#techblogogy_api

👋 Welcome to your new thread!

⏲️ We'll be here soon! We typically respond in a few minutes, but in some cases we might need a bit more time (e.g., server's busy, you've got a complex question, etc.).

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1250514410124873910

📝 Have more to share? Add details, code, screenshots, videos, etc. below.

This was the guide I've mentioned https://docs.stripe.com/payments/payment-intents/three-d-secure-import

Will circle back. I need to find a colleague that's a little more knowledgable about this process.

@austere meadow Thank you!

Hello! That is not the correct approach for Apple Pay. You can't just decrypt a PK token and use that data as if it were any other card, and the cryptogram that you get isn't a true 3D Secure cryptogram, so you can't provide it to the API like that.

We recommend setting up a certificate in the Dashboard and sending us the encrypted PK token so we can decrypt it on our end.

You can then make a request like this:

curl -u sk_test_123: https://api.stripe.com/v1/tokens \
  -d pk_token=<PKPaymentToken.paymentData decoded as JSON> \
  -d pk_token_instrument_name=<PKPaymentToken.paymentInstrumentName> \
  -d pk_token_payment_network=<PKPaymentToken.paymentNetwork> \
  -d pk_token_transaction_id=<PKPaymentToken.transactionIdentifier>

Understood! I got that impression. But if I absolutely must send a decrypted token, because we're using multiple payment providers. Is there a way?

And then you can turn the Token into a Payment Method by passing the Token ID in the card parameter: https://docs.stripe.com/api/payment_methods/create#create_payment_method-card

There is a way, yes, but you would need to go through support to get approval to use that approach.

Got it! Then I'll try to get approval from support. Are the any special requirments for us that you know of to do that?

Alternatively if going the decrypted route is there a way to send you guys certificate and keys generated by us? and not just use the .csr from the dashboard?

I can't get into the details, but basically you need to provide significant justification for your use case and why none of the alternatives will work.

No, you have to use the CSR from the Dashboard.

Understood! Thanks for helping out!

No problem, good luck with it!

One more question from my end, it's not stripe specific, but maybe you know this about Apple Pay. Let's say we have performed a CIT with apple pay and got back network_transaction_id for our "US Legal Entity", but then we'd like to perform an MIT (for subscription renewal) on our "EU Legal Entity" entity by passing a vaulted DPAN + that original network_transaction_id. MID between these 2 entities is different. Would this kind of transaction be approved by the network?

It's possible it would be approved, but I would say it's unlikely to be approved.

Let me put it this way: I would never build something that did that. 🙂

Got it! But if the MID is the same, but the processor is diffenet, then would there be a problem?

Going beyond the transaction level outcome of authorized vs. declined, I would be worried the card networks would be upset if they found out I was doing that.

If the MID is the same I think you'd be fine, but honestly I'm not sure.

Thank you for sharing that! Sorry for going beyond the scope of this conversation.

No worries, we're here to help, it's just that we can't help with everything. 🙂

No harm in asking!