#stephenbnetn_api

👋 Welcome to your new thread!

⏲️ We'll be here soon! We typically respond in a few minutes, but in some cases we might need a bit more time (e.g., server's busy, you've got a complex question, etc.).

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1247964270377832516

📝 Have more to share? Add details, code, screenshots, videos, etc. below.

I promise i won't take much time from you i just want to make sure i understand how to proceed with the test to achieve what i have researched so far

Here is my outline for what i am going to attempt. This should make it very clear what i'm trying to achieve

Essentially my concern is that i still need to follow the steps to setup stripe connect to just test this solution and i have this working session tomorrow with the other company. Can this be tested without officially going through the stripe connect setup in the dashboard and verifying the company with documents and such?

You can use the test numbers from our connect testing doc to get setup, but you will still need to go through onboarding to do that: https://docs.stripe.com/connect/testing

okay great so i just use the business verification bypass values in this document and i'll be able to get through. THANK YOU. Anything else i should know, or will this allow me to be able to test the curl calls soon after with my key that i have already?

actually one more question. Both companies would need to ensure this is done i assume?

Once the connect account is created, you can start making cURL calls to it

If you use all the info from the test account, you should be pretty close to having a fully enabled Connect account, but you'll need to monitor it's requirements to make sure that there isn't anything outstanding: https://docs.stripe.com/api/accounts/object#account_object-requirements

Much appreciated. I may be back with a question or two on the calls. Should we leave this chat open or should i submit a new request if i have any questions then?

Just post in the main channel and our Discord bot will link this thread automatically

sure sorry one quick question

i am in this step of enabling the stripe connect and i am represented with these fields and one of them is registration. I don't see any value test valuess need to put in there for the account. Can i leave it blank or put anything?

That's the TIN: https://docs.stripe.com/connect/testing#test-business-tax-ids

I am getting an error when trying to add the test values in the banking section complaining that known test accounts can't be supported in live mode. I am in test mode current. ANy idea what i'm doing wrong?

maybe i'm misunderstanding what you want me to do but those values in that document is not working.

That looks like the activation form for live mode. An account created in test mode can be activated and used in live mode, so you'll want to make sure you're using the right workflows

okay so maybe i misunderstood what i need to do then. I have a stripe account and i have the test button toggled at the top right. I want to test making some curl calls to test stripe connect. Do i need to activate anything or can i simply send in this curl call to start testing?
o curl https://api.stripe.com/v1/accounts
o -u sk_test_netnation_secret_key:
o -d type=custom
o -d country=US
o -d email=incauthority@example.com

perhaps my account is already properly setup for a test?

That looks like it's just creating a Connect account. Once the account is created, you can perform actions on it in both the Dashboard and the API.

Also, I looked at your demo. Is this a new integration path for you? If so, why are you using OAuth and the Tokens API?

Let me be clear on what you're asking. Currently

we have a number of accounts in different states. WE have a fully tokenized account where we are migrating over to. And we have some partners still on our integration where we have the credit cards and we use Stripe to transact. CUrrently this account i'm trying to use is tied to our Dev environment that is being used with Oauth and Token api.
WHat we are trying to do is test a solution for when we are tokenized with this particular partner.

obviously i don't want to disrupt those other accounts so i'm using the dev account

What should i do in this case? Should i use this account and try to create a new account int he top left hand corner and then try to activate connect through it with those values

?

I guess I'm still unsure what you're hoping to achieve. If you're just trying to demo the creation and onboarding of a new Connect account to your platform with their first payment, and you must use OAuth and Tokens, instead of Account Links and Payment Intents, then this seems to be working as expected, no?

We are trying to prove the stripe connect feature where we can have company A (our partner) share their token with us (company B). Essentially we are a partnership but they receive the customer first and take in a payment. They securely redirect the customer over to us to choose their products and then we need a payment to process as well. SO currently we take the payment a second time from the customer

Does company A already have a Stripe account in this case?

in that integration the customer comes to our platform currently and sends us the credit card to our platform where we store it and then transact via stripe with the credit card on our platform still. We will be migrating off of this soon. Meaning we will fully tokenize with this partner

CUrrently the partner has no valid stripe account. Just a test stripe account

they started one up for testing this

That is why i wanted to create a test account and them create one and get on a live working session to make some curl calls to prove this will work

Right, but are you simulating a scenario where company A comes to you with a Stripe account they already created? Or are they just contacting you and saying "we want to partner" and you create their Stripe account for them?

THey will come to us with a stripe account

Okay, so you don't need to create a new Account for them. You just need to create a connection to their existing account: https://docs.stripe.com/connect/oauth-standard-accounts

and the idea was that we integrate this fully. ANd then when they get a customer passed through they will input their credit card into their stripe account with stripe connect passing the card as a token over to our stripe account. THey will also createa customer object to store the card in. WHen the customer gets over to us we will already have their card on file

When we spoke to the pci consultant and the stripe support they mentioned we CANNOT just give company A access to input cards i directily into our stripe account. We must use stripe connect. It would violate compliance

What charge flow are you using? Destination, Direct, SC&T?

https://docs.stripe.com/connect/charges#types

from what i can tell.. Direct

And what account is going to store payment methods?

Company A's account will call to create the token direct into our account and then attach a customer object to it as well so we can search it on our end when it comes time

Okay, so Company B is creating Customers, Payment Methods, and payments on behalf of Company A. Correct?

Other way around

we are company B. we are downstream

Company A will be the ones who will call with their stripe account access and use the direct method

And is this a net-new integration? Or are you using Tokens because there's an existing integration that's already using them?

Basically asking: how did you come to use the Tokens API?

net new

Okay, so you need to use OAuth to create the connection of the 2 accounts. Company A will create the OAuth link to connect the accounts: https://docs.stripe.com/connect/oauth-standard-accounts

Once that's done, you should use Payment Intents along with a payment surface (e.g. Stripe Checkout, Payment Element, etc.) instead of the Tokens API (since it's legacy): https://docs.stripe.com/payments/payment-methods/integration-options#choose-integration

Company A will need to authenticate themselves so that they can make requests on behalf of Company B, which is what will ensure that the payments are Direct:

• https://docs.stripe.com/connect/oauth-reference
• https://docs.stripe.com/connect/direct-charges

yeah in my document i posted above i show that what i think is the first call to create that account with Oauh. DOes this look right for the first step?

1. Create Connected Account:
   o NetNation sends a request to Stripe’s API to create a connected account for Inc Authority:
   o curl https://api.stripe.com/v1/accounts
   o -u sk_test_netnation_secret_key:
   o -d type=custom
   o -d country=US
   o -d email=incauthority@example.com

No. That creates a new account entirely

You need to follow the guide I sent you for connecting an existing account

And does this mean i don't need to set up anything further in the dashboard regarding the connect account? As long as i have a test account i can just make the curl calls, or do i still need to go through those fields and enter those test validation values?

oh i see

Company A will create the OAuth link to connect the accounts: https://docs.stripe.com/connect/oauth-standard-accounts

right. sorry i mean to post step two in my doc. SO this is the auth step?

2. Obtain OAuth Authorization:
   o NetNation redirects Inc Authority to Stripe’s OAuth authorization page:
   o https://connect.stripe.com/oauth/authorize?response_type=code&client_id=ca_1HXXXXXXXXXXXXXXX&scope=read_write
   o Inc Authority authorizes and NetNation exchanges the authorization code for an access token:
   o curl https://connect.stripe.com/oauth/token
   o -d client_secret=sk_test_netnation_secret_key
   o -d code=AUTHORIZATION_CODE
   o -d grant_type=authorization_code

Yup

great, just one more question then as i'm still very confused about the activating connect in the dashboard. DO i need to do this before i can make these curl calls?

As those values just don't seem to work in the activation flow, which leads me to believe this is onyl for setting up legitimate payment connect accounts

👋 stepping in as two-shoes needs to step away

okay thank you

You can only use those Connect testing values for testmode-only accounts which is why this doesn't work when going through an OAuth flow or attempting to activate an account

When connecting via Oauth, even if going through in test mode, you are still connecting a potential live-mode account

So you have to use "real" values.

That said, the account doesn't actually need to be enabled to make these test mode requests for testing.

oh great

thats all i am trying to do

However you will have to fill in "real" values during the OAuth flow

let me give a quick download what i'm trying to test and you can tell me what i'm missing here

I read the above

okay great

Everything you are doing seems fine

You just need to ensure you have what at least looks like "real" info (like a bank account) to be able to complete the OAuth flow and perform the connection

So currently with my test account in test mode when i go to run my curl requests right now it should work?

Yes it will work for any requests on that account or any Standard Connected Accounts that are connected to that account

What i wanted to test with the comapny A tomorrow was just test sending a test credit card through their stripe account using stripe connect and validate that we receive it on our stripe account. SO for me to do that will i need to enable connect through the dashboard?

No you will need to connect your account to theirs and then they would use their keys to tokenize the card on your account

You can never make requests from Connected Account --> Platform. Always has to be Platform --> Connected Account

right. SO for the test tomorrow. What would be the first api call to make? Would it be this?

2. Obtain OAuth Authorization:
   o NetNation redirects Inc Authority to Stripe’s OAuth authorization page:
   o https://connect.stripe.com/oauth/authorize?response_type=code&client_id=ca_1HXXXXXXXXXXXXXXX&scope=read_write
   o Inc Authority authorizes and NetNation exchanges the authorization code for an access token:
   o curl https://connect.stripe.com/oauth/token
   o -d client_secret=sk_test_netnation_secret_key
   o -d code=AUTHORIZATION_CODE
   o -d grant_type=authorization_code

or will it be somethign else. Actually maybe if you could point me to what the sequence of envents would be that would help

i get the feeling i am off

Yes that is the first thing to do. NetNation is company A, correct?

No, INc authority is company A

they are the ones who will send the token

Oh then no it is the opposite above

Inc authority redirects NetNation to the OAuth page they set up.

Let's pause for a second

okay

Do you care about doing exactly what you will end up doing. Or you just want to walk through what it will basically look like to show your partner?

Ideally we jsut want to prove that they can submit a credit card and it end up in our account tokenized

The easiest way to do this is to just do this all in test mode and create a test-only Standard account without messing with OAuth at all here

Okay yeah so I'd ignore the above

okay

great

You can set this all up ahead of time

Have you enabled Connect on your account yet in test mode?

(What happens if you go to https://dashboard.stripe.com/test/connect ?)

If its the process of going into the dashboard and clicking connect and enabling it, i've tried but It asks for legitimate values to verify which i can't supply right now

No it should not

You are likely trying to do that in live mode

Make sure you are in test mode, or visit the link above

oh thats different

i see values already fileld in

wait

What do you see if you go to https://dashboard.stripe.com/test/connect/accounts/overview ?

no... so when i go there i see this:

Click the Connect button on the left

Under Products

this is for overview:

Okay great

That's all you need to do for test mode

So now you can create an account

okay so i can proceed without finishing those 3 steps?

Yes since you are only using test mode

excellent

okay whe you say create an account you mean?

All you need to do is curl https://api.stripe.com/v1/accounts \ -u "sk_test_123:" \ -d type=standard

Replace that with your test key

okay and that will create a test account that will function as the representative of THEIR account right?

Nope, that test account would represent YOUR account

Since they are the platform

oh okay

well they will send the token to us. does that mean they are the platform?

Yes

okay good to be on the same termenology 🙂

👍

So go ahead and create that account right now

okay hold on

And then we can talk about the next steps

okay give me a second. i gotta go create a new key for this account as its new

The key is at https://dashboard.stripe.com/test/apikeys

yup.. just grabbed it. But i'm unfortunately only on powershell today so give me a second to figure out how to get curl onto this thing and powershell syntax

Hmm it sounds like you don't have an integration built yet to handle accepting card details?

well i do with our other account

maybe i should just use that?

i clicke on the menu on the top left and created a new account for this test but the key seems the same so will it matter?

The key shouldn't be the same if you are on a different account

But if you already have an integration with your other account then you could just pop in this account's key, or you could just use your other account.

Up to you

you are correct my apologies i saw it there and was confused since it was a new account. I guess you guys generate one automatically

Yep

this account is connected to our dev account though and we always use test tokens only to test. I don't think we have a legit bank accoutn connected to this account. Is that fine?

You don't need any legitimate information since you aren't going to use OAuth

okay so give me a minute sorry. WIndows aint my forte

All good

okay sent

StatusCode : 200
StatusDescription : OK
Content : {
"id": "acct_1POPYIQRVSqDXO1R",
"object": "account",
"business_profile": {
"annual_revenue": null,
"estimated_worker_count": null,
"mcc": null,
"name": null,
"product_descri...
RawContent : HTTP/1.1 200 OK
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Access-Control-Expose-Hea...
Forms : {}
Headers : {[Connection, keep-alive], [Access-Control-Allow-Credentials, true],
[Access-Control-Allow-Methods, GET,HEAD,PUT,PATCH,POST,DELETE], [Access-Control-Allow-Origin,
*]...}
Images : {}
InputFields : {}
Links : {}
ParsedHtml : mshtml.HTMLDocumentClass
RawContentLength : 3210

Alright so if you refresh your Dashboard you should see that account

i do

Great, so what you are trying to do here you can simulate completely through the Dashboard if you want.

Step 1: Click on the account and then click the 3 little dots in the top right of the page and click "View Dashboard as this account"

That will portal you into the Connected Account's Dashboard

You have limited viewing options (for instance you can't view/change most of the settings on the account) since this isn't actually your account but you can still make requests on the account via the Dashboard just like you would via the API

So Step 2: Click on the Customers tab on the left

Step 3: click "Add customer" and create a Customer on that account

Step 4: Click on the Customer in the Dashboard and you will see a section for "Payment methods" and a + button on the right side. Click that and click "Add card"

Step 5: Add a test card (like the 4242 test card)

And that basically simulates everything that is going to happen. The platform (Inc Authority) now created a Customer and tokenized a Card on the Connected Account (NetNation)

And now NetNation could charge that Card at their discretion

Everything that was just done via the Dashboard can be done programmatically via the API

okay so give me one second to just convert this in my head to api sequence calls to think about it

Yeah so that depends a little bit on the integration that Inc Authority uses to collect payment methods

That will dictate the actual API calls

because essentially i jsut added an account to my own account

but how would company A create this customer which is us in their account

How do they create the Customer object within your account?

(Step 3 above)

no i mean ... in these series of steps company A would be INC. And they are the ones with the credit card that want to pass it to our account. So from what i see here. THey would have to make the call to create the account that represents our account no?

No, that is the OAuth part

That is what we are ignoring just for this testing to make it easier

right but assuming that the Oauth part is setup in a final solution

Then yeah they use OAuth to connect your account in place of the step above where you created a Connected Account

so assuming they get their account verified and they are able to make the appropriate calls

and that would be the first step right?

Yes, that would replace the account creation that we did initially

they create the OAUTH API call which we then respond to

and then effectively on their side they will see us as a connected account

They create an OAuth link which redirects you to the OAuth flow. This: https://docs.stripe.com/connect/oauth-standard-accounts

You've been excellent! Thank you!

Sure

i could simulate the api calls too though tomorrow right. I jsut would have to make the api calls to my own account

Yep for sure

The only difference is that you can't pass raw PANs via the API

meanig after i created the connected account to my own account i would be able to do these two steps right?

3. Create Payment Token:
   o Inc Authority uses the access token to create a token in NetNation's Stripe account:
   o curl https://api.stripe.com/v1/tokens
   o -u sk_XXXXXXXXXXXXXX:
   o -d "card[number]=4242424242424242"
   o -d "card[exp_month]=12"
   o -d "card[exp_year]=2024"
   o -d "card[cvc]=314"
4. Store Token and Create Customer:
   o NetNation uses the token to create a new customer in their Stripe account:
   o curl https://api.stripe.com/v1/customers
   o -u sk_test_netnation_secret_key:
   o -d "source=tok_1HXXXXXXXXXXXXXXX"
   o -d "email=customer@example.com"

Ah no that won't work unless your account is approved to pass those raw PANs via the API

ah i see so bank account attached

and only company A would really need that right?

i mean we will have it anyway

No bank account doesn't need to be attached. You need to be explicitly approved. See: https://support.stripe.com/questions/enabling-access-to-raw-card-data-apis

but for this, they are the ones doing the api calls so they would need it. AND PCI compliance right?

Yes

Ah i see. So compliance is checked

fantastic thanks

👍

Appreciate your time. And tell @tropic creek i say thank you! 🙂

have a good day