maykr_api | Stripe Developers | Page 1

ocean heraldBOT Aug 12, 2024, 9:35 AM

#

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1272488545411399744

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

north sage Aug 12, 2024, 9:36 AM

#

hi! not entirely sure what you mean. You want the API key of the merchant account who installs your app?

fringe cove Aug 12, 2024, 9:36 AM

#

yes

#

is it possible?

north sage Aug 12, 2024, 9:39 AM

#

yes but is there a specific reason you want to make it more complicated and require storing and securing a bunch of secret keys(one for each installed user) instead of just one(your account's, and then using the Stripe-Account header) to make requests?

what you're looking for in any case is either the OAuth or the Restricted API key approaches : https://docs.stripe.com/stripe-apps/api-authentication both of which can give you an API key that can be used to call the API on behalf of the installing account.

fringe cove Aug 12, 2024, 9:44 AM

#

north sage yes but is there a specific reason you want to make it more complicated and requ...

so my existing backend that syncs the data uses a api key so i was thinking of having it integrated inside so users can just install the app and not need to deal with adding keys and whatnot.

I checked the doc for restricted api key auth, and it seems that

After the app is installed, it generates a restricted API key provisioned with the proper permissions.
The user copies the generated keys and provides them to your site.

is there a way to get this automatically besides them providing it manually?

or is oauth better choice here?

north sage Aug 12, 2024, 9:44 AM

#

yes, the automatic way is OAuth

fringe cove Aug 12, 2024, 9:46 AM

#

Ok thanks mate, also on this side note, what is the way to add a webhook endpoint when the user installs the app?

ocean heraldBOT Aug 12, 2024, 9:48 AM

#

north sage Aug 12, 2024, 9:49 AM

#

I think if you're using the OAuth approach there's not really a need for a webhook since your server is actively involved in completing the installation so you'd know at that point it's installed

you can also use a Connect Webhook and listen to account.application.authorized https://docs.stripe.com/stripe-apps/events#app-events

crystal spindle Aug 12, 2024, 9:51 AM

#

👋 taking over for my colleague. Let me know if there's any follow-up Qs I can answer!

fringe cove Aug 12, 2024, 10:06 AM

#

north sage I think if you're using the OAuth approach there's not really a need for a webho...

actually we have webhook to get new data from the user via a endpoint, but more for this events, how would i actively read it for new data? (I want to create a webhook endpoint to read on my url when the app is installed) we are already reading the events data, if i am being confusing let me know.

crystal spindle Aug 12, 2024, 10:09 AM

#

I'm not sure I follow

#maykr_api