#_kevinx

Good morning Karbi

I'm testing the standard account onboarding

after the phone auth, the screen just flashes an session expired popup, then returns the flow to refresh url, so fast that I had to do it few times to capture what it was

Hmm... do you have a screenshot or a video showing this?

let me see if I can produce one

Here is the screenshot, after I put in the Stripe verfication code from my phone, it flashes this screen and sent the flow back to the refresh url

Is this something you're getting across multiple accounts while testing? Or is it somethign you can only reproduce with a single account (and can you share that account ID here)?

let me try another account and see

acct_1NlbNb2U8IhOo3bJ

There is also this error in the console when redirected to the account onborading url

DevTools failed to load source map: Could not load content for https://sourcemaps.corp.stripe.com/manage-statics-srv/connect-flows.vendors~durable_connect_onboarding~durable_custom_onboarding~durable_express_onboarding~durable_link~06e6ed46.7a53ecdaaac1e7b92d95.min.js.map: Certificate error: net::ERR_CERT_COMMON_NAME_INVALID

So you're seeing it happen on mulitple accounts?

Let me see if I can reproduce on my end as well

Thanks

I just tested a second account by using a different email address, this is the end of the onboarding flow

Well, I reproduced the same result on the second testing email, if I onboard the same email address again, it will behave the way saying session expired and kicks the flow into refresh url

Hmmm... it's not something I've been able to reproduce at all on my end

Does this happen across multiple browsers? What happens if you try in incognito/private browsing

let me try incognite

it is the same thing in incognite

same behavior

if you onboard the same email the second time, it will show the session expired popup and kick the flow back to refresh url

Here is the code I'm using btw

seems this is something stripe uses to prevent the same email address onboarding twice or have two account id

Are you just logging in with the same email tied to your platform account? Or are you using a different email?

I tried both same email and different email, the outcome is the same

Here is the video record

Hmm... I think this is happening because the email you're using is tied to some accounts that have since been deleted and it's causing things to fail on our end

I have two testing emails and they are the same, what do you mean tied to some account and been deleted

For the emai you used in the video I can see that it's been tied to a few different standard accounts, two of which were deleted

Do you have the other email you were testing with?

I only have two testing emails, do you have a testing email that I can try lol

I never deleted any account btw

who deleted them

Let's focus on the main question for now

What's the other email you were using to test this out with - I just want to see if my theory on the deleted accuonts still holds up

kevinsuntopdev@gmail.com

forkevinsun@gmail.com

these are the two testing accounts

I logged in forkevinsun on the platform

tested 66 times, only 5 completed, 61 restircted

all using these two emails

Yeah I'm really not sure what's going on here and you have so many tests happening that it's hard to really pinpoint what's wrong - it's very possible that you've gotten your specific account logins into a bad state because I'm not able to reproduce what you're seeing at all

At this point, I think you should write into support (https://support.stripe.com/contact) and ask them to flag to the product team to take a closer look and see if they can find the specific issue

it's test mode, for testing purpose right, 66 is not many lol

what do you mean logins into a bad state

can you help me understand how stripe handles the sessions here, why does it say session expired

Hi there 👋 jumping in as my teammate needs to step away. The main reason I'm aware of for sessions getting expired, is if they've already been accessed before. Is there a possibility that you're surfacing the same Account Link URL more than once?

I don't think so, because the account id is different

so no, it's not the same account link URL

Can you set the return and refresh URLs to different values, to try to get a better understanding of which one you're being redirected to?

Yes, already tested, it returns to the refresh url

Gotcha, then I would recommend setting that refresh_url to a URL that will try to generate a new Account Link if it's hit, and then try to redirect your user to the newly created URL. While I'm not exactly sure why you're being sent to the refresh URL in your testing, the purpose of that parameter is to have a recovery flow that can automatically create new Account Links if a previously created one has been expired.

ok, thanks, do you have an example of how to achieve that

what if it loops back to the same refresh url

That would be my primary concern, and I am curious is if that is the behavior you would encounter or if subsequent links would work as expected.

I don't have an example of that offhand, but roughtly I'd imagine that being an endpoint on your server that accepts an Account ID, generates an Account Link from a backend server request, and then respond with a redirect to the newly generated URL.

to generate a new account link when that refresh url hits, we need to setup an api to run the same code again, and not sure if the output will be different if these code run twice by server

Our API will provide your server with a fresh URL each time you try to create an Account Link.

ok, let me try it

I've also been trying to reproduce the behavior you're seeing, but have been unable to do so thus far. So I took a closer look at the video and saw where the email address was being provided as well as when the session was being shown as expired. I'm less convinced that is caused by an integration issue (though I would still recommend setting up the refresh URL), and instead think it may have something to do with your account. That part of the flow is doing a sort of account lookup, and I'm thinking something isn't going as expected there. That's not a flow my teammates or I am too familiar with, as we mostly focus on the API, so I'm also thinking the best approach here may be to reach out to our Support team for a deeper investigation.

an example would be very helpful for doing the refresh url setup

in React

Never mind, thanks

Were you able to resolve this? Was still trying to look in to this issue and reproduce on my end

seems it is the refresh url issue

once it goes to refresh url, then things work

Interesting, so the first time they visit the link, the redirect happens after the SMS code is entered, and then the page works the second time around?

there must be some settings in this work flow that prevents the same email being used twice

so if you use the same email, sorry, go back where you were lol

Thanks for the help and time !!