We get this question a lot — and the short answer is: No, Heartbeat’s payment screens can’t be embedded externally (and we strongly recommend against trying to do so).

Why not?

There are two major reasons:

🔐 1. We use Stripe’s secure checkout

Our payment flows are powered by Stripe’s secure embed, which means credit card information goes directly to Stripe — not through Heartbeat’s servers.

Because of that, embedding our payment form inside another website (which is itself an embed) can create issues with payment submission and card verification.

⚠️ 2. Login & access flows rely on tokens and cookies

We use JWT tokens and authentication cookies to confirm a user’s identity and grant access to your community immediately after payment.

Embedding the payment flow somewhere else (like in a course platform or landing page tool) often breaks this process. Members may:

• Pay successfully but never get access

• Land on a broken login experience

• Drop off or get stuck, then request a refund

In short: it might “look” like it’s working — but it can break in serious ways and cause lost revenue, member frustration, and support overhead.

💡 What's the best way to handle payments?

We recommend using Heartbeat’s native payment pages, which are optimized for:

• Secure credit card collection

• Clean member signups

• Seamless access to the right content immediately after payment

If you’re using an external payment provider (like Thrivecart, Gumroad, or PayPal), we recommend creating a free access group and Sign Up Links and automating invites via Zapier. You can read more about that in our guide here.

👀 Will this ever be possible?

Maybe! Making our payment embeds portable is on our longer-term roadmap, but it's not something we currently support — and trying to hack it in today will likely cause more harm than good.

If this is a critical part of your flow, feel free to reach out to our support team so we can better understand your use case.