#NikolaKG80

HI 👋

Since you are using the Always authenticate PM, this means it will require 3DS for every transaction

I'm not sure that I understand. When I click on the Complete Authentication button, it should mimic the customer receiving a push notification and approving the transaction?

👋 hopping in here since snufkin has to head out

Hi... So I'm not sure if I'm missing something.

So I click on Complete Authentication button, create a PaymentIntent in the backend (PHP) and that PaymentIntent has required_action status

PaymentIntent has 'confirm' => true,

You're using the 4000002760003184 card right? That card is meant to model cards that would require authentication on EVERY single transaction - so even though you provided authentication with a SetupIntent, you'll still need to provide again every time it's used for payment

I'm extracting payment_method from that exact SetupIntent

And I'm using that payment_method to create a PaymentIntent

So the authentication should stay active for that transaction?

No, that's not waht the 3184 card does

Providing authentication w/ a setupintent gives you an exemption for future payments, but the card issuer/bank can always choose to reject that and request authentication again anyways

That's the point of this card - to model a stricter card issuer that would require authentication for every transaction

If you want to test one-time setup you'll want to use the 4000002500003155 card

Same thing happens... So I create the SetupIntent, confirm it, and proceed to create a PaymentIntent with that payment_method

Are you passing off_session: true when you create + confirm that PaymentINtent?

No... That PaymentIntent is created as soon as I confirm SetupIntent

I will add that

Yeah definitely add that

Also just a quick note - in a real integration you shouldn't be creating a PaymentIntent right after a SetupIntent

Instead, you should be saving the PaymentMethod with the PaymentIntent by setting setup_future_usage: off_session and confirming the PaymentIntent client-side

Isn't it more secure to create PaymentMethod and confirm it in the backend with PHP?

Also, adding off_session: true did enable me to charge the card 4000002500003155, but not 4000002760003184

I am sorry, but when I clicked on the Complete Authentication button, how should I proceed?

How do I make 4000002760003184 work?

Also, adding off_session: true did enable me to charge the card 4000002500003155, but not 4000002760003184
Yeah that's expected (as I mentioned earlier, the 3184 card will ALWAYS ask for authentication). The only way to complete the payment would be to bring your customer back on session and get authentication again

What happens is that I extract the payment_method from the setup

Then I make a post request to another page

And in that very moment, the stripe session ends?

Let's back up for a second - if your goal is accept payment details (during a payment) and be able to charge those payment details again in the future, then you should be using a PaymentIntent that is confirmed client-side and sets setup_future_usage: off_session. We go through this in our docs at https://stripe.com/docs/payments/save-during-payment

Are you trying to do something distinct that doesn't match that scenario?

I don't know the amount, it can be changed on the page. So I'm just creating SetupIntent when the page loads, and use it to extract the client secret

You don't need to do that - you can follow these docs (https://stripe.com/docs/payments/accept-a-payment-deferred), which don't require a client secret when the page loads