Whop Extension Starter

Introduction

A paid Chrome extension, gated by Whop.

This is a starter for a paid Chrome extension. The extension is a thin client, a Next.js app is the trusted backend, and Whop owns login, checkout, billing, and access.

The extension never decides access on its own. It holds a Whop OAuth token and sends it to the server, and the server re-checks the user's membership with Whop before returning anything paid.

How it fits together

  • Extension — a Manifest V3 popup and background service worker. It runs Whop OAuth, stores the token, and calls the backend.
  • Next.js app — the API the extension calls, plus the checkout page. It verifies access with Whop on every gated request.
  • Whop — the system of record for users, payments, subscriptions, and access.

What's inside

  • Whop OAuth login from the extension, with PKCE and no client secret
  • Server-side access checks, re-verified on every request
  • Embedded Whop checkout with a hosted fallback
  • A billing-portal link and signature-verified webhooks
  • Mock mode, so the whole flow runs before you add Whop credentials

Next

Run it locally with Getting started, then see how the pieces divide up in Architecture.

On this page