antonio-giano_code | Stripe Developers | Page 1

severe cipherBOT Apr 12, 2024, 3:41 PM

#

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1228369376751648798

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

patent pelicanBOT Apr 12, 2024, 3:41 PM

#

Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

antonio-giano_best-practices, 3 days ago, 27 messages
antonio-giano_code, 6 days ago, 18 messages

#

sick steppe Apr 12, 2024, 3:41 PM

#

Hello

#

If it is a PaymentIntent generated from a Subscription then the Customer object should be present

#

Do you have an example PaymentIntent ID that I can look at?

strong locust Apr 12, 2024, 3:42 PM

#

Sure, on moment. I am doing the same experimentaiton

#

#

The paymentIntent retrieved it via the clientSecret, however

severe cipherBOT Apr 12, 2024, 3:45 PM

#

sick steppe Apr 12, 2024, 3:46 PM

#

Ah you are retrieving client-side here. In that case, we only return a subset of properties because some of the data is considered sensitive. You can see what we return client-side by looking at https://docs.stripe.com/api/payment_intents/object and what has a retrievable with publishable key label

#

So instead you would want to pass the PaymentIntent back to your server and retrieve server-side using https://docs.stripe.com/api/payment_intents/retrieve

#

That will give you the full data, including Customer ID

strong locust Apr 12, 2024, 3:48 PM

#

Okay, got it. I am make this experiment

#

Given the sensitivity, can the idea of retrieving it via the back-end be considered equally harmful? Just to get an idea

dusky flax Apr 12, 2024, 3:55 PM

#

👋 Stepping in for my teammate

strong locust Apr 12, 2024, 3:56 PM

#

hello

dusky flax Apr 12, 2024, 3:56 PM

#

Not necessarily, since your server should be appropriately secured.

strong locust Apr 12, 2024, 3:57 PM

#

Why then is it not returned via Stripe, considering that the connection between front-end and stripe is HTTPS?

dusky flax Apr 12, 2024, 3:59 PM

#

It's not that the connection isn't secured, it's about who should be given access to what information. Anything sensitive should really only be retrieved/used by your server side code since only you/your app should have access to it.

strong locust Apr 12, 2024, 4:00 PM

#

Okay, got it

#

Thank you very much

#antonio-giano_code