#holykent
dry dawn
livid dragon
so, creation and confirmation of setupintent is done on the backend.
wraith plaza
That approach is fine - we document it here: https://stripe.com/docs/payments/finalize-payments-on-the-server?type=setup
livid dragon
and all I have to do to be compliant is warning the customer with text of what they are agreeing to?
i.e. we will collect a one time payment from you in the future
wraith plaza
Yes (if you're saving payment method types that require mandates)
livid dragon
Yeah, so off-session.
aside from retries and exception handling, this basically covers it completely?
public async Task<string> CreateSetupIntent(string paymentMethodId)
{
var options = new SetupIntentCreateOptions
{
PaymentMethodTypes = new List<string>
{
StripePaymentMethods.Card
},
PaymentMethod = paymentMethodId,
Usage = "off_session"
};
var service = new SetupIntentService();
var setupIntent = await service.CreateAsync(options);
return setupIntent.Id;
}
public async Task<string> ConfirmSetupIntent(string setupIntentId)
{
var service = new SetupIntentService();
var setupIntent = await service.ConfirmAsync(setupIntentId);
return setupIntent.Id;
}
You're not handling next actions at all in that code - https://stripe.com/docs/payments/finalize-payments-on-the-server?platform=web&type=setup#next-actions
livid dragon
So, whenever I try to confirm a paymentIntent, regardless if it's confirmed immediately a fter creating a paymentIntent or as part of a setup intent, I need to return a clientsecret to the frontend IF the status is "requires_action"?
wraith plaza
Yes
livid dragon
this is a step I've missed then
wraith plaza
Yeah definitely read through that whole doc to make sure you're not missing anything
livid dragon
oh man i've been reading docs for 3 weeks now and i feel like it's all very disjointed
thats why i had to come to this discord
wraith plaza
Yeah that's fair - the hard part is knowing the right doc to read (because otherwise it can get a bit jumbled)
But the doc I linked to should be a pretty good walkthrough of how to do server-side confirmation
livid dragon
So, I've read your link twice now and im not sure I follow.
4: Client side -- customer interacts with stripe elements, inputs card info, submits, paymentMethodId is created that can be sent to the server for creation of a paymentIntent object, fine.
5: Handle any next actions, STILL client side... now, it says "when the paymentintent requires additional action..."
But between these steps, there hasn't been a paymentIntent created on the server.
And then it jumps to 6: server side, and suddenly it says to create a paymentintent object.
So, is it created between 4 and 5 or after 5? Because the docs are saying two different things
I dont understand at what step in the process the futher authentication pops up. is it directly after they submit their card details in the elements form or is it after ConfirmAsync() in the server on the server-side created paymentintent?
wraith plaza
If you look at the code from step 4 you should see something like this
// Create the PaymentIntent
const res = await fetch("/create-confirm-intent", {
method: "POST",
headers: {"Content-Type": "application/json"},
body: JSON.stringify({
paymentMethodId: paymentMethod.id,
}),
});
which comes immediately after creating the Payment Method
Step 6 explains what the actual implementation of that /create-confirm-intent endpoint should look on your end
but it does happen right after creating the PM
livid dragon
yeah ok so then that's what I already have. Just want to make sure.
thanks for clarifying