#tyler-archetype

Hi there

No you would use OAuth for this.

https://stripe.com/docs/connect/oauth-standard-accounts

You can also create an OAuth link via the Dashboard by going to your Connect tab and clicking "create"

Do webhooks still work the same with OAuth as they do with AccountLink.create?

Hmm what do you mean by that exactly?

Are you asking what Webhooks will fire when the account is connected?

ya. When I make the oath call I get a page that says: "To finish the process of getting an access_token for your user's account, you'll need to make one extra API request with the authorization code we passed back" but with AccountLink.create I get the access_token through a webhook

I was wondering if I could still get the access_token through the webhook

actually maybe I don't get the access_token with AccountLink.create. Is that only necessary for Oauth?

Hi 👋 yes, access tokens are unique to OAuth. When integrating with our new approach, instead of using access tokens, you specify the Connected Account that you're making a request for via the stripe-account header/parameter:
https://stripe.com/docs/api/connected_accounts

Oh so I don't need to worry about the access token anymore?

Correct, not if you're using this approach to create Standard Accounts for your users and onboard them:
https://stripe.com/docs/connect/standard-accounts

But you're saying with Oauth I'd still need to use access_tokens

I don't think I can use this approach: https://stripe.com/docs/connect/standard-accounts Because I'm trying to link a customers existing stripe account and make it one of my Connect accounts

Correct, but I'd also to clarify that we no longer recommend using OAuth for new integrations. Platform Controls were introduced, and with those some Connected Accounts get locked to only be associated with a single Platform. If you try to use OAuth for an account in this state, the system will automatically create a new Standard Account and connect that instead.

It's not possible to know when this will happen, so it's typically more consistent to create your own accounts anyway to avoid this.
https://stripe.com/docs/connect/oauth-standard-accounts#:~:text=OAuth is not,by another platform.

Got it. The migration strategy seems cumbersome with creating a new connect account though if a user already has a standard account that they have been using. What would you suggest as a migration strategy to the new connect account in this circumstance

Can you elaborate? What would they be migrating?

if they have existing customers, prices, products, subscriptions in their standard account and then we create a new connect account for them all of those don't get carried over

Hm, what is your Connect Platform trying to accomplish, I'm wondering if it would be a better fit for a Stripe App?

what's a stripe app?

They're our new version of what were previously called Extensions. They offer API access as well as offering a surface for providing a UI within the Stripe dashboard:
https://stripe.com/docs/stripe-apps
https://stripe.com/docs/stripe-apps/how-stripe-apps-work

I see. I don't think that's my use case. I want to be able to have API access to an account that my customer also has access to

which I believe is the use case for Connect

Gotcha, I was just curious why you were trying to reference an account's existing objects in your flows.

oh ya we definitely need to be able to reference existing objects or have copies of them

and also create new ones

Okay, well if you rely on OAuth you might end up connecting to an empty account, but if you use the new flow you will consistently be connecting to an empty account. If you can create objects to satisfy your flow's needs, then you can begin creating objects in the account's as necessary.

so you're suggesting we recreate our customers objects

Not necessarily, I'm still trying to understand why you want to reference previous objects on newly Connected Accounts.

If there are objects that your integration requires to function, then you'll likely want to create those.

for connecting via oauth it the authorization code? So we can store that and whenever we want to interact with the connected account we can use https://connect.stripe.com/oauth/token to generate a new token?

The authorization code is used for completing the onboarding flow. For rolling access tokens later, you'll want to use the refresh_token.

ok and this would be something we would have to manage with Oauth but not with the new process

Yup, but I think you can use the new approach (using stripeAccount) even if you connected the account via OAuth.

oh

so if it's connect via oauth we can still manage them using the stripeAccount