Comment by EGreg

You can make it even easier

And serverless

Just have the client redirect to your checkout flow, and it redirects back with a signed payload. Like oauth. Done.

Make an HTTP interface that’s easy to curl, as well as a Javascript library to assemble the request and verify the result.

Client JS can handle own postbacks. Maybe not even to their own domain.

Or maybe client server will read that querystring in the resulting request and verify signature.

Totally up to the customer.

Finally, have the sdk also have an option to load an iframe (eg in a dialog) instead of redirect, and use postMessage for securely sending signed result. Just make sure to use Intersection Observer v2 in that case https://web.dev/articles/intersectionobserver-v2

DONE

PS: Hire me ;-)

While you do the banking side, I can integrate a ton of web3-enabled stuff for you including invoices across blockchains, recurring subscriptions, as well as contests and auctions for price discovery. See https://intercoin.org/applications