#cnguyen

You could use Radar rules: https://stripe.com/docs/payments/3d-secure#three-ds-radar

ok so there is no param in the code to force it ?

like in the pi

for now, my params are :
payment_method_types: ['card'],
usage: 'off_session',
customer: stripeCustomer.id,
metadata: additionalMeta,

??

Sorry I have multiple people I'm chatting with so you'll need to be patient

You should be able to actually: https://stripe.com/docs/api/setup_intents/create#create_setup_intent-payment_method_options-card-request_three_d_secure

Sorry I didn't know. Thank you.

No problem

And an other question, I listen the webhook setupintent.succeeded but for now, the response is "{
"message": "Missing Authentication Token"
}"

The response your webhook endpoint returns is that?

yes

Have you added some error handling/logging to narrow down which line of code is throwing that error? That would be next step

Or maybe it's not a stripe message

Yeah recommend you narrow down the line of code where it's happening

ok ty

Just a heads up @glossy crane that while you can specify request_three_d_secure: any to request 3DS on all auths, this is still a request -- ultimately the bank decides whether to require 3DS or not (whether or not you've asked for it).

Thank you, I create the setupintent in this way in the back (await stripe.setupIntents.create(params);) :
let params = {
payment_method_types: ['card'],
usage: 'off_session',
customer: stripeCustomer.id,
metadata: additionalMeta,
payment_method_options: {
card: {
request_three_d_secure: 'any'
}
},
};

If you need to know for sure if 3DS was leveraged, then you can inspect this after the auth either in custom Radar rules or in the payment method details of the setup attempt:
https://stripe.com/docs/api/setup_attempts/object#setup_attempt_object-payment_method_details-card-three_d_secure-result

ty

All good