#Ben

hi! well you wouldn't actually integrate that way since it involves having raw card numbers on your server, so you'd need to be PCI level 1 certified. https://stripe.com/docs/security/guide#validating-pci-compliance

We are PCI level1 compliant.
Knowing that, how could we uttilize the payment intent with raw card numbers?

and ty 🙂

there's a PaymentMethodData argument in PaymentIntentCreateOptions, I think. But I also think we hide it from docs/don't include it in the client library

https://github.com/stripe/stripe-dotnet/blob/86713f312bbff2fe8564f840c56adfcd012cb92b/src/Stripe.net/Services/PaymentIntents/PaymentIntentCreateOptions.cs#L148-L155

https://github.com/stripe/stripe-dotnet/blob/850e79b6256ddf05e1f4465e19dd7a211dc0195b/src/Stripe.net/Services/PaymentIntents/PaymentIntentPaymentMethodDataOptions.cs

yeah , it's here, but we don't include the ability to pass payment_method_data[card] in the client library, though the API can accept it.

so you can either use https://stripe.com/docs/api/payment_methods/create#create_payment_method-card and then pass the resulting pm_xxx ID to the PaymentMethod parameter of PaymentIntentCreateOptions

or you can directly pass the information using AddExtra on PaymentIntentCreateOptions to pass things like AddExtra("payment_method_data[card][number]", "4242424242424242")

thanks for all the info, one minute reading through and reporting back to make sure I got it working hehe

Ok so I went with your first suggestion and it seems to be working well -

            var PaymentMethodOptions = new PaymentMethodCreateOptions
            {
                Type = "card",
                Card = new PaymentMethodCardOptions
                {
                    Number = "4242424242424242",
                    ExpMonth = 12,
                    ExpYear = 2023,
                    Cvc = "314",
                },
            };
            var paymentMethodService = new PaymentMethodService();
            var paymentMethod = paymentMethodService.Create(PaymentMethodOptions);

            var paymentIntentOptions = new PaymentIntentCreateOptions
            {
                Amount = 4700,
                Currency = "usd",
                PaymentMethod = paymentMethod.Id,
                PaymentMethodOptions = new PaymentIntentPaymentMethodOptionsOptions()
                {                    
                    Card = new PaymentIntentPaymentMethodOptionsCardOptions()
                    {
                        RequestThreeDSecure = "any",
                    },                    
                },               
            };

Now the response body status is indeed - requires_confirmation.

Shouldn't the response body include a link that I can redirect the customer to in order to perform the 3dsecure? where afterwards youll notify me via webhook that the confirmation was made and I can confirm the intent?

no, you have to confirm it first. All you've done there is expressed the intent to charge that card, but haven't attempted it yet(so we don't know if it would succeed, or decline, or need 3DS)

generally if you integrate this way you'd pass Confirm=True when creating the PaymentIntent to attempt the payment immediately. Then the state might be succeeded or requires_action (3DS) or requires_payment_method (decline)

Got it, I thought this part comes after the intent.
retrying with confirm=true

also remember you need to pass a ReturnUrl if you're planning to handle the redirect yourself and are not using our frontends

So adding confirm=true adds the next_action property but it only has a type of value use_stripe_sdk.
So I'm guessing that refers to what you just said.

Isn't there a way to get a URL and simply open that in our frontend as a different window while putting our frontend into a loading phase and let it check our backend once the authentication was received (via a webhook)?

The reason Im asking that is that our order-pages are internal and support multiple payment solutions. from rapyd to some other processors.
So I'm willing to avoid integrating any specific software sdks in our client, and simply let the backend do its integration and provide a 3dsecure url to open as a popup if required by the processor (aka Stripe).

Is that achievable?

So I'm guessing that refers to what you just said.
yes

you need to pass return_url if you want the redirect_to_url action type.

Isn't there a way to get a URL and simply open that in our frontend as a different window while putting our frontend into a loading phase and let it check our backend once the authentication was received (via a webhook)?
yep, and that's what I think your screenshot is from the docs for? https://stripe.com/docs/payments/3d-secure#manual-redirect

and yes if you're multiprocessor this is the right direction

I don't actually need a return url, I just want a success message to be shown to the customer so he can close this window (3ds window) and go back to our cart where we will automatically show him a success message as the state is open.

Do I need to create a page with a simply "thank you" message for that return_url value or is there something Stripe can provide?

you have to create it

if you're going to be showing the redirect_to_url.url 3DS page in a popup(an iframe) then you should make the return_url be for example a page you write that postMessages to the parent frame to tell it to close the frame/show success etc

it's covered in the docs

https://stripe.com/docs/payments/3d-secure#handle-redirect

ultimately our recommendation would be to just use our frontend with e.g. https://stripe.com/docs/js/payment_intents/handle_card_action which presents a popup and closes it and resolves a Promise in your code, but if you're multiprocessor that's probably not an option

yeah its not.
I'll look into the other option you sent.
Thanks for all your help mate, was super helpful

cheers

Hey, taking over here. Let me know if there's any follow-up Qs I can answer!