#charge_app-permissions

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1304110990081789993

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

• chargeauto_error, 53 minutes ago, 9 messages
• charge_checkout-embedded, 15 hours ago, 12 messages

Hello

What specific error are you seeing?

Hi there
For context we use stripe connect and also use both card element and stripe embedded form. When we use card elements, we have no issues loading up the iframe and using stripe connect to collect funds on behalf of our clients. But when we use embedded form, we are facing permissions errors.

Endpoint: \Stripe\Checkout\Session::create($session_data, $this->optionsParam);
Data (data is passed as array, below is just json encode of it.):
Session_data
{"line_items":[[{"price_data":{"currency":"USD","product_data":{"name":"Payment Request ID: 9"},"unit_amount":1000},"quantity":1}]],"mode":"payment","ui_mode":"embedded","customer_creation":"always","redirect_on_completion":"never","payment_intent_data":{"setup_future_usage":"off_session"},"metadata":{"model":"PaymentRequestAuthCharge","model_id":"yCkBz5","user_account_id":2186,"conversion_data":"[]","transactions":"{"id":9,"payment_type":"C","currency_symbol":"$","amount":10,"customer_email":"mma.test.ca+s3@gmail.com","is_3ds":0,"payment_status":"Pending"}"},"customer_email":"mma.test.ca+s3@gmail.com"}

Options:
{"stripe_account":"acct_1E377gBaTF4iUNXP"}
{
"error": {
"code": "more_permissions_required_for_application",
"message": "This application does not have the required permissions for this endpoint on account 'acct_1E377gBaTF4iUNXP'. Having the 'read_write' scope would allow this request to continue.",
"request_log_url": "https://dashboard.stripe.com/acct_1E377gBaTF4iUNXP/logs/req_ikk1xDs1H3IcXw?t=1730986767",
"type": "invalid_request_error"
}
}

We need help urgently with this.

The last person I spoke to said "but in this example you shared, you're not, you're a Stripe App installed on that account, trying to use your access to create a CheckoutSession, which is not something that's possible.
"

but thats not accurate we are a connect platform

Taking a look

btw we used card element previously and it was working perfectly. So we wanted to switch to embedded form and facing this issue

Do you have an example Charge that was handled with Card Element?

yes let me get an example.. Also I am very new to discord, can I add my developers to this chat too? Is that possible?

Yep this is a public conversation

this was by card element https://dashboard.stripe.com/connect/accounts/acct_1E377gBaTF4iUNXP/payments/pi_3QIOzoBaTF4iUNXP0rxpA9ZU

I'm a bit confused what you mean when you say that you aren't a Stripe App here? This request was made by your App that you can see in your Dashboard here: https://dashboard.stripe.com/apps/stripeapps.chargeautoamtion.com

Stripe Apps are more or less a "type of platform" -- they do handle making requests and things on the accounts they are installed on (your "Connected Accounts" in this case). But they do have a more limited set of permissions/abilities than a full platform account.

Okay so question is will embedded form not work for us in this case then? In test mode and in our staging environments its working flawlessly.. So what do we need to do to get this working?

Hmm can you share a test transaction that worked?

I didn't think embedded was supported here yet.

So I would have expected it to error in test mode as well

okay let me find it

Ah doesn't look like you have the checkout_session_write permission here for your App.

I wonder if we did add support for this recently and you just need to add that permission.

Ohh interesting... How do we go about that?

https://docs.stripe.com/stripe-apps/reference/permissions discusses this

okay so if we add that, clients will need to reconnect to stripe on our application right? Or what will the process be?

Well first thing to do is to test it out in test mode and make sure it works

but it already works in test mode which is strange. I tested it myself. Let me see if I can find a sample

Yeah would need to see that because it really shouldn't of worked in test mode and failed in live mode

Though definitely not impossible

But it shouldn't do that

Got you. So question is if we update the permissions what do our connected accounts have to do next?

You release a new version and your users will be prompted to re-authorize the app due to the new permissions added. See: https://docs.stripe.com/stripe-apps/versions-and-releases#versions

okay perfect thank you!! Im looking for a transaction that went through in test mode. Please give me a few

Sure

still checking ofr it

Probably just faster to test it right now with current permissions

we disabled it. Okay we will test it and get abck to you

Okay here we go https://dashboard.stripe.com/test/connect/accounts/acct_1Q0JuNDfh48Kp5XM/payments/pi_3QIYh9Dfh48Kp5XM3foMmk4C

That was using Embedded form

Looking

okay

Yeah that wasn't done with your Stripe App though. That was done via your actual platform account which has full permissions on that Connected Account.

charge_app-permissions

You can compare the two accounts in your Dashboard:

• https://dashboard.stripe.com/connect/accounts/acct_1E377gBaTF4iUNXP/activity livemode account where ou can see the account information is just a type: standard and has no further info.
• https://dashboard.stripe.com/test/connect/accounts/acct_1Q0JuNDfh48Kp5XM/activity testmode and you can see that you have platform controls here and a full ToS

The requests made here for your Connected Account in test mode is not coming through your Stripe App in a test mode release.

ugh? Okay let me try something else. I will connect to another stripe account and try the transaction again

this is a connected account right? acct_1NNHsIFMkqckwuxQ

that account is connected to your Connect platform with read_write permissions not your Stripe App with more granular permissions

I honestly dont fully understand the technicalities here. How can I test this in test mode then?

I dont think we use stripe app in test mode then. We just connect to the account through our application

Are you the developer doing all of this? Yesterday you were here saying you needed to wait for your developers

We just connect to the account through our application
how are you doing that? Using the old OAuth flow? If so that's likely the issue yes

No my developers are away presently because of timezone

yes we are doing the oauth flow for conencting

It would be much easier if we talked to your developers who fully understand the set up, the code, and can test the variations. It's not going to really help with progress otherwise. We're open on EU and APAC time. Or you can use our support team and talk over email and CC them

but we do the same flow in test mode and live mode

yes we are doing the oauth flow for conencting
what exact flow are you following? I need technical details

okay can we leave this thread opena nd I will ahve them join

No that's not how Discord works. Those threads are short lived and closed quickly when there's inactivity. You can have them come back when they are online and talk to us directly (you don't have to drive the discussion, they can speak to us themselves). Or you can use our support team and start an email thread with them so that you and your developers can provide the detail(s) needed to help you debug this

okay sounds good. thanks

Sure thing! And to be clear, what my colleague explained is the root of the issue here:
You seem to have a Stripe App that you can install, you likely were a Connect platform before using the old OAuth flow with Standard accounts, and so you have parts of your code using the wrong integration with the old API keys instead of properly using the Stripe App flow.
It's definitely not easy to grasp if you aren't really close to the exact code implemented

Okay thanks for that a dev said they tried to access this chat and needed permission. How do I invite them please?

There's no need for permissions. Anyone can join https://stripe.com/go/developer-chat and then use the buttons in #help like you did today and yesterday

Maybe you can also direct me to the documentation of the stripe app flow? Cause right now we have a stripe app but users still go through oauth to connect their stripe account within our platform. You are saying thats the wrong flow?

The problem is "OAuth" means different things. There is an OAuth flow for Stripe Apps but it's different from the old Connect flow. It's hard to help without a clear understanding of what you are already doing.

I honestly think this should be a support ticket at this point since it's been multiple threads with real confusion and it could be resolved async by sharing real code and looking at your logs: https://support.stripe.com/contact

Okay no worries I will have my devs do this tomorrow. I think discord is faster than the times Ive used the chat. Thanks for all your help

Stripe Apps should be installed from the Dashboard or our App Marketplace. We have an installation option but it's in beta https://docs.stripe.com/stripe-apps/install-links so there's a lot that seems potentially unknown on your end
And I'm assuming someone at Stripe tried to convince you to move to Stripe App if you already had a viable and working Connect platform right?

Yeah it was honestly before my time

Discord isn't really faster, you can see this thread and how it went. I am not saying "use live chat" I am saying to start a real support ticket over email and then talk asynchronously and sharing actionable information while keeping state. If your devs end up having to come all day for a week it won't really succeed the way you hope
Up to you though we're happy to try