Paddle Billing

Hosted checkout tester

Create a Paddle Billing transaction and redirect to the hosted Paddle checkout page. This page is now focused on hosted checkout only.

API base https://sandbox-api.paddle.com

Mode SANDBOX

Creates a POST /transactions transaction against the Paddle Billing API and redirects the browser to the returned checkout.url.

The customer completes payment on Paddle's hosted checkout page rather than an embedded iframe on your site.

After payment, wait for the transaction.completed webhook before provisioning access.

Paddle Billing · Webhooks

Webhook receiver & log

Point your Paddle notification destination to the URL below. Incoming events are logged locally and shown here. Set the endpoint secret key in PADDLE_WEBHOOK_SECRET to enable Paddle-Signature verification.

Your webhook URL https://test.baviella.com/?action=webhook

No events yet — click Refresh or wait for auto-poll.

Events log to paddle_webhook_log.jsonl next to this file.

Verification uses the Paddle-Signature header, extracting ts and h1, then hashing ts:raw_body using HMAC-SHA256.

Webhook verification uses the raw request body and a configurable timestamp tolerance. Set PADDLE_WEBHOOK_TOLERANCE_SECONDS if you need to tune it for your environment.

Deployment notes

Before you test

Do not hardcode API keys, client-side tokens, or webhook secrets in the app file.

Create separate sandbox and live credentials. Sandbox API requests go to https://sandbox-api.paddle.com; live requests go to https://api.paddle.com.

Hosted checkout itself does not need Paddle.js on this page, but your API key, webhook secret, and default payment link still need to be configured correctly.

Set your default payment link in Paddle dashboard so hosted checkout URLs resolve correctly.

Webhook endpoints should be public HTTPS URLs in production.