#xfechx_error

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1222868238417924097

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

hi! what error?

Hi @faint willow

{"error":{"message":"Cannot onboard via express oauth due to gated access.","code":"forbidden"}}

Not sure what is the problem

yeah, https://docs.stripe.com/connect/oauth-express-accounts is disabled for new accounts since it's been deprecated

if you have a specific need to use this you could contact https://support.stripe.com/?contact=true but otherwise you should be using the Account API + AccountLinks.

I agree the error message itself is terribly unclear and unhelpful though

what do you mean Account API + AccountLinks

I need some guidance, because all the sudden my working code does not work

I need to connect express accounts to my application

how do I do this?

https://docs.stripe.com/connect/express-accounts

are you doing this on a new platform account than what you were using?

I don't understand the question, can you rephrase?

I have used this code before on other platforms, and it worked

now this code brings this error on this platform, yes, very annoying

so your answer to my question is yes, it's an new platform

I need to be rewritting code so often for stripe functionality

it's frustrating

per my previous reply

yeah, https://docs.stripe.com/connect/oauth-express-accounts is disabled for new accounts since it's been deprecated
and to quote the relevant section
OAuth isn’t available for new Connect platforms. For new accounts, use Accounts API with Express instead. Extensions shouldn’t use Express OAuth, as extensions can’t connect to existing Express accounts. If you need access to OAuth for Express accounts, please contact support.

I am confused

I just need it working, do I have to write new code again to use a new method?

Or do I need to contact support?

I rather just write new code

you can either write new code or each platform that wants to use this approach going forward needs to write to support to request that it's enabled for them

but don't understand what is the difference, etc.

yeah, write new code is probs best way

but need to know now which code will last for long time

not like last time

Can I possibly know, which capabilities an account has under a live platform, so that I can then write code using the exact same capabilities

?

I can give you the connected account id, and platform id

Express OAuth lasted for years (2017->last year) and was deprecated last August with comms being sent to existing platforms using that approach.

https://docs.stripe.com/api/capabilities/list

sure, there is no point for me discussing how that is frustrating for developers... nothing will change anyway.

no but I need specific capabilities already set to a connected account

not the api reference

would you help me with that?

please

That's not true, my team raises frustrations on behalf of developers every day and we do advocate for you and have done successfully. I empathise but I'm just explaining the context in case you're interested.

sure, you call that API on the specific account you're interested in.

are capabilities allowed by default?

I would like to keep it as simple as possible

the code

but with most capabilitites

make sure to read https://stripe.com/docs/connect/account-capabilities
generally you should pass the list of capabilities that you want your accounts to have when you call the Account Create API.

If I use this,

$stripe->accounts->create(['type' => 'express']);

which capabilities does it have by default, does it have payments and transfers?

it's defined by what you set in your Dashboard settings on https://dashboard.stripe.com/test/settings/connect/onboarding-options/countries

in the example I sent you, there is no business_type, for example

indeed. The user would pick the business_type during the onboarding. None of that is different from how it works in OAuth if you didn't specify it in the URL parameters of the link.

with the object I sent you, I need to know what capabilities were set on the code

something like reverse engineering

is it possible?

Also, what is refresh_url

sure, there's a list right there of all the capabilities(data.map(x => x.id) ) that the account currently has, not sure what's blocking you.

https://docs.stripe.com/connect/express-accounts#refresh_url

blocking?

I only want to know which capabilities were set by the app that connected that account, so that I can replicate exactly the same capabilities

you can't, you can only see the capabilities it has now

overall the request doesn't make sense to me. You decide what capabilities you want the account to have, based on how you run your business and what payment methods you intend to support, I don't think it's necessary to look at specific examples of existing accounts as a complete source-of-truth. I'd recommend raking a step back to look at it more holistically.

I am getting an error

actually I can't seem to create the URL

the account link

    include('stripe.php');
    $stripe = new \Stripe\StripeClient($secret_key);
    $stripe_account = $stripe->accounts->create(['type' => 'express']);
    global $wp;

    $stripe_account_link = $stripe->accountLinks->create([
        'account' => $stripe_account->id,
        'refresh_url' => add_query_arg( $wp->query_vars, home_url( $wp->request ) ),
        'return_url' => add_query_arg( $wp->query_vars, home_url( $wp->request ) ),
        'type' => 'account_onboarding',
    ]);

    echo '<a class="stripe-connect light-blue" href="'.$stripe_account_link.'"><span>Connect with Stripe</span></a></p>';

}```

wouldn't the url to put in your <a> be $stripe_account_link->url ?
https://docs.stripe.com/api/account_links/object#account_link_object-url
https://docs.stripe.com/connect/express-accounts#redirect-link:~:text=account link URL-,An,contains a url,-. Redirect the account

is that the problem? I'm not clear what specific error you have.

Yes, now it works

I need help onto how to save the stripe_user_id, after the onboarding

sorry - I know how to save it, but I need to know where to obtain it during the express onboarding

stripe_user_id is just the account ID, so it's $stripe_account->id and it's immediately available as soon as you create the account

but, I should only be using that after the user successfully connects their account, right?

well it depends. One of the advantages of this flow is if the user doesn't finish onboarding they still have an acocunt, and you can save its ID and just create a new AccountLink for them to get back into it.

I would say you should use/save it now(when creating the account) , since you need it to handle the account.updated webhook events

problem is that my app exactly checks for if exists user meta 'stripe_user_id' for allowing to create items (invoices, subscriptions, etc)

If I add the user meta on that step, and they do not finish onboarding, it will bring more problems.

So I would like to save the stripe_user_id user meta perhaps after they complete onboarding?

yep, it would require some changes(like only marking them active in your database after they finish the onboarding, through the account.updated webhook and/or logic on the reuturn_url page)

a LOT of my code only checks if stripe_user_id is present, to bring connect capabilities...

I rather keep it like that, and just workaround this new changes for express connect.

but then, how will they complete onboarding if for example they leave their onboarding halfway

how can I make sure that their stripe connected acccount is usable/finalised onboarding? what do I need to look for?

they'd come back to you, you'd authenticate them and see you already have an account ID acct_xxx for that user in your system, and you can create an AccountLink for that account instead of creating a new one.

https://docs.stripe.com/connect/express-accounts#handle-users-not-completed-onboarding
https://docs.stripe.com/connect/handling-api-verification#determine-if-verification-is-needed

retrieve the account, look at charges_enabled/payouts_enabled and the status of capabilities.

is charges_enabled on the root of the account object?

👋 yes

thanks

what event should I listen to, for webhooking, rather than relying on the user completion using browser? because in the case they abandon the session....

account.updated

That fires any time anything on the account object changes, as well as when the account is created

So you use that to keep your database updated on the latest state of the account

but account.updated and what else should mean a successfull onboarding? charges_enabled ?

Yep when charges_enabled and payouts_enabled are true then the account is onboarded and can currently accept charges/payouts. If you want to look deeper, you can also look at the requirements hash (https://docs.stripe.com/api/accounts/object#account_object-requirements) which could also indicate whether there could be future requirements that aren't disabling the account at the moment.

If the requirements hash is completely empty then the account has completed all necessary requirements and is fully onboarded

so I have the following code:

    global $wp;
    include('stripe.php');
    $stripe = new \Stripe\StripeClient($secret_key);

    $user = wp_get_current_user();
    $connected = get_user_meta($user->ID, 'stripe_user_id', true);

    if(!empty($connected)){
        $stripe_account = $stripe->accounts->create(['type' => 'express']);
        $stripe_account_link = $stripe->accountLinks->create([
            'account' => $stripe_account->id,
            'refresh_url' => add_query_arg( $wp->query_vars, home_url( $wp->request ) ),
            'return_url' => add_query_arg( $wp->query_vars, home_url( $wp->request ) ),
            'type' => 'account_onboarding',
        ]);
        echo '<a class="stripe-connect light-blue" href="'.$stripe_account_link->url.'"><span>Connect with Stripe</span></a></p>';
    }
        
        
}```

App will listen to webhook event: account.updated and check if charges_enabled, if true - it will save stripe_user_id in the user meta. If false, it won't save it, but then, when the user goes back to the page where it was asked to do stripe connect, it will start the whole process again.. is this an ok design?

It is okay but a much worse experience for your user

I would recommend what my colleague recommended above -- store your user as soon as the account is created. Then authenticate them when they return and create a login link so they continue where they left off instead of refilling information

yes, but that brings another problem. If the user has it's user meta already with stripe_user_id, but for some reason it has incomplete onboarding, then app will allow that user to attempt to create invoices, subscriptions, payment links, without their account not event filled up. I have to work around things I already have built, and this came to surprise to me that my old solution doesn't work all the sudden with new platforms.

I would have to change a LOT of the logic of all my stripe code, because now on every function, instead of just checking for stripe_user_id, I would need to check for TWO values, if it exists, and if it is completed

might as well just give users a bit worse exprience, in this case.

Up to you. I'd recommend refactoring -- shouldn't be that hard imo to check both that the account exists and the status of the account. But obviously I don't know what your code looks like

too much work right now for this little change, i only wanted to express connect. I also have this code replicated in many places, meaning that change would need to be backwards compatible

Stripe didn't make backwards compatibility with old connect solution

what happens when a express onboarding is not finished, and user uses same email and phone?

It won't let them create another account with the same email + phone

then, that is another problem

so frustrating

Yes, however, if they don't complete onboarding you could delete the account which would then let them create another with same email + phone

Just can't have two accounts connected to your platform where that is the case.

how can I delete the account, otherwise accounts will be left there like debris

https://docs.stripe.com/api/accounts/delete

and how does my app know that account onboarding was incomplete?

I already know for completeness, but for incompleteness (i.e to delete)???

You would have to determine an amount of time from when the account was created but was not enabled. Nothing will indicate that explicitly that your user left the onboarding flow.

If you want, you can reach out to our Support team via https://support.stripe.com/contact/login and see if your new account can be added to the ability for OAuth. But at some point you will have to migrate to the new flow.

yes @faint willow mentioned that, I have many new ongoing stripe platforms onboard

it will be a pain to have to reach support each time

Yeah it definitely isn't sustainable. I just mean if you want a bit more time to do a proper migration, which would involve actually tracking the account from its inception

I am thinking that then webhook is not the way

I need to kind of replicate oauth in some way for now

so need to have validation after return_url

validate if charges/payouts enabled

You can do that but you may run into scenarios where the user completes onboarding but doesn't actually make it to your return URL

otherwise, delete the account

Like they could close the window right after onboarding completion

And before the redirect completes

And you would never know

Webhooks are really the only way to catch this

lol, that would be their problem

yeah but then I won't know about incompleteness

and to use timing, then i need to go into cron, etc. etc.

How would it be any different in terms of incompleteness?

too complicated right now

if i do it through webhook, it is on the backend, it doesn't depend on user finalising on the same screen they started

so i will need to give the responsibility to the user to finalise the whole procedure

rather than my code to see if they left halfway

i am in a catch 22

when users come back to return_url, does the url have any inline variables on the url?

If you aren't going to create account links for returning users then I don't really see the difference at all. Of course it does require a Webhook handler to ingest the data, instead of passing it from your frontend, but in both cases you can't tell when a user doesn't complete onboarding

or how will my app know that the user has returned?

You would append to the account link

to the return URL I mean

ok, so basically if return_url/?complete=true, then it means that onboarding was sucesful no?

So like you can include their account ID as a query param for instance

Yeah

I think i might have a solution

i could just create a new stripe_user_id_incomplete

in the user meta

and just check for it, if it exists, then use account link, for user to continue creating their account. If webhook determines that onboarding is complete, then delete stripe_user_id_incomplete and copy to stripe_user_id. Then all of my other code will keep working the same. And I can still have users leaving incomplete, and if they complete all will work out the same.

Ah yeah that's smart and should work so that you don't have to mess with your other code

yes! crazy, haha, thanks a lot

For the webhook, do I need to access the event as a connected account?

or how can I access the event?

how would i know that it comes specifically from an attempt to connect an express account?

You create a Connect endpoint on your platform: https://docs.stripe.com/connect/webhooks

yeah, that one is already there

Okay then yeah you would look at the account properties to understand whether it is an account currently being connected or not. One way to quickly tell that is to look at details_submitted (https://docs.stripe.com/api/accounts/object#account_object-details_submitted)

That will change to true once the account has completed onboarding

with $stripe->account->retrieve()

do I need to pass the stripe id of connected account?

Yes

ok, so just like any other connected stripe function

No you pass it directly as a parameter, not using the Stripe Account header

So it is just $stripe->account->retrieve('acct_123')

From a glance that looks fine. Mostly recommend testing it out thoroughly in test mode

my question is now about this 'type' => 'account_onboarding',

when user is continuing onboarding, will that affect in any case?

No that is the correct thing to use if they haven't completed onboarding

You would use 'type' => 'account_update' if they already completed onboarding and needed to update something. But for Express they can also just login to their own account to do that.