#nickdnk-Connect

👋 happy to help

basically a Standard Account can have as many applications as they want

Yeah, but I read somewhere that some applications are of a type that can only be 1 of

https://stripe.com/docs/connect/oauth-standard-accounts#revoked-access

I can't revoke it as a platform. I don't have access to their dashboard

but I guess first you need to payout everything in their balance

Ah connect.stripe.com/oauth/deauthorize

pay out what?

yep

Their balance is -5000 dkk

but we did not cause this

but I guess first you need to payout everything in their balance
wait sorry

I might be wrong

We have nothing at all to do with the transactions made on the account

it's a Standard Account so yeah you could leave it up for them

to handle that

Sure, but can i disconnect then?

yes

Alright

but in all cases, you'd be better off checking out with support https://support.stripe.com/?contact=true

I don't know how this happened

No, I don't talk to Stripe support

It's hopeless

Tahnks

it's not really something that we deal with on a daily basis

I'll just disconnect it

I read somewhere in the documentation that Stripe would only allow 1 write-access application to an account

But I guess this is one at a time then

could you please find the reference?

Hold on

Uhm no I can't find it

https://stripe.com/docs/connect/oauth-reference

there

woops

Starting in June 2021, Platforms using OAuth with read_write scope won’t be able to connect to accounts that are controlled by another platform.

So I guess what happened was they connect to one, then disconnected it, then connected to ours

maybe

I'm not sure

I don't have their account id so I can't be sure

acct_1KtYgvE9Ipb9jG92

this is why I was telling you to work it out with support

No thanks

they would be better equipped to look into the history

It's not important as long as I can just disconnect it

I'm really sorry you have this strong opinion about our Stipe Support team

So this was more if you wanted the account name to find out yourself

Well that's on you. If they would not talk to people like robots and actually listen to what you say, then I'd consider it, but I only do Stripe support if I absoutely have to, otherwise I come on here. Help is much better on here, as you can see you already answered the question. This would have taken me hours with Stripe support.

Thanks, the disconnect endpoint was what I needed. i would suggest you add it to the API reference here: https://stripe.com/docs/api/accounts

It seems to not appear on there

Unless I'm blind

So this was more if you wanted the account name to find out yourself
I don't follow

Well that's on you. If they would not talk to people like robots and actually listen to what you say, then I'd consider it, but I only do Stripe support if I absoutely have to,
Don't be shy to raise the feedback while talking to them.

You said you didn't know and needed the account name. So I gave it to you.

That's funny 😄

They give you generic "Your feedback means a lot to us" stuff

I prefer to talk to people, like you

I've had so many awful encounters with them, so I've given up

I'm trying to help you and honestly but I find your attitude to be a bit more drastic

You did help

I already said that 🙂

I've had so many awful encounters with them, so I've given up
again I'm terribly sorry

You don't have to apologize, you don't do the support, I assume. I'm just explaining why support is not an option I consider

I will just disconnect the account like you suggested

please let me know if you need any more help

And as I said I suggest you add the disconnect endpoint to the docs here: https://stripe.com/docs/api/accounts

That's where I looked first

I will, thanks 🙂

OAuth isn't really the thing we recommend

But in this case it's the only option, no?

and I agree sometimes we have some undocumented features either explicitly

or just because we just have things to improve in our docs

and we're working on it

But in this case it's the only option, no?
yes it is

this is why I linked the docs to it

instead of the API reference

And that's why I brought to your attention that it was just missing from the API reference. Had it been there, I would have found it immediately, was my point. So this is just feedback.

I agree, but I don't really know why it doesn't exist. I'm not sure if it's a conscious decision

Obviously I couldn't tell you

yeah I bet you couldn't 😛

Heh

Disconnecting a connected account from within the dashboard would also be helpful

So I don't have to create an API key and use the API just for this one thing

👋 Taking over from tarzan and catching up

(thinking out loud) Don't think you can reject a standard account so that's out of the equation

I just did

Or, I disconnected it, I didn't reject it

Using the API call tarzan linked to: https://stripe.com/docs/connect/oauth-standard-accounts#revoked-access

So that worked fine, also for a negative balance

ah okay, it was setup with oAuth.
Cool. Sorry wasn't sure if the thread was resolved 🙂

Yeah we "still" use that

I saw you guys made some other flow for it

yeah to isolate Platforms’ processing activity on Standard accounts

Isolate? Can you link?

Glad you're unblocked though 🙂
Sure thing

https://stripe.com/docs/connect/oauth-changes-for-standard-platforms

Been a while since I looked at onboarding

Hmm

But this is still Oauth?

or am I misunderstanding something here

ah sorry, I meant this one
https://stripe.com/docs/connect/standard-accounts

Ahh yes I looked at that

We won't be doing that in the near-future. Too much work for little to no benefit

OAuth works fine for the time being

cool 🙂 👍

Would have done it then if it had been there though, cause it's clearly a better user experience

😄

definitely

So looking at the oauth thing you linked

This change ensures that in the rare case that a Standard Connect user interacts with two platforms, each platform’s activity is kept distinct in separate accounts.

This was not really the case, as I suddenly had activity of another platform visible to my platform

and we're both read_write

And this account was definitely created after june 2021

It was acct_1KtYgvE9Ipb9jG92 if you want to inspect that

I disconnected it now though (for this reason)

Hey sorry took me a bit to catch up on this thread. I am not immediately sure why that account was allowed to connect like that either but am looking in to it.

Cool @calm root let me know what you find

Will do, apologies but the server has gotten pretty busy. As this account is disconnected now, are you mostly trying to figure out how this happened in the first place? Or is this more how to prevent this from happening if they reconnect?

Well, both

I was under the impression that this was impossible

So given that it isn't, I would like to know how to mitigate it going forward, if possible

We suddenly got webhooks based on another platform's activity

so we generated a PDF with payout details and sent it to the account owner, but with our name on it

and they were totally confused

as were we

Sorry for the late reply, @ me so I get notified and I'll reply faster @calm root

Gotcha, will do in future.

And what is your account ID for reference?

sec

acct_17xDxxL7ilRdQXxE is the platform

One thing I als noticed

Which I was confused about

I'll dm

Okya I can't DM

but I have some screenshots that show the account's connect section, where our app has a button for disconnecting while the other platform does not

They are not there at the same time though

So I was wondering how the other platform prevents their account from being removed by the account owner

This might help you investigate

nvm the DM I just cropped it out so there's no sensitive data

It's in Swedish, but the first one says "Read and write and other administrative permissions" while ours (Nyx) just says "Read and write"

So they're obviously not connected in the same way

I don't think this is the same account though

They said they had 2 Stripe accounts. So this is more to illustrate that our connect parameters are not identical which might help you figure out how this could happen

Maybe one is Custom/Express - I don't know how Seven Rooms does it

What I know is that their app ended on a standard account connected to our platform, somehow

sorry for wall of text

@rustic kestrel No worries, going forward with this user specifically, they will need to create a new Standard account. We typically recommend platforms doing that when connecting existing standard accounts anyways because that way you always know what you are getting as opposed to a possibly new possibly existing account. There should already be a "new account" button on the page your oauth link brings them to so you can probably just send them the link and ask them to go through that flow.

Still haven't been able to find much on how this account was able to connect like this in the first place or how to prevent it for others going forward if you are staying with OAuth. If you were using the other flow, I'd say creating new Standard accounts should be the flow going forward but I don't know if you can ensure new account creation with the existing OAuth flow

Alright. As I wrote earlier I don't have the resources to change our onboarding flow from oauth to the one you sent here at the moment. I will have to just monitor for these problems. It's never happened before.

Needless to say you should investigate this, as clearly not all cases have been thought of.

We always tell people to create an account and then link it, but we can't do much else when using oauth

I also told them to create a new account in this case

Definitely will do. Would you mind writing in to support@stripe.com and DM-ing me your email? I can grab the ticket right away. I think it might be best to move this investigation async so I can give a better in depth answer

Alright, what do you want me to write? I don't really have time to iterate everything here one more time

Can't DM you

I can copy paste the conversation if you want

"Move it async" is such a dev thing to say for a conversation. Love it.

Don't hold up the main thread 😄

@rustic kestrel DM'd you, just send your email there. If you includethe two IDs and mention mention Discord/me, that should be fine. I can grab and add detail from this thread

Sent