Checkout & Payments

how ai assisted purchases flow through forter agentic orchestration to your backend when a customer purchases through an ai shopping agent (like chatgpt or google gemini), forter handles the entire checkout process—from cart creation to payment processing—and delivers completed orders directly to your existing fulfillment system how it works checkout lifecycle customer initiates purchase — a customer tells an ai agent they want to buy a product from your catalog forter validates the order — we verify product availability, calculate shipping options, and compute taxes payment is processed — the ai platform collects payment details securely; forter processes the transaction through your configured payment provider order is delivered to you — the completed order is sent to your backend via platform integration or webhook from your perspective, agentic orders appear alongside your regular orders—same fulfillment process, same customer service workflow what you need to configure payment & fraud configuration forter implements the full agentic commerce protocol (acp) so you don't need to however, you choose who handles payment processing and fraud validation option a merchant side payment handling (default recommended) what happens forter creates orders in your system with payment references you process payments through your existing payment provider you handle fraud checks through your existing rules what you configure in forter portal integration credentials (shopify admin api token, sfcc ocapi credentials, or custom webhook url) tax nexus regions for sales tax calculation payment settings is validate=true , is authorize=false , is capture=false (default) best for most merchants who want to maintain control over payment processing and use existing payment infrastructure option b forter side payment handling (optional) what happens forter validates orders for fraud before creating them in your system forter authorizes/captures payments via forter payment orchestration orders are created in your system with completed payment status what you configure in forter portal validation api key — forter fraud detection credentials (contact your forter representative) payment api key — forter payment orchestration credentials (contact your forter representative) payment settings is validate=true , is authorize=true , is capture=true (or false for manual capture) supported payment providers stripe, adyen, braintree, or custom psp best for merchants who want forter to handle end to end fraud detection and payment processing what forter always handles (regardless of option) implementation of the full openai agentic commerce protocol pci compliance and secure card tokenization (on separate pci domain) order state management and session handling order delivery to your backend (via platform api or webhook) tax nexus specify the us states where you have tax nexus forter calculates sales tax only for states where you're registered state and county rate lookups category specific rules (clothing exemptions, food rates) tax holiday detection (back to school, etc ) order delivery completed orders are delivered to your backend based on your integration method shopify integration forter creates orders as draft orders in shopify via the admin api orders appear in shopify admin > orders can be auto completed or manually reviewed before finalization uses the same shopify admin api access token configured for catalog sync sfcc integration forter creates orders directly in sfcc via ocapi basket/order apis orders appear in merchant tools > ordering > orders uses the same ocapi client id/secret configured for catalog sync custom integration webhook for custom backends, forter sends order payloads to your webhook url via https post webhook authentication forter signs all webhook requests with hmac sha256 using your webhook secret key signature is sent in the {your store name} signature header always verify the signature to ensure the webhook is from forter webhook payload { "event" "order created", "order" { "id" "order abc123", "number" "1001", "customer" { "email" "customer\@example com", "first name" "john", "last name" "doe" }, "line items" \[ { "sku" "prod 001", "quantity" 2, "price" "29 99" } ], "shipping address" { "name" "john doe", "line one" "123 main st", "city" "san francisco", "state" "ca", "country" "us", "postal code" "94102" }, "payment reference" "forter txn xyz789", "total" "65 98", "currency" "usd" } } expected response your webhook endpoint should respond with http 200 and { "success" true, "order id" "your internal order id", "order number" "your order number", "permalink url" "https //yourstore com/orders/12345" } portal configuration configure these settings in the forter portal to enable checkout and payment processing 1\ basic store information field description required store title your store name (shown in ai platforms) yes store url your store homepage yes logo url url to your store logo optional currency primary currency (e g , usd, eur, gbp) yes 2\ store policies field description required terms of service url link to your terms yes privacy policy url link to your privacy policy yes return policy url link to your return policy yes return window (days) number of days for returns optional 3\ integration credentials choose based on your integration method shopify integration field description required shop domain your myshopify com domain yes admin api access token from shopify custom app yes sfcc integration field description required sfcc instance url your sfcc instance yes site id your site identifier yes ocapi client id from ocapi settings yes ocapi client secret from ocapi settings yes custom integration field description example required checkout webhook url your endpoint to receive orders "https //store com/webhooks" yes webhook secret secret for hmac sha256 signatures auto generated yes order status url template for order tracking "https //store com/orders/{order id}" optional 4\ payment & fraud settings default (merchant side handling) field description default enable forter validation forter fraud validation false enable forter authorization forter payment authorization false enable forter capture forter payment capture false optional (forter side handling) field description required validation api key forter fraud validation credentials yes (if enabled) payment api key forter payment orchestration credentials yes (if enabled) enable forter validation forter fraud validation set to true enable forter authorization forter payment authorization set to true enable forter capture forter payment capture true or false 5\ tax configuration field description example required tax nexus regions us states where you collect sales tax \["ca", "ny", "tx"] yes (us merchants) note for shopify merchants, shopify's tax engine handles all tax calculations based on your shopify tax settings forter uses shopify's calculated taxes automatically fraud protection fraud protection depends on your payment handling configuration merchant side fraud validation (default) when you handle payments on your side (default configuration) you run fraud checks through your existing fraud prevention tools forter creates orders in your system with payment references you validate and process payments according to your existing rules forter side fraud validation (optional) when you enable forter side payment handling every transaction is protected by forter identity intelligence risk assessment — each order is evaluated for fraud risk before payment is processed behavioral analysis — forter analyzes patterns across billions of transactions to identify suspicious activity configurable actions — set rules for automatic approval, decline, or manual review based on risk scores agentic purchases have different risk patterns than traditional e commerce—forter's models are trained to distinguish legitimate ai assisted purchases from fraud order management viewing agentic orders agentic orders flow into your existing systems based on your integration shopify integration — orders appear in shopify admin > orders (as draft orders) sfcc integration — orders appear in merchant tools > ordering > orders custom integration — orders delivered to your webhook endpoint as json payloads orders include metadata indicating they originated from an ai shopping agent returns and refunds handle returns through your normal process the order payload includes all necessary customer and shipping information for standard return workflows reporting the forter dashboard provides visibility into agentic commerce transaction volume — checkout sessions and completed orders conversion rates — from session creation to order completion error rates — failed checkouts and payment declines api endpoints the checkout flow is implemented via the https //developers openai com/commerce/specs/checkout step endpoint purpose 1 create session post /checkout sessions initialize checkout with cart items 2 select fulfillment post /checkout sessions/{id} add shipping address, select shipping option; tax is calculated 3 tokenize payment post /agentic commerce/delegate payment securely tokenize payment credentials (pci domain) 4 complete order post /checkout sessions/{id}/complete finalize order with payment token, process payment, proxy to backend 5 check status get /checkout sessions/{id} retrieve order status 6 cancel session post /checkout sessions/{id}/cancel cancel an in progress session for complete endpoint documentation, see the api reference in the public documentation pci compliance forter handles all payment card data in a pci dss level 1 compliant environment payment tokenization occurs on a separate pci compliant domain ( {site id} agentic pci checkouttools com ) your servers never receive or store raw card numbers—you remain outside of pci scope related documentation docid\ klgdjw6jtcsnnvm39wekk — step by step integration setup docid 6rphy3nxucxydo2hqs4uz — connect your product data — common questions