#pez_api

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1220049730021625927

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

• pez_api, 2 days ago, 83 messages

Hello! What specific difficulty are you having?

This are the steps and error in my cli

The error message in that screenshot explains the failure.

Yes but it says my account is a connect account

However it’s not

If it is how would I disable it

When you go here what do you see? https://dashboard.stripe.com/connect/accounts/overview

Yeah, your account is set up as a Connect platform. I don't know if it's possible to undo that or not, but you can ask Stripe support if they can do it for you: https://support.stripe.com/contact/email

Why is it set as a connect account

How does it do this

At some point you enabled Connect on your account.

No i@built a stripe app

And also i need to do identity checks on behalf of my stripe application user

How can I securely@get the secret keys of a stripe account so that I can perform the identity checks for them on their account@

You built a Stripe App, but also separately at some point you enabled Connect on your account.

The Stripe App approach should let you do what you want with identity checks, but you need to either use a different account that's not a Connect platform or ask support if they can make your existing account no longer a platform.

Maybe because I was trying to figure out a way to test a connected account

For an identity check

This is through a stripe app I am building

I got an error before when I tried to make a request for an identity check on behalf of another account that was connected to mine

I am building a stripe apps onboarding app for marketplace that users who install the app can flawlessly onboard their customers and take their payment details for subscription. One of the steps that the app will do is to do identity check on customers of the app owner. My issue stripe identity verification does not seem to work when integrating it into stripe apps. I manually created a connected account to test the app as I am building but it appears the identity verification permissions do now work. How can I make this work. The error I am getting is;

invalid_request_error
Connected account impersonation is not allowed on this endpoint.

{
 "return_url": "http://stripey.localhost:3000",
 "metadata": {
   "user_id": "test_id"
 },
 "type": "document"
}
Response body
{
 "error": {
   "message": "Connected account impersonation is not allowed on this endpoint.",
   "request_log_url": "https://dashboard.stripe.com/acct_1Osu2fQ7oUnrnvkE/test/logs/req_xCS7i8zUb9q7jz?t=1710631166",
   "type": "invalid_request_error"
 }
}
Request POST body
{
 "return_url": "http://stripey.localhost:3000",
 "metadata": {
   "user_id": "test_id"
 },
 "type": "document"
}

Hm, hang on...

I thought maybe if i make the app public for testing I can try in from a different account install to see if this works

Ah, okay, so this won't actually work. Identity isn't compatible with Stripe Apps.

You won't be able to build what you want, unfortunately.

Why is that?

Because you can make payment requests

What if I have a field for user to enter their sk pk and then I encrypt it on my server and then decrypt it when I make a request

That won't really work. What exactly are you trying to build, at a high level?

Why not, because the only reason this fails is because the stripe does not give identity permissions through stripe apps but you could overwrite this if the user who installs the app is prompted to enter their keys in ui and then it gets encrypted on way to database

We could then make a request to identity by decrypting

Would this not work?

We don't want API keys to be entered in like that, for one thing. For another, Stripe Apps can't use API keys like you're describing. For another, Identity isn't compatible with Connect or Stripe Apps.

Even through oauth

There are many reasons why what you're describing won't work. However, if you can tell me what you're trying to build at a high level, without worrying about anything specific like Stirpe Apps or API keys, maybe I can suggest a path forward?

So it is an onboarding platform. So a user/business installs my stripe app. They then get a subdomain url page(this is already built) which they can then use seamlessly onboard their customers. First step is identity check, then payment details and a check for t’s and c’s

What are "t’s and c’s"? Terms and conditions?

https://davidphillips-onboard.co.uk/register

This is a prototype

Please register with dummy data and see what I mean

What is the onboarding for? What happens after onboarding?

We create a subscription or direct debit

Why is the onboarding required?

It’s for rental businesses

I work in this industry and this is in demand

Hi, taking over as Rubeus needs to step away. Let me catch up

This is the prototype

It does not look like what you're trying to do is directly possible at the moment using Stripe Apps. Could you not build a two step way of doing this? First, you build the identity verification portion on the web like: https://docs.stripe.com/identity/verify-identity-documents?platform=web and then, proceed to using Stripe Apps.

Would the user be responsible for the identity check? I want the checks to be done in their own account

Does it make sense

Not for it to cost me as the app owner

The cost would come from the account that is making the request to verify, https://support.stripe.com/questions/billing-details-for-stripe-identity. I do not know what you mean by 'user' in this case though. Are you referring to the 'user' as the connected account or the end customer who needs to have the identify check completed?

The business is the user

The connected account

And how would I do this dynamically

Because I would still need api keys for the stripe account

With connect, you do not need to have their API keys. You can instead use the Stripe Account Header, https://docs.stripe.com/connect/authentication to make a request on the account: https://docs.stripe.com/api/identity/verification_sessions/create. You should test this on your end.

Are there permissions for identity on connect?

I couldn’t find this earlier

For a grand father request

Because I thought connect and stripe apps have the same permissions

Yeah, those 'grandfather' requests are not allowed. I do not think that permission bit is right. Stripe apps permissions and the ability to make a request on your Connected Accounts using the Stripe Account Header are different.

So requests using connect account would work but not through stripe apps

Yes since Stripe Identity is not supported in Stripe Apps.

So not supported by stripe apps but connect works

I think your colleague had told me it’s doesn’t work

Yes, I recommend that you try making the request on your end as well.

So I am not sure

Hm, let me confirm

Ah, sorry I was very wrong here. Yeah, I get an error when I attempt to make this request.

Yeah, it does not look like what you're looking for is going to work here.

What error did you get?

Connected account impersonation is not allowed on this endpoint.

Same as my error

I will share this feedback with the product team for future product reiterations.

Or do you have to activate identity first

Sorry for steering you in the wrong direction there

No, that is not the case. It is explicitely not supported. I also confirmed with a teammate as well.

Ok so stripe will not allow sharing of api keys as an alternative? Maybe if encrypted?

No, I'm afraid not.

Any other suggestions

Of how I can build something close

Not that I could think of given that the this Connect flow is not supported. Unless, you want to make all of the Verification Sessions on your Platform Account.

Could i dynamically recharge these on?

It also looks like you're using Custom Connected Accounts. I thought you were using Standard Connect.

Yeah, in this case, you can create the Verification Sessions on your Platform Account. You can later debit the Connected Accounts, https://docs.stripe.com/connect/account-debits for the amount you want to charge them.

Would this make it better if it is standard connect

👋

In terms of Account Debits, no you can't do that with Standard accounts

Ok so I will just have to do the id checks and then pass on the charge

I didn’t even know I set up a custom account. Where do I see this

You would look at the accounts that you created. It states it in your Dashboard on the Connect page

You can also look at type via the API

Ok thanks I will try this this. Can you make stripe aware that they need to give permissions for identity to stripe apps

Yes we will file feedback about it, but my understanding is it is a security limitation with the Identity product so I can't guarantee that this will be supported.

They are missing out on key part of rental product businesses

It cannot be because it works for payment intent

Identity is unique in terms of actually collecting sensitive information from folks. But I hear you -- hopefully we can support it in the future. I'm filing feedback now.