DEV Community: Felipe González Alarcón The latest articles on DEV Community by Felipe González Alarcón (@figonzal1). https://dev.to/figonzal1 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F993243%2Fbc701817-0323-42f2-a1b0-5c69e7bc7b5a.png DEV Community: Felipe González Alarcón https://dev.to/figonzal1 en Integrating Webpay Plus into a modern stack Felipe González Alarcón Thu, 04 Jun 2026 18:29:03 +0000 https://dev.to/figonzal1/integrating-webpay-plus-into-a-modern-stack-37ea https://dev.to/figonzal1/integrating-webpay-plus-into-a-modern-stack-37ea <p>If you've ever worked on an e-commerce project in Chile, sooner or later you bump into Transbank. There's no avoiding it.</p> <p>I built a reference template that use NestJS on the backend and Next.js 16 on the frontend, and in this post I want to walk you through the whole thing: what <a href="https://transbankdevelopers.cl/documentacion/webpay-plus" rel="noopener noreferrer">Webpay Plus</a> actually is, why the integration looks the way it does, and how each piece fits together.</p> <p><strong>Github Repository Reference:</strong> <a href="https://github.com/figonzal1/webpay-nestjs-nextjs" rel="noopener noreferrer">Link</a></p> <h2> A bit of context </h2> <p><strong>Webpay Plus</strong> is one of the most important online payment methods in Chile. The user experience is straightforward: your customer enters an amount on your site, gets redirected to Transbank's branded payment page, fills in their card details there, and comes back to your site with a result.</p> <p>From a UX perspective it's not as slick as Stripe Elements or a fully embedded checkout — the user always sees Transbank's domain in the address bar during the payment — but from a developer's perspective that's actually a feature.</p> <p><strong><em>You never touch card numbers. PCI scope stays minimal. Transbank handles 3D Secure, fraud rules, and bank routing.</em></strong></p> <p>The trade-off is that the integration model is what you might politely call <strong>classical</strong>. It's built around full-page redirects and form POSTs, not modern APIs with JSON responses and webhooks. That's important to understand up front, because it shapes every decision you'll make in the code.</p> <h1> The integration flow, step by step </h1> <p>Before looking at any code, it helps to have a clear mental model of <strong>what's happening</strong>. There are <strong>three distinct moments</strong> where your system talks to Transbank's system, and each one has a specific shape.</p> <ol> <li><p><strong>First Step:</strong> When the customer clicks "Pay", the <strong>backend</strong> asks <strong>Transbank</strong> to create a <code>transaction (amount, order ID, return URL)</code>. Transbank returns a transaction token and a redirect URL where you must send the user.</p></li> <li><p><strong>Second Step:</strong> Transbank requires the redirect to be an HTTP POST with the token in a <code>token_ws</code> form field, so you must generate an HTML form with a hidden <code>token_ws</code> input and submit it programmatically to avoid token leakage via history/referrers. Once on Transbank's page, the user enters their card details and either completes or cancels the payment. This step is entirely out of your hands — which, again, is the point.</p></li> <li><p><strong>Third Step:</strong> When <strong>Transbank</strong> redirects back with the <code>token_ws</code>, your backend calls <strong>Transbank</strong> to validate the token and retrieve the transaction details (response_code <code>0</code> = approved); then you route the user to a success or error page.</p></li> </ol> <blockquote> <p>Note: Transbank can POST the return (e.g., on timeout, cancel, or abandonment) to the same return URL instead of a GET, so make sure your backend accepts and handles both <code>POST</code> and <code>GET</code> to avoid broken pages.</p> </blockquote> <p><strong>Sequence diagram of the steps</strong></p> <p><a href="https://mermaid.live/edit#pako:eNqNVGFP2zAQ_Ss3fwIptE1bCESCDwW0TUiA1lSTpkrITQ7ISOzubEOhqrQfsV-4X7KzQwst28Sn2Pfevbt7Omcucl2gSIXBHw5VjielvCFZjxWAdFYrV0-Q_G0qyZZ5OZXKwgikgXOc2dZ3s4kNPPYVJ1P5eKyVJV1VbwWGL6Qh0n2Z4yYj84yMpDITqe5geHLGDE861xZB3yPBKMpSOCaUHLCeKXNbauVJo52jo0EKlxfDDNoPoQ7MZa2dsguPDxgfppCH5Gy2tcS2PThkkJXtrNXgWxP3eEEFUgQGjeESn4sImowICK0jNaIq5GY7jfLc6jtUETiqFo1m09FmfODjozfxvwz6BYuSMLdg9bNzy0EZ_JRll82015pqeCjtLQTFqwezrsXkkeEvKotkIJdUQIFWlpX5h8FaXZesueFw1szz8TQDTWtGt3Nd16UNG1Rxu2WN2ln4_fMXKL3qis_czODsKrs4Oz335BczaDlqm9C4yraRSIcdwsogyImmRm-VHyb2VV4P_W7BpuGguGpvykz2aKnTrEvg8bosWdsN_GphAmMTXy0Fa061MnjlHx1vk5XWmUVD8l6t4XB4eAidBvzPKMblOW9lwwvjrKt8eJfKyhDWUEVwRhUiEjdUFiK15DASNVIt_VXMPWEs7C3WOBYpHwtJd2MxVgvO4ff7Tet6mUba3dyK9Fpyb5Fw04Kf1PNfZhUlroZ07F-USPtJEkREOhczkcadpLUbd3b7B0m30-_tJt1IPIp0Jz5IWp1ut9fb6-wlSW8vXkTiKdSNW3E_7vY5kbH93sF-f_EHAtigSw" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fmermaid.ink%2Fimg%2Fpako%3AeNqNVGFP2zAQ_Ss3fwIptE1bCESCDwW0TUiA1lSTpkrITQ7ISOzubEOhqrQfsV-4X7KzQwst28Sn2Pfevbt7Omcucl2gSIXBHw5VjielvCFZjxWAdFYrV0-Q_G0qyZZ5OZXKwgikgXOc2dZ3s4kNPPYVJ1P5eKyVJV1VbwWGL6Qh0n2Z4yYj84yMpDITqe5geHLGDE861xZB3yPBKMpSOCaUHLCeKXNbauVJo52jo0EKlxfDDNoPoQ7MZa2dsguPDxgfppCH5Gy2tcS2PThkkJXtrNXgWxP3eEEFUgQGjeESn4sImowICK0jNaIq5GY7jfLc6jtUETiqFo1m09FmfODjozfxvwz6BYuSMLdg9bNzy0EZ_JRll82015pqeCjtLQTFqwezrsXkkeEvKotkIJdUQIFWlpX5h8FaXZesueFw1szz8TQDTWtGt3Nd16UNG1Rxu2WN2ln4_fMXKL3qis_czODsKrs4Oz335BczaDlqm9C4yraRSIcdwsogyImmRm-VHyb2VV4P_W7BpuGguGpvykz2aKnTrEvg8bosWdsN_GphAmMTXy0Fa061MnjlHx1vk5XWmUVD8l6t4XB4eAidBvzPKMblOW9lwwvjrKt8eJfKyhDWUEVwRhUiEjdUFiK15DASNVIt_VXMPWEs7C3WOBYpHwtJd2MxVgvO4ff7Tet6mUba3dyK9Fpyb5Fw04Kf1PNfZhUlroZ07F-USPtJEkREOhczkcadpLUbd3b7B0m30-_tJt1IPIp0Jz5IWp1ut9fb6-wlSW8vXkTiKdSNW3E_7vY5kbH93sF-f_EHAtigSw%3Ftype%3Dpng%2520align%3D" width="1090" height="1312"></a></p> <h2> Backend Code </h2> <p>The controller stays thin — it reads the incoming parameters, decides which case it's in, and delegates the actual <strong>SDK</strong> call to the service. Here's the commit handler, which is where most of the interesting logic lives:</p> <p><strong>Controller example</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">private</span> <span class="nx">tx</span> <span class="o">=</span> <span class="nx">WebpayPlus</span><span class="p">.</span><span class="nx">Transaction</span><span class="p">.</span><span class="nf">buildForIntegration</span><span class="p">(</span> <span class="nx">IntegrationCommerceCodes</span><span class="p">.</span><span class="nx">WEBPAY_PLUS</span><span class="p">,</span> <span class="nx">IntegrationApiKeys</span><span class="p">.</span><span class="nx">WEBPAY</span><span class="p">,</span> <span class="p">);</span> <span class="p">@</span><span class="nd">All</span><span class="p">(</span><span class="dl">'</span><span class="s1">/commit</span><span class="dl">'</span><span class="p">)</span> <span class="k">async</span> <span class="nf">callback</span><span class="p">(@</span><span class="nd">Req</span><span class="p">()</span> <span class="nx">req</span><span class="p">:</span> <span class="nx">Request</span><span class="p">,</span> <span class="p">@</span><span class="nd">Res</span><span class="p">()</span> <span class="nx">res</span><span class="p">:</span> <span class="nx">Response</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">params</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">method</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">GET</span><span class="dl">'</span> <span class="p">?</span> <span class="nx">req</span><span class="p">.</span><span class="nx">query</span> <span class="p">:</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">tokenWs</span> <span class="o">=</span> <span class="nx">params</span><span class="p">[</span><span class="dl">'</span><span class="s1">token_ws</span><span class="dl">'</span><span class="p">]</span> <span class="k">as</span> <span class="kr">string</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">tbkToken</span> <span class="o">=</span> <span class="nx">params</span><span class="p">[</span><span class="dl">'</span><span class="s1">TBK_TOKEN</span><span class="dl">'</span><span class="p">]</span> <span class="k">as</span> <span class="kr">string</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">tbkOrdenCompra</span> <span class="o">=</span> <span class="nx">params</span><span class="p">[</span><span class="dl">'</span><span class="s1">TBK_ORDEN_COMPRA</span><span class="dl">'</span><span class="p">]</span> <span class="k">as</span> <span class="kr">string</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">tbkIdSession</span> <span class="o">=</span> <span class="nx">params</span><span class="p">[</span><span class="dl">'</span><span class="s1">TBK_ID_SESSION</span><span class="dl">'</span><span class="p">]</span> <span class="k">as</span> <span class="kr">string</span><span class="p">;</span> <span class="c1">// Timeout</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">tokenWs</span> <span class="o">&amp;&amp;</span> <span class="o">!</span><span class="nx">tbkToken</span><span class="p">)</span> <span class="p">{</span> <span class="k">this</span><span class="p">.</span><span class="nx">logger</span><span class="p">.</span><span class="nf">warn</span><span class="p">(</span> <span class="s2">`[</span><span class="p">${</span><span class="nx">req</span><span class="p">.</span><span class="nx">method</span><span class="p">}</span><span class="s2">] /webpay/commit timeout tbkOrdenCompra=</span><span class="p">${</span><span class="nx">tbkOrdenCompra</span><span class="p">}</span><span class="s2"> tbkIdSession=</span><span class="p">${</span><span class="nx">tbkIdSession</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="p">);</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="dl">'</span><span class="s1">http://localhost:4000/result/error</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// Abort</span> <span class="k">if </span><span class="p">(</span><span class="nx">tbkToken</span> <span class="o">&amp;&amp;</span> <span class="o">!</span><span class="nx">tokenWs</span><span class="p">)</span> <span class="p">{</span> <span class="k">this</span><span class="p">.</span><span class="nx">logger</span><span class="p">.</span><span class="nf">warn</span><span class="p">(</span> <span class="s2">`[</span><span class="p">${</span><span class="nx">req</span><span class="p">.</span><span class="nx">method</span><span class="p">}</span><span class="s2">] /webpay/commit abort tbkToken=</span><span class="p">${</span><span class="nx">tbkToken</span><span class="p">}</span><span class="s2"> tbkOrdenCompra=</span><span class="p">${</span><span class="nx">tbkOrdenCompra</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="p">);</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="dl">'</span><span class="s1">http://localhost:4000/result/error</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// Commit TX</span> <span class="k">this</span><span class="p">.</span><span class="nx">logger</span><span class="p">.</span><span class="nf">debug</span><span class="p">(</span><span class="s2">`[</span><span class="p">${</span><span class="nx">req</span><span class="p">.</span><span class="nx">method</span><span class="p">}</span><span class="s2">] /webpay/commit token=</span><span class="p">${</span><span class="nx">tokenWs</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">webpayService</span><span class="p">.</span><span class="nf">commitTx</span><span class="p">(</span><span class="nx">tokenWs</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">response</span><span class="p">.</span><span class="nx">response_code</span> <span class="o">===</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span> <span class="k">this</span><span class="p">.</span><span class="nx">logger</span><span class="p">.</span><span class="nf">debug</span><span class="p">(</span><span class="s2">`Commit successful, redirecting to success`</span><span class="p">);</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="dl">'</span><span class="s1">http://localhost:4000/result/success</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="k">this</span><span class="p">.</span><span class="nx">logger</span><span class="p">.</span><span class="nf">warn</span><span class="p">(</span><span class="s2">`Commit failed responseCode=</span><span class="p">${</span><span class="nx">response</span><span class="p">.</span><span class="nx">response_code</span><span class="p">}</span><span class="s2">, redirecting to error`</span><span class="p">);</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="dl">'</span><span class="s1">http://localhost:4000/result/error</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>As you see, the <strong>Transbank SDK</strong> does most of the heavy lifting. As a example, here's what the "<em>create transaction</em>" call looks like in the <code>webpay.service.ts</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">async</span> <span class="nf">createTx</span><span class="p">(</span><span class="nx">createWebpayDto</span><span class="p">:</span> <span class="nx">CreateWebpayDto</span><span class="p">)</span> <span class="p">{</span> <span class="c1">//TODO: Change buyOrderId with your implementation</span> <span class="kd">const</span> <span class="nx">buyOrder</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">GT-</span><span class="dl">'</span> <span class="o">+</span> <span class="nb">Math</span><span class="p">.</span><span class="nf">floor</span><span class="p">(</span><span class="nb">Math</span><span class="p">.</span><span class="nf">random</span><span class="p">()</span> <span class="o">*</span> <span class="mi">10000</span><span class="p">)</span> <span class="o">+</span> <span class="mi">1</span><span class="p">;</span> <span class="c1">//TODO: Change sessionId with your implementation</span> <span class="kd">const</span> <span class="nx">sessionId</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">Session-</span><span class="dl">'</span> <span class="o">+</span> <span class="nb">Math</span><span class="p">.</span><span class="nf">floor</span><span class="p">(</span><span class="nb">Math</span><span class="p">.</span><span class="nf">random</span><span class="p">()</span> <span class="o">*</span> <span class="mi">10000</span><span class="p">)</span> <span class="o">+</span> <span class="mi">1</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">returnUrl</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">http://localhost:3000/webpay/commit</span><span class="dl">'</span><span class="p">;</span> <span class="k">this</span><span class="p">.</span><span class="nx">logger</span><span class="p">.</span><span class="nf">debug</span><span class="p">(</span> <span class="s2">`Creating transaction buyOrder=</span><span class="p">${</span><span class="nx">buyOrder</span><span class="p">}</span><span class="s2"> sessionId=</span><span class="p">${</span><span class="nx">sessionId</span><span class="p">}</span><span class="s2"> amount=</span><span class="p">${</span><span class="nx">createWebpayDto</span><span class="p">.</span><span class="nx">amount</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="p">);</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">tx</span><span class="p">.</span><span class="nf">create</span><span class="p">(</span><span class="nx">buyOrder</span><span class="p">,</span> <span class="nx">sessionId</span><span class="p">,</span> <span class="nx">createWebpayDto</span><span class="p">.</span><span class="nx">amount</span><span class="p">,</span> <span class="nx">returnUrl</span><span class="p">);</span> <span class="k">this</span><span class="p">.</span><span class="nx">logger</span><span class="p">.</span><span class="nf">debug</span><span class="p">(</span><span class="s2">`Transaction created token=</span><span class="p">${</span><span class="nx">response</span><span class="p">.</span><span class="nx">token</span><span class="p">}</span><span class="s2"> url=</span><span class="p">${</span><span class="nx">response</span><span class="p">.</span><span class="nx">url</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="k">return</span> <span class="nx">response</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <blockquote> <p>Note: The IntegrationCommerceCodes and IntegrationApiKeys constants are public test credentials that Transbank uses as sandbox.</p> <p>When you go to production, you replace these with your real credentials (which Transbank gives you after a commercial onboarding process) and switch Environment.Integration to Environment.Production.</p> </blockquote> <p>The <strong>returnUrl</strong> is the URL <strong>Transbank</strong> will send the user back to after the payment.</p> <p><strong>This is critical: it has to be reachable from the user's browser (so no internal hostnames)</strong></p> <p>And the path you specify is where the callback handler will live on your backend.</p> <h2> Frontend Code </h2> <p>The trickiest part of the integration is step 2: Transbank requires a full-page HTTP POST with the token in a form field — a regular <code>fetch</code> or <code>router.push</code> won't work.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// PaymentForm.tsx</span> <span class="k">export</span> <span class="kd">function</span> <span class="nf">PaymentForm</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">amount</span><span class="p">,</span> <span class="nx">setAmount</span><span class="p">]</span> <span class="o">=</span> <span class="nf">useState</span><span class="p">(</span><span class="dl">""</span><span class="p">);</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">tx</span><span class="p">,</span> <span class="nx">setTx</span><span class="p">]</span> <span class="o">=</span> <span class="nx">useState</span><span class="o">&lt;</span><span class="p">{</span> <span class="na">token</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">url</span><span class="p">:</span> <span class="kr">string</span> <span class="p">}</span> <span class="o">|</span> <span class="kc">null</span><span class="o">&gt;</span><span class="p">(</span><span class="kc">null</span><span class="p">);</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">isPending</span><span class="p">,</span> <span class="nx">startTransition</span><span class="p">]</span> <span class="o">=</span> <span class="nf">useTransition</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">formRef</span> <span class="o">=</span> <span class="nx">useRef</span><span class="o">&lt;</span><span class="nx">HTMLFormElement</span><span class="o">&gt;</span><span class="p">(</span><span class="kc">null</span><span class="p">);</span> <span class="nf">useEffect</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">tx</span><span class="p">)</span> <span class="nx">formRef</span><span class="p">.</span><span class="nx">current</span><span class="p">?.</span><span class="nf">submit</span><span class="p">();</span> <span class="p">},</span> <span class="p">[</span><span class="nx">tx</span><span class="p">]);</span> <span class="kd">function</span> <span class="nf">handlePay</span><span class="p">()</span> <span class="p">{</span> <span class="nf">startTransition</span><span class="p">(</span><span class="k">async </span><span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">createTransaction</span><span class="p">(</span><span class="nb">Number</span><span class="p">.</span><span class="nf">parseInt</span><span class="p">(</span><span class="nx">amount</span><span class="p">,</span> <span class="mi">10</span><span class="p">));</span> <span class="k">if </span><span class="p">(</span><span class="dl">"</span><span class="s2">error</span><span class="dl">"</span> <span class="k">in</span> <span class="nx">result</span><span class="p">)</span> <span class="p">{</span> <span class="nf">setError</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">error</span><span class="p">);</span> <span class="k">return</span><span class="p">;</span> <span class="p">}</span> <span class="nf">setTx</span><span class="p">(</span><span class="nx">result</span><span class="p">);</span> <span class="p">});</span> <span class="p">}</span> <span class="k">return </span><span class="p">(</span> <span class="o">&lt;&gt;</span> <span class="p">{</span><span class="nx">tx</span> <span class="o">&amp;&amp;</span> <span class="p">(</span> <span class="o">&lt;</span><span class="nx">form</span> <span class="nx">ref</span><span class="o">=</span><span class="p">{</span><span class="nx">formRef</span><span class="p">}</span> <span class="nx">method</span><span class="o">=</span><span class="dl">"</span><span class="s2">post</span><span class="dl">"</span> <span class="nx">action</span><span class="o">=</span><span class="p">{</span><span class="nx">tx</span><span class="p">.</span><span class="nx">url</span><span class="p">}</span> <span class="nx">className</span><span class="o">=</span><span class="dl">"</span><span class="s2">hidden</span><span class="dl">"</span><span class="o">&gt;</span> <span class="o">&lt;</span><span class="nx">input</span> <span class="kd">type</span><span class="o">=</span><span class="dl">"</span><span class="s2">hidden</span><span class="dl">"</span> <span class="nx">name</span><span class="o">=</span><span class="dl">"</span><span class="s2">token_ws</span><span class="dl">"</span> <span class="nx">value</span><span class="o">=</span><span class="p">{</span><span class="nx">tx</span><span class="p">.</span><span class="nx">token</span><span class="p">}</span> <span class="sr">/</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="sr">/form</span><span class="err">&gt; </span> <span class="p">)}</span> <span class="p">{</span><span class="cm">/* amount input + pay button */</span><span class="p">}</span> <span class="o">&lt;</span><span class="sr">/</span><span class="err">&gt; </span> <span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>The hidden form only enters the DOM once <strong>the token is ready</strong>. The useEffect watches for that and calls submit() immediately — the browser performs a full-page POST to Transbank's URL, and the user lands on their payment page.</p> <p>Then we need a <strong>server action</strong> that keeps the backend URL off the client entirely:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="dl">'</span><span class="s1">use server</span><span class="dl">'</span><span class="p">;</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">createTransaction</span><span class="p">(</span><span class="nx">amount</span><span class="p">:</span> <span class="kr">number</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span><span class="s2">`</span><span class="p">${</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">API_URL</span><span class="p">}</span><span class="s2">/webpay`</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">'</span><span class="s1">POST</span><span class="dl">'</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">Content-Type</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">application/json</span><span class="dl">'</span> <span class="p">},</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="nx">amount</span> <span class="p">}),</span> <span class="p">});</span> <span class="k">return</span> <span class="nx">response</span><span class="p">.</span><span class="nf">json</span><span class="p">()</span> <span class="k">as</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="p">{</span> <span class="na">token</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">url</span><span class="p">:</span> <span class="kr">string</span> <span class="p">}</span><span class="o">&gt;</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>The browser never sees <code>API_URL</code>. The action runs on the <strong>Next.js</strong> server, proxies the request to <strong>NestJS</strong> internally, and only <code>{ token, url }</code> reaches the client. You can change your backend URL without touching the client bundle.</p> <h3> <strong>Handling the result</strong> </h3> <p>When <strong>Transbank</strong> redirects the user back, the backend commits the transaction and redirects to one of two pages in <strong>Next.js</strong>: <code>/result/success</code> or <code>/result/error</code>. Both are simple static pages — success shows a confirmation, error covers rejections, cancellations, and timeouts alike.</p> <h3> Testing the whole thing </h3> <p>You get a fully functional sandbox without having to sign anything or talk to anyone. They publish <a href="https://www.transbankdevelopers.cl/documentacion/como_empezar#tarjetas-de-prueba" rel="noopener noreferrer">test card numbers</a> you can use to simulate approved transactions, declined transactions, and various edge cases.</p> <p>You can run the full flow end to end on your laptop, with no real money moving anywhere.</p> <p><strong>To try the template:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ssh"><code><span class="k">git</span> clone https://github.com/figonzal/webpay-nestjs-nextjs cd webpay-nestjs-nextjs </code></pre> </div> <ul> <li> First, run the backend: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">cd</span> <span class="nx">webpay</span><span class="o">-</span><span class="nx">nestjs</span> <span class="o">&amp;&amp;</span> <span class="nx">pnpm</span> <span class="nx">install</span> <span class="o">&amp;&amp;</span> <span class="nx">pnpm</span> <span class="nx">start</span><span class="p">:</span><span class="nx">dev</span> </code></pre> </div> <ul> <li> The, run the frontend: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">cd</span> <span class="nx">webpay</span><span class="o">-</span><span class="nx">nextjs</span> <span class="o">&amp;&amp;</span> <span class="nx">pnpm</span> <span class="nx">install</span> <span class="o">&amp;&amp;</span> <span class="nx">pnpm</span> <span class="nx">dev</span> </code></pre> </div> <p>Open <code>http://localhost:4000</code>, type any amount, and walk through the full payment flow with one of the test cards. You'll see the redirect to <strong>Transbank</strong>, the payment form on their side, and the return to your success or error page.</p> <h2> Closing thoughts </h2> <p>The <strong>Webpay Plus</strong> integration looks intimidating at first because the flow involves multiple redirects, two different HTTP verbs on the same endpoint, and a hidden form trick that feels out of place in <strong>2026</strong>. But once you see the three handshakes clearly — <em>create, redirect, commit</em> — the rest is mechanical.</p> <p>A few things worth keeping in mind as you ship this: <strong>the commit endpoint needs to handle three distinct cases, not two</strong>. Transbank can return a <code>token_ws</code> (normal flow), a <code>TBK_TOKEN</code> without <code>token_ws</code> (user cancelled), or neither (timeout). The <strong>Server Action</strong> boundary is also worth preserving — proxying through Next.js keeps your NestJS URL off the client entirely, which pays off when you move from integration to production credentials.</p> <p>The <strong>SDK</strong> does most of the work. Your job is to wire the pieces together correctly and handle the unhappy paths.</p> <p>If this was useful, the full template is on <strong>GitHub</strong> — <em>Next.js frontend, NestJS backend, Transbank SDK</em> wired up in integration mode, and the full commit handler with all three cases covered. Clone it, run it with the test cards from Transbank's docs, and walk through the complete flow on your laptop before writing a single line of your own integration code. It's a much better starting point than a blank project.</p> <p>If you liked the article, feel free to give a thumbs up. You will motivate me to write more articles like this one. Thanks! ❤</p> <p>¡Happy Coding!</p> webpay nestjs nextjs payments