#anand190_unexpected

1 messages · Page 1 of 1 (latest)

swift iceBOT
#

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1273881367859560449

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

proud vault
#

Collecting raw card number is only allowed if you are PCI Level 1 compliant or has PCI DSS Attestation of Compliance: https://support.stripe.com/questions/enabling-access-to-raw-card-data-apis

If you're not in any of them, I'd recommend using Payment Element to collect card information: https://docs.stripe.com/payments/accept-a-payment?platform=web&ui=elements

Enabling access to raw card data APIs : Stripe: Help & Support

Find help and support for Stripe. Our support site provides answers on all types of situations, including account information, charges and refunds, and subscriptions information. Get your questions answered and find international support for Stripe.

Accept a payment

Securely accept payments online.

rain notch
#

Hi River Thank you for information ,let me check

proud vault
#

Can you share the request ID (req_xxx) with the error? Here’s how you can find it: https://support.stripe.com/questions/finding-the-id-for-an-api-request

If Payment Element is used, this error shouldn't be thrown

Finding the ID for an API Request : Stripe: Help & Support

Find help and support for Stripe. Our support site provides answers on all types of situations, including account information, charges and refunds, and subscriptions information. Get your questions answered and find international support for Stripe.

rain notch
#

Sure

#

Request Id: req_1pu1iXC1x7byN0

proud vault
#

You are not allowed to collect raw card information and pass to API unless you fulfill the criteria in this support article: https://support.stripe.com/questions/enabling-access-to-raw-card-data-apis

Enabling access to raw card data APIs : Stripe: Help & Support

Find help and support for Stripe. Our support site provides answers on all types of situations, including account information, charges and refunds, and subscriptions information. Get your questions answered and find international support for Stripe.

rain notch
#

just moment

#

public function getClientSecret(Request $request)
{

    $validator = Validator::make($request->all(), [
        'user_id' => 'required',
        'sow_id' => 'required',
        'isLiveKey' => 'required',
    ]);

    if ($validator->fails()) {
        return Response::json(['status' => 400, 'message' => $validator->errors()], 400);
    }

    $sow = ScopeOfWork::with('projectuser')->find($request->sow_id);
    $createrId = $sow->project->user->id;
    $connectedAccount = StripeConnectedAccounts::where('user_id', '=', $createrId)->first();
    $connectedAccountCustomer = StripeConnectedAccountsCustomer::where('customer_user_id', '=', $request->user_id)
                                                                ->first();
    $intent = $this->stripe->setupIntents->create(
        [
            'customer' => $connectedAccountCustomer->stripe_connected_account_customer_id,
            'automatic_payment_methods'=>['enabled'=>true],
        ],
        ['stripe_account' => $connectedAccount->account_id]
    );
    return Response::json(['status' => 200, 'data' => ['intent' => $intent, 'account_id' => $connectedAccount->account_id]], 200);
}
#

This is my code for create getClientSecret .

#

and then redirect on strip portal or Stripe Elements.

#

@proud vault are you there. ?

proud vault
#

This is a public channel and discord can be busy. We will take some time to respond

rain notch
#

Okay noted

proud vault
#

https://dashboard.stripe.com/logs/req_1pu1iXC1x7byN0 was created from https://docs.stripe.com/api/payment_methods/create

Stripe Login | Sign in to the Stripe Dashboard

Sign in to the Stripe Dashboard to manage business payments and operations in your account. Manage payments and refunds, respond to disputes and more.

Create a PaymentMethod | Stripe API Reference

Complete reference documentation for the Stripe API. Includes code snippets and examples for our Python, Java, PHP, Node.js, Go, Ruby, and .NET libraries.

#

Could you share where this is been used in your code?

#

This didn't use Setup Intent, but Payment Method Creation API

rain notch
#

I'm not using this method, as we haven't changed from our platform. The payment is made directly through Stripe or a Stripe payment link.

#

**method "payment_methods/create"

proud vault
#

This request was made by your secret key, not from Stripe.

#

Stripe doesn't have access to your secret key to make a request

#

Somewhere in your system made this request directly through API

rain notch
#

I have already send you my code for secret key, where i have not use " Payment Method Creation "

rain notch
proud vault
#

If IP address wasn't from your system, there was a chance of key leak and someone has gained access to your integration via the secret key