Whop Checkout via MCP
Use this page when an MCP client is helping with Whop checkout work: finding the right product and plan, drafting checkout configuration arguments, preparing an embed, and deciding what needs human approval.
This page does not replace Whop's checkout docs. It adds the MCP operating layer: which facts the agent should gather, which IDs matter, what belongs in a review artifact, and which write actions should stop for approval.
checkout_configuration:create
plan:create
access_pass:create
access_pass:update
checkout_configuration:basic:read
Safe checkout workflow
Checkout has two layers: implementation code and live Whop account state. MCP is useful because it can compare both, but it should not jump straight to creation.
- Ask Docs MCP for the checkout implementation path and current component props.
- Inspect app code for
plan_IDs,sessionId, return URLs, embed props, and environment variables. - Use API MCP read-only tools to list products, plans, checkout configurations, setup intents, and payment methods.
- Compare live resources to the codebase and identify mismatches.
- Draft a checkout configuration, embed change, or debugging plan.
- Approve only after seeing exact arguments and customer-facing effects.
Checkout primitives
| Primitive | What it answers | What MCP should verify |
|---|---|---|
| Product | What is being sold? | Name, product ID, visibility, status, attached plans. |
| Plan | What price and billing behavior does checkout use? | plan_ ID, amount, currency, billing interval, active state. |
| Checkout configuration | What reusable checkout setup should customers visit? | ch_ ID, plan, mode, metadata, redirect URL, affiliate code, purchase URL shaped like /checkout/plan_xxxx?session=ch_xxxxxxxxxxxxxxx. |
| Checkout session | Which session-specific checkout should this flow use? | Session ID, metadata, setup behavior, return URL, attribution. |
| Embedded checkout | How does checkout appear inside your own app or site? | planId or sessionId, return URL, environment, callbacks, prefill, affiliate attribution. |
Inspect checkout without modifying data
Most checkout bugs can be diagnosed before creating or updating anything. Start with a read-only inventory that connects product names to plan IDs and customer-facing URLs.
Use read-only Whop MCP calls to inspect checkout resources for this company.
Return a table with product name, product ID, plan name, plan ID, status, price, checkout configuration ID, purchase URL, metadata keys, affiliate code, and environment.
Do not create, update, archive, delete, refund, retry, or message anything.Use the result to catch stale plan_ IDs, inactive plans, checkout links pointing to the wrong product, missing metadata, sandbox/production mismatches, or affiliate attribution that never reaches checkout.
Create a checkout configuration draft
A checkout configuration can be valuable, but it is a write action. Make the agent draft the JSON first, then approve the tool call only after reviewing the customer-facing effect.
Draft the arguments for a Whop checkout configuration.
Use:
- company ID: biz_xxxxxxxxxxx
- plan ID: plan_xxxxxxxxxxx
- mode: payment
- redirect URL: https://example.com/checkout/complete
- metadata: order_id=order_12345, source=whopmcp
- affiliate_code: partnername
Do not call a write-capable tool yet. Show the exact JSON you would pass.{
"company": "biz_xxxxxxxxxxx",
"plan": "plan_xxxxxxxxxxx",
"mode": "payment",
"redirect_url": "https://example.com/checkout/complete",
"metadata": {
"order_id": "order_12345",
"source": "whopmcp"
},
"affiliate_code": "partnername"
}A successful create call returns a checkout configuration ID and a customer-facing purchase URL. Whop documents checkout configuration IDs with a ch_ prefix and purchase URLs in the shape /checkout/plan_xxxx?session={id}.
{
"id": "ch_xxxxxxxxxxxxxxx",
"company_id": "biz_xxxxxxxxxxx",
"mode": "payment",
"metadata": {
"order_id": "order_12345",
"source": "whopmcp"
},
"redirect_url": "https://example.com/checkout/complete",
"purchase_url": "https://whop.com/checkout/plan_xxxxxxxxxxx?session=ch_xxxxxxxxxxxxxxx"
}Embedded checkout
Whop documents a React checkout embed package and a WhopCheckoutEmbed component. MCP can help find the right plan or session, but the generated embed should still go through code review.
Simple plan-based embed
import { WhopCheckoutEmbed } from "@whop/checkout/react";
export function CheckoutPage() {
return (
<WhopCheckoutEmbed
planId="plan_xxxxxxxxxxx"
returnUrl="https://example.com/checkout/complete"
affiliateCode="partnername"
/>
);
}Session-based embed
Use sessionId when your flow creates or retrieves a checkout session/configuration first and needs metadata or other server-side context to travel with checkout.
import { WhopCheckoutEmbed } from "@whop/checkout/react";
export function CheckoutPage() {
return (
<WhopCheckoutEmbed
sessionId="ch_xxxxxxxxxxxxxxx"
returnUrl="https://example.com/checkout/complete"
theme="system"
skipRedirect
onComplete={(planId, receiptId) => {
console.log(planId, receiptId);
}}
/>
);
}Embed prop checklist
Use this as a planning checklist, not as the final component reference. Before shipping, compare the generated code against Whop's checkout embed docs.
| Prop | Use when | MCP review question |
|---|---|---|
planId | You are checking out a known plan directly. | Did the agent verify the live plan is active and belongs to the expected product? |
sessionId | You created or retrieved a session/configuration first. | Does the session carry the metadata or attribution the workflow needs? |
returnUrl | External payment providers may redirect back to your site. | Does the return page handle success and error status? |
affiliateCode | Checkout should attribute a partner. | Is attribution also reflected in links or server-side configuration? |
theme, environment | You need visual mode or sandbox checkout. | Is a sandbox plan being used with sandbox environment? |
hidePrice, hideTermsAndConditions, skipRedirect | You need to control visible checkout behavior. | Has the team reviewed what the buyer will no longer see? |
prefill, hideEmail, disableEmail, hideAddressForm | Your funnel collects customer details before checkout. | Can the parent page clearly show or control the hidden fields? |
setupFutureUsage | You intend to save a payment method for future off-session use. | Is this flow paired with the right setup intent and webhook handling? |
onComplete, onStateChange, onAddressValidationError, onPromoCodeChanged | You need event callbacks from the embed. | Are callbacks treated as UI signals, not as the only source of fulfillment truth? |
fallback, styles | You need loading UI or padding adjustments. | Does the embed still fit mobile checkout without layout shifts? |
Webhook context after checkout
Checkout UI callbacks are useful, but server-side fulfillment should rely on verified webhook events. Whop's webhook guide documents signature verification and common events such as payment.succeeded, membership.activated, and setup-intent events.
| Event family | Use for | MCP task |
|---|---|---|
payment.succeeded | Confirm a payment completed. | Inspect webhook handler code and verify it is idempotent. |
membership.activated | Confirm customer access changed. | Map membership activation to product access and onboarding. |
setup_intent.succeeded | Confirm a saved-payment-method setup completed. | Check whether the flow uses setup intent state correctly before future charges and confirm the receiver has webhook_receive:setup_intents. |
Inspect the Whop webhook handler for checkout fulfillment.
Confirm it verifies signatures, returns 2xx quickly, handles duplicate delivery, and treats embed callbacks as UI state rather than final fulfillment proof.
Do not edit the handler yet.Affiliate attribution
Whop affiliate attribution can appear in links and checkout/API fields. Keep attribution explicit so you can tell whether traffic came from a partner link, embedded checkout, or an MCP-created checkout configuration.
| Surface | Field or pattern | Use for |
|---|---|---|
| Referral link | ?a=<username> | Simple public attribution links. |
| Checkout configuration | affiliate_code | API/MCP-created checkout setup. |
| React embed | affiliateCode | Embedded checkout attribution. |
Approval prompt for write actions
Use this before approving checkout creation, checkout updates, promo code changes, payment retries, or anything that can affect a customer purchase.
Before calling a write-capable Whop checkout tool, show:
1. Exact tool name
2. Exact JSON arguments
3. Target company, product, plan, checkout configuration, payment, or promo code
4. Customer-facing effect
5. Whether this is sandbox or production
6. Required permissions
7. Rollback or cleanup path
Wait for approval before calling the tool.FAQ
Should I use Docs MCP or API MCP for checkout?
Use Docs MCP to understand implementation details and API MCP to inspect live products, plans, checkout configurations, payments, setup intents, and memberships.
Should embedded checkout use planId or sessionId?
Use planId for the simplest known-plan checkout. Use sessionId when the server has created or retrieved a session/configuration that carries metadata, attribution, or setup context.
Can Whop MCP create checkout resources?
Yes, when the active API MCP exposes the relevant checkout tools and the credential has the required permissions. Treat creation as a write action and review the arguments first.
What should I verify before approving checkout changes?
Verify company ID, plan ID, mode, redirect URL, metadata, affiliate code, sandbox versus production context, required permissions, and whether the action creates a new resource or changes an existing one.