Embeddable Checkout lets you sell from any external website — a landing page, a partner’s site, a blog, even a mobile app. You generate a key, drop a small snippet of code on the other site, and a secure StoreEngine checkout opens right there. Money is processed by your store as usual.

Plan: Free · Add-on: Embeddable Checkout · Where: StoreEngine → Add-ons → Embeddable Checkout · Requires: Instant Checkout add activated

What you can do

• Add a “Buy Now” checkout to websites you don’t run on WordPress.
• Control exactly which domains are allowed to use each key.
• Optionally limit a key to specific products.
• Rate-limit usage to prevent abuse.
• Generate, revoke, and manage multiple keys (e.g. one per campaign or partner).

Before you begin

Turn on the Instant Checkout add-on first — Embeddable Checkout builds on it. If it’s off, you’ll see a reminder notice.

Turn on Embeddable Checkout

1.         Go to StoreEngine → Add-ons.

2.         Toggle on Embeddable Checkout.

A built-in key for your own site is created automatically so same-site embedding just works.

Step 1 — Create an embed key

Go to StoreEngine → Settings → Cart & Checkout → Embeddable Checkout, then scroll down to the Embed keys section.

1. Enter a Label — a name for your reference (e.g. “Partner Blog”, “Spring Campaign”).
2. Enter the Allowed origins — the exact website address(es) permitted to use this key, comma-separated.
   • Include the full scheme: https://example.com
   • List www and non-www separately if both are used: https://example.com, https://www.example.com
   • Wildcards like *.example.com are not supported — add each variant explicitly.
3. Click Generate key.
4. Copy the key immediately — it is only shown once and cannot be retrieved later.

You can create multiple keys — one per partner or campaign — so you can revoke any single key without affecting the others. A built-in System key for your own site is created automatically and cannot be deleted or revoked.

Step 2 — Add the snippet to the other website

On the external site, add the StoreEngine embed script and a button:

<script src="https://YOUR-STORE.com/se-embed/v1/sdk.js"></script>

<button id="buy-btn">Buy Now</button>

<script>
  document.getElementById('buy-btn').addEventListener('click', function () {
    StoreEngineEmbedCheckout.checkout({
  key: 'pk_live_xxxxxxxxxxxx',   // your embed key
  product_id: 123
});
  });
</script>

Replace YOUR-STORE.com with your store’s domain, pk_live_… with the key you copied, and 123 with the product to sell.

What visitors experience

• The visitor clicks Buy Now on the external site.
• A secure StoreEngine checkout opens in an overlay on that page.
• They pay without leaving the site.
• Your store records the order exactly like any other sale.

How it stays secure

• The embed key is meant to be public (it lives in the page’s code). Security comes from the allowed-origins list — only the websites you approve can use a key.
• Each key can be limited to specific products so a partner can only sell what you intend.
• Built-in rate limiting (default 60 checkouts per key per minute) guards against abuse; you can adjust the threshold in settings.
• Native apps are supported too (e.g. capacitor://localhost, app://… origins).

Settings

Tips & best practices

• Create a separate key per partner or campaign so you can revoke one without affecting the others.
• List every domain variant a site uses (http vs https, www vs non-www) — wildcards like *.example.com aren’t supported, so add each explicitly.
• Use Specific products scope for partner keys so they can’t sell your whole catalog.
• Copy the full key the moment you create it; for security it isn’t shown again.

Troubleshooting