#salman-payment-request-button

How does the user enter the promotion code? Does the promotion code comes from you?

The user enters promo on the checkout page which calls the API and applies the promo if it is valid, once this is done, the amount is updated and the stripewalletcomponent receives the amount as a prop

which calls the API and applies the promo if it is valid
This is your own API to calculate the promotion and validate the promotion code right?

Our suggestion is never use the amount in the frontend

The amount is the frontend should be used for display purpose only

as it is very easy for user to intercept your frontend code and change amount before sending to your server side to carry out the charge

you should always get the final amount in your server side

But to create/update paymentRequest we have to depend on frontend because we dont know what promo ll be applied by user and what ll be the final amount which has to be paid

correct, the frontend is only for collecting promotion code, your backend code should keep track of who is currently on the session, and what promotion code has been entered applied by the user
with that, you calculate the final amount in your server side.

Right but as this we can not do right away, it involves lot of changes and not straight forward. what should be solution or best recommended way to handle it?

our recommendation is s never use the amount in the frontend

because as I said, this poses risk on your own business

as I can simply go to your site, add a break point on javascript before the API call to your server payment and modify the amount to say 1cents to complete a transaction of 100s of dollars

there is no way for you to prevent that

I don't see there is a lot of changes

it is just your server side instead of getting the amount from front end, you calculate it again right ?