> ## Documentation Index
> Fetch the complete documentation index at: https://docs.marzipan.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Create payment intent for order

> Create a Stripe payment intent so the authenticated customer can pay an outstanding (unpaid) order. Returns the client secrets needed to confirm payment.



## OpenAPI

````yaml /api-reference/openapi.json post /account/orders/{orderId}/createPaymentIntent
openapi: 3.0.0
info:
  title: Marzipan API
  version: 1.0.0
servers:
  - url: https://api.marzipan.co/v1
security:
  - tenantAuth: []
tags:
  - name: Account
    description: >-
      Account management endpoints including registration, login, and user
      details
  - name: Carts
    description: Shopping cart management endpoints
  - name: Products
    description: Product catalog and search endpoints
  - name: Subscriptions
    description: Subscription management and renewal endpoints
  - name: CMS
    description: Content management system endpoints
  - name: Messaging
    description: Message and communication endpoints
  - name: Search
    description: Search functionality endpoints
  - name: Settings
    description: >-
      Storefront settings and market detection used to configure the web
      components and checkout.
  - name: Analytics
    description: Storefront visit and attribution tracking.
  - name: Rewards
    description: >-
      Loyalty and rewards programme endpoints for the authenticated customer,
      covering points balance, tier status, perks, exclusive products and
      transaction history.
  - name: Forms
    description: Render and submit dynamic storefront forms defined in the CMS.
  - name: Events
    description: >-
      Check event availability, browse occurrences and recurring dates, generate
      ticket QR codes, and manage event waitlists (join, leave, check status,
      and claim promoted spots).
paths:
  /account/orders/{orderId}/createPaymentIntent:
    parameters:
      - name: orderId
        in: path
        required: true
        description: The internal order ID
        schema:
          type: string
          format: uuid
    post:
      tags:
        - Account
      summary: Create payment intent for order
      description: >-
        Create a Stripe payment intent so the authenticated customer can pay an
        outstanding (unpaid) order. Returns the client secrets needed to confirm
        payment.
      responses:
        '200':
          description: Success
          content:
            application/json:
              schema:
                type: object
                properties:
                  paymentIntentId:
                    type: string
                  clientSecret:
                    type: string
                  customerSessionSecret:
                    type: string
              example:
                paymentIntentId: pi_3QabcDEF1234567890
                clientSecret: pi_3QabcDEF1234567890_secret_XyZ
                customerSessionSecret: cuss_1QabcDEF_secret_AbC
        '401':
          description: Unauthenticated
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
              example:
                message: Unauthenticated.
        '404':
          description: Order not found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
              example:
                message: Order not found
      security:
        - accountAuth: []
components:
  schemas:
    Error:
      type: object
      properties:
        message:
          type: string
          description: Error message
      required:
        - message
  securitySchemes:
    tenantAuth:
      type: http
      scheme: bearer
      description: >-
        Bearer authentication header of the form `Bearer <token>`, where
        `<token>` is your API token.
      bearerFormat: JWT
    accountAuth:
      type: http
      scheme: bearer
      description: >-
        Bearer authentication header of the form `Bearer <token>`, where
        `<token>` is the account token returned from the `Login` endpoint.

````