#HarrisonResnick19779

Hi, what error are you seeing? What is the issue? What did you expect vs. what are you seeing?

Can you share the request id where you see this error? Here's how you can find a request ID: https://support.stripe.com/questions/finding-the-id-for-an-api-request

I expect it to redirect back to the app, but it's saying access denied. Here is my apple site association

https://cdn.puremetals.app/.well-known/apple-app-site-association

using using a SFSafariViewController to show the account creation flow as per the docs

Do you see any errors on your browser console?

it says access denied in the SFSafariViewController, and it should be returning to the app

the app well know association is set up properly because i'm using it for other purposes as well.

Can you share the request id where you're creating this account link, https://stripe.com/docs/api/account_links/create?

where can i find the request id?

Here's how you can find a request ID: https://support.stripe.com/questions/finding-the-id-for-an-api-request

req_WV3A0bzVao33MW

That does not seem like the request id for creating an account link

what do you mean

i'm using the account_links endpoint not account_links/create

as per the documentation

try this: req_hC5xo8JVkR1lo5

That request id you shared is for /v1/files endpoint and not account link.

and this: req_kErVGpvuO9ZONZ

neither worked

in one of them i had /* at the end of the url, and in the other i didn't

any luck?

yeap, from looking at the video you shared, it looks like your code is returning this error. You'd want to debug where you're throwing this error access denied in the SFSafariViewController, and it should be returning to the app on your code and go from there.

what?

no the code isnt returning an error.

the redirect url is saying access denied.

but i know it's properly configured because i use it for other purposes within my app

(such as Plaid)

If you look at the url, cdn.puremetals.app/ it's on your end where this error is thrown.

yes, i know

but the entire thing is set up properly, and i use the same url in other instances and it has the expected behavior

this is the only thing unique to the stripe setup

Hello! I'm taking over and catching up...

So the access denied message coming from your code/server is expected?

no.

Okay, so where is that access denied error message coming from?

the redirct url

Right, but that's your URL and your error message. What I mean is why are you throwing an access denied error on your when this happens?

when i press the "return" button within the web interfact, nothing happens. when i complete the flow, it says access denied

i'm not throwing the error. the apple well know association only allows access from within the app and for some reason it's failing in this case.

but it works in all other cases

To clarify, cdn.puremetals.app is your domain running on your server, right?

yes

i have this url for both the return and request url

"https://cdn.puremetals.app/stripe"

Okay, so the content of that page is coming from your server and your code. The access denied message is coming from you.

yes i know

are you aware of how apple well know site association works?

I don't understand what that has to do with the access denied message on this page.

But yeah, that's used to associate a domain with an app.

Can you explain how those two things are related to each other?

right, so that's what i'm doing here. it should be redirecting me back to the app

Why would it do that when you're throwing an access denied error?

this is literally in the docs

https://stripe.com/docs/connect/collect-then-transfer-guide?platform=ios

Yes, I know.

Let's back up.

the link is working. when i press the safari icon within the safari view controller, it prompts me to redirect back to the app

It seems to me that the core issue here is that your server is returning an access denied error, likely with a 403 status code, which is preventing the redirect/handoff back to your app. Thus it seems like the next step is to investigate the access denied error and fix that issue so the redirect/handoff works.

therefore, this universal link is working.

I am in no way implying that your universal link doesn't work.

so there is not reason this shouldnt work

I am saying that the access denied error is likely the reason why the flow is not working as expected.

But you're saying the access denied error has nothing to do with it?

no that's not what i'm saying

i'm saying that in all other use case i do not get access denied, but when stripe uses the link to redirect to my app, i do.

Right.

So my question is: why does that happen?

as you can see, it works.

it just doesn't work after the sign in flow is complete

that's why i'm here

I feel like we're talking past each other. What I need to know in order to help you is this: when Stripe attempts to redirect back to your URL in the flow shown in your video above, why is your server showing an access denied message? I cannot determine why on my end; I do not have access to your server, the code running on it, or the logs it's producing.

Apple handles that stuff.

i don't know why.

Wait, let's stop there.

What do you mean by "Apple handles that stuff"?

all i know is i set everything up exactly as the docs said and it didn't work

i followed the apple docs to set up the url, and stripe docs to configure it

Who wrote the code that's running on cdn.puremetals.app?

Was it you or Apple or someone else?

i did but it's copy-paste from the app documentation

Okay, so here's what you need to do: look through the logs that code is generating, or add additional logging, to determine where that access denied message is coming from.

ok.

no

when i open the stripe url in safari (rather than in the app as i showed) it works

Yep, you said that above.