. |
phoneNumber | string | Yes | Customer’s phone number (include country code, e.g., +521…). |
address | object | Yes | Customer’s billing address (see below). |
Address
| Field | Type | Required | Description |
|---|---|---|---|
addressLine | string | Yes | Street address including number and street name. |
city | string | Yes | City name. |
state | string | Yes | Mexican state code (e.g., "CDMX", "JAL", "NLE"). See supported states. |
zip | string | Yes | Postal code. |
Response
redirectUrl to redirect your customer to Compago’s secure checkout page.
Example with cURL
Handling the Payment Callback
When a customer successfully completes a payment, Compago redirects them back to yourredirectUrl with two query parameters automatically appended:
id: The Compago one-time payment IDexternalId: The external ID you provided when creating the payment
How the Redirect Works
If you created a payment with:aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee, then after the customer completes payment, they’ll be redirected to:
Implementation Example
Here’s how to handle the callback in your application:Best Practices for Callback Handling
Always Verify Payment Status
Always Verify Payment Status
Never trust the redirect alone. Always fetch the payment details from Compago’s API to confirm the status. The redirect happens client-side and could be manipulated.
Handle Missing Query Parameters
Handle Missing Query Parameters
Implement validation to handle cases where query parameters might be missing (user navigating directly to the URL, etc.).
Implement Idempotency
Implement Idempotency
The callback URL might be accessed multiple times (user refreshing page, browser back button). Ensure your fulfillment logic is idempotent.
Use HTTPS for Callback URLs
Use HTTPS for Callback URLs
Always use HTTPS URLs for your
redirectUrl to ensure query parameters are transmitted securely.Preserve Existing Query Parameters
Preserve Existing Query Parameters
If your
redirectUrl already contains query parameters, Compago will append id and externalId to them. Design your callback handler to work with multiple parameters.Security Considerations
Your callback implementation should:- Validate query parameters exist before processing
- Fetch payment status from Compago API - Don’t trust the redirect alone
- Verify the
externalIdmatches your records - Ensure it corresponds to a real order in your system - Check payment status is CONFIRMED before fulfilling the order
- Log all callback attempts for debugging and security monitoring
- Use rate limiting on your callback endpoint to prevent abuse
Testing Your Callback Handler
To test your callback implementation:- Create a one-time payment using your test API key
- Complete the payment in the Compago checkout page
- Verify your callback page receives the
idandexternalIdparameters - Confirm your system correctly fetches and processes the payment status
- Test the failure case by creating a payment and letting it expire
Important Business Rules
Payment Expiration
You can customize the expiration time using thettlMinutes parameter (see Custom Expiration Times below). If your OTP expired and you need to create a new payment for the same transaction, generate a new OTP using a different externalId.
Custom Expiration Times
You can set a custom expiration time for payment links using the optionalttlMinutes parameter. This allows you to create payment links that expire sooner or later based on your business needs.
Configuration:
- Minimum: 10 minutes
- Maximum: 2,880 minutes (48 hours)
- Default: 2,880 minutes (48 hours) if not specified
Flash Sales (Short TTL)
Flash Sales (Short TTL)
For time-sensitive promotions or limited inventory:Use short expiration times (10-60 minutes) to create urgency and ensure inventory isn’t held indefinitely.
Standard Invoices (Default TTL)
Standard Invoices (Default TTL)
For typical invoice payments:The default 48-hour window gives customers plenty of time to complete payment at their convenience.
Event Tickets (Custom TTL)
Event Tickets (Custom TTL)
For event registrations with registration deadlines:Match the TTL to your event registration deadline to automatically close registration.
Quote Acceptance (Extended TTL)
Quote Acceptance (Extended TTL)
For quotes that customers need time to review:Give customers the maximum time to review and approve quotes before they expire.
- Balance security and convenience when setting expiration times
- Shorter TTLs (10-60 min) work well for in-person transactions or time-sensitive offers
- Longer TTLs (12-48 hours) are better for invoices and asynchronous payment flows
- Consider your customer’s payment behavior and typical checkout time
- Communicate the expiration time to customers (e.g., “Complete payment within 30 minutes”)
Minimum Amount
Each Compago account has a configured minimum payment amount. Requests with amounts below this threshold will be rejected with a 400 error. If you receive this error, ensure your payment amount meets your account’s minimum requirement.External ID Uniqueness
TheexternalId must be unique within your organization. Attempting to create a payment with a duplicate externalId will result in a 400 error:
externalId.
Currency Restriction
Currently, only MXN (Mexican Peso) is supported. Requests with other currencies will be rejected.Payment Status
One-time payments have three statuses:- PENDING: Payment link is active and waiting for customer to complete payment
- CONFIRMED: Customer has successfully completed the payment
- CANCELLED: Payment link has been cancelled and can no longer be used
CONFIRMED or CANCELLED, the one-time payment link can no longer be used. See the Cancel One-Time Payment guide to learn how to cancel pending payments.
Retrieving Payment Details
You can retrieve the status and details of a one-time payment using the GET endpoint. Common use case: After receiving a payment callback at yourredirectUrl, use the id query parameter to fetch the payment status and verify completion before fulfilling the order. See Handling the Payment Callback for complete implementation examples.
Endpoint
GET /one-time-payment/{id}
Response for Active Payments
If the payment is stillPENDING and has not expired, you’ll receive full payment details:
Response for Completed or Expired Payments
If the payment is no longerPENDING or has expired, the response will contain limited information:
Supported Mexican States
Use the following state codes in theaddress.state field:
| Code | State |
|---|---|
AGU | Aguascalientes |
BCN | Baja California |
BCS | Baja California Sur |
CAM | Campeche |
CHP | Chiapas |
CHH | Chihuahua |
CDMX | Ciudad de México |
COA | Coahuila |
COL | Colima |
DUR | Durango |
MEX | Estado de México |
GUA | Guanajuato |
GRO | Guerrero |
HID | Hidalgo |
JAL | Jalisco |
MIC | Michoacán |
MOR | Morelos |
NAY | Nayarit |
NLE | Nuevo León |
OAX | Oaxaca |
PUE | Puebla |
QUE | Querétaro |
ROO | Quintana Roo |
SLP | San Luis Potosí |
SIN | Sinaloa |
SON | Sonora |
TAB | Tabasco |
TAM | Tamaulipas |
TLA | Tlaxcala |
VER | Veracruz |
YUC | Yucatán |
ZAC | Zacatecas |
Error Handling
Common Errors
| Status Code | Error | Solution |
|---|---|---|
| 400 | Amount below minimum | Ensure amount meets your account’s minimum payment threshold |
| 400 | Duplicate externalId | Use a unique externalId for each payment |
| 400 | Currency not supported | Use "MXN" as the currency |
| 401 | Unauthorized | Check your API key is valid and included in headers |
| 400 | Missing organization context | Verify your organization settings are configured correctly |
Example Error Response
Best Practices
- Generate Unique External IDs: Use a combination of order ID and timestamp to ensure uniqueness
- Handle Expiration: Implement logic to create new payment links if the 48-hour window expires
- Validate Amounts: Ensure amounts meet your account’s minimum payment threshold before calling the API
- Store Payment IDs: Save the returned one-time payment ID to track and verify payments later
- Implement Webhooks: Use webhooks (if available) to receive real-time payment status updates
- Test Thoroughly: Use the demo environment to test your integration before going live
- Implement Robust Callback Handling: Always verify payment status in your
redirectUrlcallback by fetching the payment using theidquery parameter. Never assume payment success based on the redirect alone. See Handling the Payment Callback.
Support
If you encounter issues with one-time payments:- Verify your API key is valid in Configuraciones → Desarrollador at app.compago.com
- Ensure all required fields are included in your request
- Check that amounts meet the minimum threshold
- Verify your organization settings are configured correctly
- Contact Compago support at [email protected] for assistance