#apeindex

I see this other thread here: #1117789061122359348 message

Hello! Can you tell me a bit more about what you're trying to do and what's stopping you?

And I've responded to this Github issue here: https://github.com/stripe/stripe-apps/issues/867

TL;DR - stripe apps upload doesn't work if you just have a manifest and don't have UI components

To be a little more specific about what I would like to do: I would like to make a bare manifest so that I can get an OAuth app set up in the Stripe UI, so that I can get the secret and start implementing the flows as documented here: https://stripe.com/docs/stripe-apps/install-links-oauth

You can't have no UI at all, you need UI for authentication at a minimum: https://stripe.com/docs/stripe-apps/build-backend#before-you-begin

I'm not sure I follow; authentication to what?

I'm looking to implement a normal backend-only OAuth2 client app flow - they don't typically require creating UI components in the OAuth provider service 🙂

The OAuth authentication process, so the user can give your app access to their account.

That appears to already be provided by stripe (documented here: https://stripe.com/docs/stripe-apps/install-links-oauth#use-install-link )

Oops, I sent you to the wrong link. My bad. Meant to send you here: https://stripe.com/docs/stripe-apps/oauth

Thank you for your help, but I'm still confused - that looks like Stripe is the OAuth client and I'd be the provider

I'm looking for the other way around; Stripe's the OAuth provider

I honestly don't know much about that beta. You should probably wait for an answer on the GitHub issue, or write in to Stripe Support for help with beta features: https://support.stripe.com/contact/email

Sounds good - I will do that, but if it's OK I'd like to nudge gently here, I don't think I've correctly articulated what I am trying to do such that we're understanding it the same way yet

Sure.

I think this has been a feature that Stripe has supported for a very long time, back through the Connect times and everything

This is super common on the internet; I am looking to import some data on my customers' behalf by letting them authorize an App we control to access their account

This would be fine, but step 1 is always "create the oauth app in the provider site, and get the client key and client secret", which seems impossible to do currently, even though Stripe is documented as supporting pure backend-only apps

There's no UI component that makes sense here; so I am hoping you can offer a way to provision an App which doesn't include a UI

(doc link: https://stripe.com/docs/stripe-apps/how-stripe-apps-work#backend-only-applications)

So I think the question is, how do I provision an OAuth App in Stripe, if stripe apps upload doesn't work without UI components?

So are you talking about what used to be a Stripe Extension? https://stripe.com/docs/building-extensions

Yes, that's correct.

From reading the documentation, it seems like Stripe intends this to still be possible, but just via Apps

It is, yep, and we have a migration guide linked from that page, but as far as I know a UI component is required.

Will Stripe approve Apps which just contain a blank UI?

(the problem I'm looking to articulate is that there's just no UI component that makes sense here as far as I can tell)

I could provide links to how other sites such as Google etc implement their OAuth Apps if that would clarify anything.

Typically a Stripe App would, at minimum, have a UI indicating what the app is doing, where it came from, kinda like an "about" page.

Ah, on other platforms those are config values in the OAuth App profile, typically called a Consent screen

I'll file a ticket, it also might be worth checking on this internally to make sure that it's the intent that backend-only apps must build their own consent screens / app profiles.

I checked internally and found others talking about this, and it sounds like a UI is required, but I'm asking the Stripe Apps team as well. Not sure when they'll be available to respond though, so a ticket is your best bet for a guaranteed response.

Thank you!

I'm going to step away, have a great evening and thanks for your time.