#abbas-connect-oauth

Hello! We'll be with you shortly. Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

• thefirstharpy, 2 days ago, 19 messages

Hi 👋 no, as far as I'm aware there is no way to filter Connected Accounts based on how they were connected to your Platform.

like i have the connected account id

and when i call this api https://api.stripe.com/v1/accounts i dont see it?

Can you elaborate? Are you adjusting the limit and/or paging through all the results to make sure you look at all of your Connected Accounts?

i want to see if this account is connected to me or not

also in future i might need to display a list

You're using the right endpoint then.
If the Account ID is not in the list of Connected Accounts, then it is not connected to your Platform.

im using this: https://stripe.com/docs/connect/oauth-standard-accounts

I'm sorry, I'm very lost. What are you trying to ask here? If the Account ID you have is not returned when you list all of your Connected Accounts (including paging through all results) then it's not connected to your Platform. Do you think you have an example that contradicts that, can you share more specifics?

ok sharing

not found on this list

not here as well

What is the Connected Account ID you expect to be connected to your Platform, and what is your Platform Account ID?

is sharing them okay here?

Yes, they aren't sensitive, but if you'd rather share them in a private discussion you can discuss this further with our Support team in a ticket:
https://support.stripe.com/?contact=true

👋 hopping in here since toby has to head out soon - give me a minute to catch up

abbas-connect-oauth

sure

So it looks like you mistakenly re-used the same authorization code you got from the oauth flow twice. We mention this in the note here (https://stripe.com/docs/connect/oauth-reference#post-token-request):

Per OAuth v2, this endpoint isn’t idempotent. Consuming an authorization code more than once revokes the account connection.

how did you check that?

i removed a previously added account via deauth

then created and oauth link, where i created a new stripe account

which then i passed to this

        grant_type: 'authorization_code',
        code: code,
    });

Is it posisble you accidentally visited the redirect URL twice and you have logic that automatically pulls the code and makes the authorization request? We have logs on our end that clearly tell us the same code was used twice (which is how I'm able to pull that so quickly)

since i dont have a front-end yet, when the success url hit, it resulted in not found, i then ran it from postman

Hmm... from the logs I don't actually see it being done through Postman - looks like it's happening with the node client library?

yes

my backend is on nodejs

but the success url is a un-secured get request i.e without jwt

ideally it would hit a deployed site which will take out the necessary params and call my node api with jwt

@median ivy I do think right now your code is causing the disconnection and that's what you need to check/track. Add logs before/after any call to try and figure out what's going on

what is meant by disconnection here?

You are a platform. You are asking an existing Stripe account to connect to your platform via OAuth. The last step of the flow is to finialize the connection with the OAuth Token API. That is what turns the ac_1234567 you get in the URL during the redirect and finishes the connection to give you access to their Stripe account.
The problem is that if you make that specific request twice it will disconnect the account immediately. That's what's happening here

you mean this one

yes

any ideas on how to not do this. as mentioned above, i have a rest API that uses JWT , without the jwt in header i cannot save the returned id in the db

yeah I don't really mean what any of those words mean in the sense of what's blocking you. Like what you need to do is make the call you took a picture of only once

ok so..

when i generate the OAuth, I pass success_url and reauth_url.

no you don't

there's no such thing as a "reauth_url" with our OAuth+Standard accounts integration

the success_url when called has code

ok wait

yes you are right

i do this

please don't post pictures of code.

i generate the oauth link

which has redirect_uri

sure, so what's the problem?

when onboarding is complete, and redirect_uri is hit, it has a code

then i call this

        grant_type: 'authorization_code',
        code: code,
    });```

which gives me a stripe_user_id so i can store it in db

but i need the ID (of the user on my db) so i can store this on their account (on my db)

is there a way to attach a header to the redirect_uri ?

no it's impossible to attach a header to that URL in any way. You basically have to special-case your logic/code. Usually we recommend using cookies/a session so that you know who they are when they come back

how can i see updated logs?

what does that mean "updated logs"?

but when i hoved i can see my time

I don't know what those words mean

what does "when I hoved" what does "I can see my time" mean?

can you tell by which url i can filter that call, the one you were talking about

thats being called twice

ah gotcha, it's impossible, that call will never appear there

So really you, as the developer fully controlling the code, have to add clear logs to your own code so that you can track it down

gotcha

and i gotta do the whole process again 😩 ?

what is "the whole process again" exactly?

the adding of stripe account

ok so, ive done that

can i post screenshot?

of the response im now getting

you should be able to write text developer to developer instead of pictures

you're very strict

this call generates the oauth link
request completed POST 200 /admins/stripe/link-account/init 184ms

then when the redirect_uri is hit on my server, i get this reponse, which is expected as no jwt
request completed GET 401 /admins/stripe/link-account/success?scope=read_write&code=ac_PX2SYn2nScKxQnWVHeWEISx745N735VY 3ms

you're very strict
yes! We help dozens of developers a day, I help 8 separate people right now in parallel. So having you be crisp and clear when you ask exact questions is how I can help you best

As far as I can tell, that ac_PX2SYn2nScKxQnWVHeWEISx745N735VY you did use it

i didnt mean to come off as rude

i really appreciate any and all the help

oh I don't think you're rude at all, I'm just explaining why I'm strict. I know it can be annoying when trying to get help

i hate this helpless state im in, im usually solving others problems

How did you connect that specific account? Did you use Postman again?

yes

then i use the response.stripe_user_id and save it to DB

yeah that's when you make the connection

so now im stumped, where is the duplicate happening?

and as far as I can tell it worked. Like right now that Stripe account is connected to your platform as expected

😱

the problem you had earlier is you had a bug somewhere where you make the /oauth/token call twice by mistake and it disconnected immediately

but here I see you go through OAuth and call it only once and the account is connected right now

if you made the exact same call again right now then it's immediately be disconnected

lol

ok so i have to block this call

yes

ok i just checked

i blocked it, and checked the v1/accounts call, and its showing

nice!

my advice: add logs before/after that specific call.

Then go through OAuth a few times and check if you ever get those logs twice (that's what causes the disconnection)

oh there will be logs. EVERYWHERE

so i hit it again and thankfully Authorization code expired

tysm koopajah 👍

all i need for payments and other stuff is this connected_account_id and no other ID. yes?

yes

thanks again