Receive payments on your Medusa commerce application using Wompi El Salvador.
Medusa Website | Wompi Docs | Wompi API
Note
This plugin supports the Enlace de Pago (hosted payment page) flow. Tokenization (savePaymentMethod) and recurring payments are not yet supported. The WompiClient includes methods for these endpoints, ready to be wired into the provider in a future release.
- Payment via Wompi hosted payment page (Enlace de Pago)
- All payment methods supported: credit/debit card, Puntos Agricola, cuotas, Bitcoin, QuickPay
- Webhook validation via HMAC-SHA256
- Auto-capture (Wompi captures at the moment of payment)
- Single-use payment links (one successful payment per link)
- Node.js v20+
- A Medusa v2 backend
- A Wompi account with at least one business (negocio) configured
- For local testing, expose localhost via ngrok or similar
From the Wompi Panel, navigate to your business detail to find:
- App ID → used as
WOMPI_CLIENT_ID - API Secret → used as
WOMPI_CLIENT_SECRETandWOMPI_API_SECRET
# npm
npm install @mantissaio/medusa-payment-wompi
# pnpm
pnpm add @mantissaio/medusa-payment-wompi
# yarn
yarn add @mantissaio/medusa-payment-wompiWOMPI_CLIENT_ID=<your_app_id>
WOMPI_CLIENT_SECRET=<your_api_secret>
WOMPI_API_SECRET=<your_api_secret>In your medusa-config.ts:
module.exports = defineConfig({
// ...
modules: [
{
resolve: "@medusajs/medusa/payment",
options: {
providers: [
{
resolve: "@mantissaio/medusa-payment-wompi/providers/wompi",
id: "wompi",
options: {
clientId: process.env.WOMPI_CLIENT_ID,
clientSecret: process.env.WOMPI_CLIENT_SECRET,
apiSecret: process.env.WOMPI_API_SECRET,
sandbox: true,
defaultRedirectUrl: "https://your-store.com/checkout/confirm",
defaultWebhookUrl: "https://your-store.com/hooks/payment/wompi_wompi",
},
},
],
},
},
],
});| Option | Required | Description |
|---|---|---|
clientId |
Yes | App ID from Wompi panel |
clientSecret |
Yes | API Secret for OAuth authentication |
apiSecret |
Yes | API Secret for webhook HMAC validation |
sandbox |
No | true for development mode (default: true) |
defaultRedirectUrl |
No | URL where the customer is redirected after payment |
defaultWebhookUrl |
No | Webhook URL for payment notifications |
defaultFormaPago |
No | Override which payment methods are enabled on the payment page |
Medusa automatically exposes a webhook endpoint at:
/hooks/payment/wompi_wompi
For local development:
- Run your Medusa backend:
pnpm dev - In a separate terminal:
ngrok http 9000 - Set
defaultWebhookUrltohttps://<ngrok-url>/hooks/payment/wompi_wompi
Wompi sends a wompi_hash header (HMAC-SHA256 of the body using your API Secret) which the plugin validates automatically.
- Customer initiates checkout → Medusa calls
initiatePayment()→ plugin creates an Enlace de Pago in Wompi - Storefront calls
POST /store/wompi/payment-linkwith{ paymentSessionId }→ receives{ urlEnlace } - Storefront redirects customer to
urlEnlace→ customer pays on Wompi's hosted page - Wompi sends webhook to
/hooks/payment/wompi_wompi→ plugin validates HMAC and confirms payment - Wompi redirects customer to
defaultRedirectUrl→ storefront shows order confirmation
POST /store/wompi/payment-link
Request:
{ "paymentSessionId": "ps_01ABC..." }Response:
{
"urlEnlace": "https://lk.wompi.sv/abc123",
"idEnlace": 12345,
"urlQrCodeEnlace": "https://wompistorage.blob.core.windows.net/...",
"urlEnlaceLargo": "https://wompi.sv/pago/..."
}Wompi does not expose a refund API. When a refund is issued from the Medusa admin, the plugin records it in Medusa for traceability (with status pending_manual) but the actual fund return must be processed manually through the Wompi Panel or directly with Banco Agricola.
- Run your Medusa backend:
pnpm dev - Enable Wompi in a region via the admin dashboard or Admin API
- Make sure your business is in development mode in the Wompi panel (transactions won't be real)
- To simulate a rejected payment in development mode, use CVV
111
# Install dependencies
pnpm install
# Run tests
pnpm test
# Build
pnpm build
# Dev mode (watch)
pnpm dev# From your Medusa project directory
pnpm add ../path-to/medusa-payment-wompi