Amwal Checkout Implementation

Complete implementation for both products and services

Documentation & Getting Started

Official Documentation

Implementation Notes

  • Ensure you have a valid merchant ID
  • Test in the sandbox environment before going live
  • Always implement proper error handling for failed transactions
  • Use the debug console in this example to track events and troubleshoot issues

Getting Started

  1. Sign up for an Amwal account at merchant.sa.amwal.tech
  2. Create a new merchant and get your merchant-id
  3. Install the Amwal Checkout button:
    4. <script type="module" src="https://cdn.jsdelivr.net/npm/amwal-checkout-button@latest/dist/checkout/checkout.esm.js"></script>
  4. Add the Amwal Checkout button to your page:
    5. <amwal-checkout-button
      merchant-id="your-merchant-id"
      amount="100"
      country-code="SA"
      locale="en">
    </amwal-checkout-button>
  5. Set up event listeners to handle checkout results
Product Image

Premium Wireless Headphones

5.0 (128 reviews)

Experience premium sound quality with these wireless headphones. Features noise cancellation, long battery life, and comfortable ear cushions.

Features:

  • Active noise cancellation
  • 40+ hours of battery life
  • Fast charging - 5min for 3hrs of playback
  • Bluetooth 5.2 connectivity
Price: SAR 399.00
Shipping: SAR 20.00
Tax: SAR 21.00
Total: SAR 440.00

Select Payment Method

Integration Security Overview

Ensuring secure and reliable transactions is central to Amwal Checkout. Below is a comprehensive overview of the security measures implemented throughout the integration lifecycle.

  • End-to-End Encryption: All communication between the client (browser/mobile) and Amwal servers is protected using TLS 1.2+ with enforced HTTPS. No sensitive data is transmitted over plain channels.
  • PCI DSS Compliance: Amwal’s checkout button is a hosted solution, meaning payment details never touch the merchant’s servers. This reduces your PCI scope and ensures compliance with industry standards.
  • Webhook Signing & Verification: Amwal uses HMAC-SHA256 to sign all webhook payloads. Merchants can verify authenticity using their secret key to ensure data integrity and source trust.
  • Pre-Checkout Triggers: Use the amwalPreCheckoutTrigger event to inject customer data, enforce business rules, or perform fraud checks before the payment sheet is shown. This helps stop attacks early in the flow.
  • Real-Time Address Validation: During checkout, Amwal provides dynamic address updates, and the merchant can return allowed shipping options. This reduces spoofed address attempts and ensures validated logistics.
  • Secure Sandbox Environment: Developers can test integrations in a fully isolated sandbox mode that mirrors production behavior—safe for experimentation, QA, and load testing.
  • JavaScript Module Isolation: The Amwal checkout is loaded via ES Modules and sandboxed into an iframe where applicable. This prevents DOM-level tampering and protects your site against script injection attacks.
  • Debug Console for Auditing: The built-in debug console captures all transaction events, API calls, and error messages for developers to review and export. This helps in security audits and monitoring integration integrity.
  • Token-Based Authentication: Backend endpoints communicating with Amwal must use API keys or OAuth tokens (if applicable). These should be securely stored and rotated periodically.

For full details, integration tips, and compliance support, visit the Amwal Security Documentation.

Debug Console
Debug