SAP Open Payment Framework

Last updated: December 24, 2025

SAP Open Payment Framework is a service included in your SAP Commerce Cloud version 2 (CCV2) subscription. It enables you to integrate your preferred digital payment service providers (PSPs), without having to code, integrate, and deploy extensions to the commerce codebase.

Integration using Flow supports all available card schemes.
Post-purchase operations include void, capture, and refund.
You receive webhooks for asynchronous confirmations.

Before you configure Checkout.com on your Open Payment Framework workbench, you must create a public and private key.

Sign in to the sandbox environment in the Dashboard.
Select the Developers icon in the top navigation bar and open the Keys tab.
Select Create a new key.
Under Type of key, select Public API key.
Enter a description for the API key to help you identify what it's used for.
Select Create key.
Copy your public API key. You need to use it to configure the plugin.

Information

You can view your public API key in the Dashboard at any time.

Sign in to the sandbox environment in the Dashboard.
Select the Developers icon in the top navigation bar and open the Keys tab.
Select Create a new key.
Under Type of key, select Secret API key.
Enter a description for the API key to help you identify what it's used for.
Under Scopes, select Default.
Select the processing channel you want to use to process Open Payment Framework payments from the list.
Select Create key.
Copy your private API key securely. You need to use it to configure the plugin.

Note

For security reasons, you cannot view the private API key again after you've left the Create a new key page. Ensure you copy the value securely before you exit or close the window.

The signature key and authorization header key are generated when you create a webhook for your business.

You must provision the SAP identity authentication service (IAS) tenant.
Use CCV2 subscription version 2211.35 or higher.
Use Composable Storefront version 2211.35 or higher.

You cannot provision the SAP Open Payment Framework only in the Stage environment for testing. You must also provision at least one Dev environment.

To configure your Checkout.com integration with SAP Open Payment Framework, follow these steps:

Create a Checkout.com payment integration using your Open Payment Framework workbench.
Configure webhooks.
Create a Postman environment to connect to your workbench.
Add the required domains to the allowlist in your workbench.

Follow the instructions at SAP – Creating Payment Integration to create a checkout.com payment integration in the Open Payment Framework workbench.

After creating the payment integration, under General information, copy the value in the Notification URL field. You need to use this to configure your webhooks.

Checkout.com communicates status updates for your payments through webhooks. To configure your SAP endpoint to receive webhooks:

Sign in to the Dashboard.
Select the Developers icon in the top navigation bar and open the Webhooks tab.
Select Create configuration.
Enter a name for your webhook.
In the Endpoint URL field, enter the Notification URL from your Open Payment Framework workbench.
Under Events, select all the event checkboxes.
Under Entities and processing channels, select All entities and processing channels.
Select Create webhook.

Create a new Postman environment to connect to your Open Payment Framework workbench:

Follow the instructions at Postman – Crete an environment to create a new environment.
Create the following variables, and set them to the specified values:

Variable	Value
`token`	Follow the instructions at SAP – Creating an external app and Making authorized API calls to generate a JSON Web Token (JWT). Use the `access_token` value of your SAP external app. Pass this value in the `Authorization` header as `Bearer <token>`.
`root URL`	The BASE URL of your Open Payment Framework tenant. For example, if your workbench cockpit URL is: `https://opf-iss-d0.uis.commerce.stage.context.cloud.sap/opf-workbench` Then the root URL is: `https://opf-iss-d0.uis.commerce.stage.context.cloud.sap`.
`accountGroupId` and `accountId`	These values identify the payment integration and payment configuration. You can find them as `integrationId` and `configurationId` in the top-left section of the Configuration Details page in your Open Payment Framework workbench. Map these values as follows: `integrationId` – `accountGroupId` `configurationId` – `accountId`
`authentication_outbound_api_key_value_export_172`	The secret API key you created in the Checkout.com Dashboard. For sandbox, this value starts with `sk_sbox...`. For production, this value starts with `sk_...`.
`API key`	The public API key you created in the Checkout.com Dashboard. For sandbox, this value starts with `pk_sbox...`. For production, this value starts with `pk_...`.
`processing_channel_id`	The ID of the processing channel you selected when creating your API keys.
`authentication_inbound_hmac_signature_calculation_secret_export_177`	The webhook signature key generated when you created the webhook in the Checkout.com Dashboard.

Follow the instructions at SAP – Adding Tenant-specific Domain to Allowlist to add the following domains:

api.sandbox.checkout.com for sandbox
api.checkout.com for production

SAP Open Payment Framework

Supported features

Before you begin

Create a public API key

Information

Create a secret API key

Note

Required SAP Commerce Cloud configuration

Configure the integration

Create a payment integration

Configure webhooks

Configure a Postman environment

Configure domain allowlist