sinduri_code | Stripe Developers | Page 1

lime wigeonBOT Nov 19, 2024, 5:27 AM

#

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1308302719877910580

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

sinduri_api, 5 days ago, 9 messages
sinduri_api, 5 days ago, 23 messages

#

dreamy condor Nov 19, 2024, 5:30 AM

#

hello! I'm not sure I understand the question. My question is, can we use restricted key for our platform account. I f I created a restricted key what might be the changes in this integration - what are you trying to use the restricted key for? Are you asking if you can use the restricted key for OAuth?

frosty tide Nov 19, 2024, 5:33 AM

#

curl -X POST https://api.stripe.com/v1/oauth/token
-u sklive:XXX
-d code=acXX
-d grant_type=authorization_code

https://docs.stripe.com/stripe-apps/api-authentication/oauth#obtain-access-token

here, we are using platform accounts secret key to get the access token, if I created restricted kay, what would be the changes in this code?

OAuth 2.0

Use the industry standard OAuth 2.0 to authenticate requests to the Stripe API on behalf of your users.

dreamy condor Nov 19, 2024, 5:35 AM

#

it probably wouldn't work, but you can try

frosty tide Nov 19, 2024, 6:08 AM

#

Okay,
one more concern, can we make/accept any transactions or perform any actions using a stripe account's secret key or public key only through APIs or both required?
Because we suspect some malisious transactions

dreamy condor Nov 19, 2024, 6:15 AM

#

this section of the docs explains each key in more detail : https://docs.stripe.com/keys. In short, the secret key is used server side and the publishable key is used client side.

The APIs on this page require the secret key : https://docs.stripe.com/api
The methods on this page use the publishable key : https://docs.stripe.com/js

At a high level, regarding a payment, how it typically works is that you would create the PaymentIntent with the secret key server-side, then collect the payment details and confirm with the publishable key client-side

API keys

Use API keys to authenticate API requests.

Stripe API Reference

Complete reference documentation for the Stripe API. Includes code snippets and examples for our Python, Java, PHP, Node.js, Go, Ruby, and .NET libraries.

Stripe JS Reference

tidal holly Nov 19, 2024, 6:16 AM

#

Hello

#

I want to share something very important please listen to me

#sinduri_code