> ## Documentation Index
> Fetch the complete documentation index at: https://docs.meum.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Overview

> Connect, disconnect, status, and invoice → webhook → order completion flow.

## Authentication

WooCommerce connect uses a bootstrap or reconnect key. After connect, the plugin uses a **dedicated integration key** with Woo-only scopes.

***

## Connect

`POST /v1/integration/woocommerce/connect`

|           |                                                  |
| --------- | ------------------------------------------------ |
| **Scope** | `woocommerce:connect` (bootstrap/reconnect keys) |

Returns dedicated `api_key`, `webhook_secret`, and `integration_public_id` (`int_...`).

### Security

Store webhook secret in WordPress options only. Never expose in frontend.

***

## Disconnect

`POST /v1/integration/woocommerce/disconnect`

Scope: `woocommerce:disconnect`.

***

## Status

`GET /v1/integration/woocommerce/status`

Returns connection state, payout readiness, and `integration_public_id` (`int_...`).

***

## Invoice → webhook → `payment_complete()` flow

1. Woo plugin creates invoice via dedicated key (`invoices:create`).
2. Buyer pays on hosted checkout.
3. Meum delivers `invoice.paid` with `X-Meum-*` headers.
4. Plugin verifies signature, `X-Meum-Integration-Id` (`int_...`), and timestamp.
5. Handler calls `$order->payment_complete()` once per `X-Meum-Event-Id`.
6. Duplicate events return `{ "duplicate": true }` without re-running payment actions.

### Security notes

* Reject webhooks when integration id does not match stored `int_...`
* Do not replay production webhook payloads in test environments without proper isolation