This guide walks through the complete Paystack payment flow in sequence, from initialising a transaction to verifying payment, so developers can understand how each step connects.
The payment flow begins when your server creates a transaction.
This step tells Paystack:
To do this, send a POST request from your backend:
curl -X POST https://api.paystack.co/transaction/initialize
-H "Authorization: Bearer YOUR_SECRET_KEY"
-H "Content-Type: application/json"
-d '{ "email": "testuser@email.com",
"amount": 500000
}'The request includes the customer's email and the amount to be charged.
When this request is sent, Paystack responds with:
{
"status": true,
"message": "Authorization URL created",
"data": {
"authorization_url": "https://checkout.paystack.com/...",
"access_code": "...",
"reference": "..."
}
}authorization_url → where the customer completes payment.reference → used to verify the transaction later.access_code → used internally by Paystack to load and manage the checkout flow.The authorization_url is the most important part of this response, as the customer uses it to complete the payment.
The customer is redirected to the authorization_url.
This is where the payment happens.
Paystack handles the payment interface and security, so you don't need to build this yourself.
Here, the customer enters their card details on Paystack's secure page.
Paystack processes the payment and may redirect the customer back to your frontend, depending on how your integration is configured.
After payment, your server must verify the transaction.
You should never rely on the frontend for confirmation, as this can be manipulated.
Send a request using the transaction reference:
curl https://api.paystack.co/transaction/verify/:referenceUse the reference returned during initialisation from step 1 to confirm that the payment was successful before granting access or delivering value.