Docs

Generic Node HTTP recipe

Implement ATM checkout, status, webhooks, and optional XRPC receivers in a plain Node server.

Closed beta@atmosphere-money/app-nodeSDK beta: 0.0.0-beta.2ATM API beta: 2026-0647 lexicons

Compatible with the closed-beta ATM app APIs and versioned ATM event headers. Check atm-api-version on every webhook or XRPC receiver event.

Install SDK

Lowest-common-denominator server contract for custom servers, agent-built apps, and language ports.

sh
npm install @atmosphere-money/app-node@beta tsx

Create checkout route

Create an app order first, check the recipient's payout status, confirm creator app approval, then ask ATM to create the hosted checkout. The route returns only the checkout URL and token to the browser.

ts
import { createServer } from "node:http";
import { createAtmAppClient } from "@atmosphere-money/app-node";

const atm = createAtmAppClient({
  getServiceAuthToken: ({ lxm, aud }) => mintAppServiceAuthJwt({ lxm, aud })
});

async function handleCheckout(request: Request) {
  const { recipientDid, amountCents } = await request.json();
  const payout = await atm.getPayoutStatus(recipientDid);
  if (!payout.payable) return json(409, { error: "RecipientNotPayable" });

  const approval = await atm.requestRecipientApproval({
    recipientDid,
    environment: "test",
    paymentTypes: ["shop"],
    feeShareBps: 300,
    requestReason: "Enable Node checkout"
  });
  if (approval.status !== "approved") {
    return json(409, {
      error: "RecipientAppApprovalRequired",
      approvalUrl: approval.dashboardUrl
    });
  }

  const order = await createAppOrder({ recipientDid, amountCents });
  const checkout = await atm.initiatePayment({
    environment: "test",
    recipient: order.recipientDid,
    amount: order.amountCents,
    currency: "usd",
    paymentType: "shop",
    returnUrl: `https://app.example/orders/${order.id}/return`,
    cancelUrl: `https://app.example/orders/${order.id}`,
    metadata: { appOrderId: order.id }
  });
  return json(200, { url: checkout.url, token: checkout.token });
}

Verify webhook or XRPC receiver

Fulfillment should come from verified ATM events. Signed HTTP webhooks are the default; XRPC receiver callbacks are optional for apps that already host an AT Protocol service surface.

ts
import { constructAtmWebhookEvent } from "@atmosphere-money/app-node";

async function handleWebhook(request: Request) {
  const rawBody = await request.text();
  const event = constructAtmWebhookEvent({
    rawBody,
    secret: process.env.ATM_WEBHOOK_SECRET!,
    headers: {
      signature: request.headers.get("atm-signature"),
      deliveryId: request.headers.get("atm-delivery-id"),
      event: request.headers.get("atm-event"),
      apiVersion: request.headers.get("atm-api-version"),
      environment: request.headers.get("atm-environment")
    }
  });

  if (await hasHandled(event.id)) return json(200, { ok: true, duplicate: true });
  await fulfillFromAtmEvent(event);
  await markHandled(event.id);
  return json(200, { ok: true });
}

Fulfill payment or ticket

The fulfillment step is the same in Generic Node HTTP: deduplicate the ATM delivery id, map the ATM payment or ticket event back to your app order, write the app-side fulfillment state once, and store the ATM id for support and reconciliation.

  1. 01

    Deduplicate

    Insert the ATM delivery id with a unique constraint before side effects.

  2. 02

    Match order

    Read appOrderId, ticket hold id, listing ref, or another private app correlation id from event metadata.

  3. 03

    Fulfill

    Grant access, issue app content, reveal tickets, update a subscription, or notify the buyer.

  4. 04

    Reconcile

    Store the ATM payment id and event id beside the app order for refunds, disputes, and redrive.

Run local test fixture

Use the runnable starter when one exists, or generate a signed webhook fixture with @atmosphere-money/testing. Your test should prove raw-body verification, duplicate delivery handling, and the app fulfillment mutation.

sh
cd examples/atm-node-app
cp .env.example .env
npm install
npm run typecheck
npm run smoke

Runtime notes

Starterexamples/atm-node-app is the complete plain Node reference checked in CI.
PortabilityThis is the best source when translating the ATM contract to Go, Python, Deno, or another server runtime.
Optional XRPCThe starter includes /xrpc/money.atmosphere.event.receive for apps that want service-auth receiver callbacks.
Framework selector

Compare all supported runtime recipes.

Open guideApp Node SDK

See the SDK helpers used by every framework recipe.

Open guideWebhook test console

Generate local webhook and XRPC receiver test commands.

Open guideTesting package

Use signed event fixtures in app receiver tests.

Open guide
Generic Node HTTP recipe - Atmosphere Money Docs