#aaron_api

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1309585848920182896

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

We have a Stripe App people install. Our Stripe App makes checkout links on your account as a part of our pricing tables solution.

Hi, let me help you with this.

I'm in Guatemela right now (regularly US/Canada). I only noticed that now the checkout links fail, as opposed to when I'm back home. They also require a captcha like every single time.

By Checkout Links you mean Stripe Checkout Sessions? Or Stripe Payment Links?

Checkout Sessions

I guess I figure that our app requires some permission we don't have set, only required for special cases, like in Guatemala here?

Do you have a screenshot of the error?

Getting it now

It's on this Captcha endpoint

So I imagine there must be a permission we require in our app to allow for Captchas during checkout? Although that seems like a really specific permission

Happens when I complete the captcha

Could you please show the full error message?

  "error": {
    "code": "more_permissions_required_for_application",
    "message": "This application does not have the required permissions for this endpoint on account 'acct_1PentdCDIXxitiYy'. Having the 'read_write' scope would allow this request to continue.",
    "request_log_url": "https://dashboard.stripe.com/acct_1PentdCDIXxitiYy/logs/req_HXjlq4J4fbI76h?t=1732300418",
    "type": "invalid_request_error"
  }
}

https://api.stripe.com/v1/setup_intents/seti_1QO1XcCDIXxitiYytFXE0rh0/verify_challenge
Request Method:
POST
Status Code:
403 Forbidden```

Not sure if this is related to this specific endpoint. Probably it's just the final request before the payment is confirmed and something prevents it from doing it.

Or is it only happening when Captcha is required? Are you able to accept payments otherwise?

Yeah when Captcha is required

In this country for some reason I'm required to Captcha every single time I wanna use Stripe

Anyhow, through our links when you complete the Captcha it fails yeah

But if there's no Captcha we're able to accept payments

This also opens a can of worms. We know if everything goes perfect, checkout works

But what if

• there's a 3d check
• there's a captcha
• there's any number of other edge cases we're not educated about

Are you able to accept payments when outside of the country?

I see missing_permissions="mandate_read, payment_method_client_read, payment_method_shared_read, setup_intent_client_read, setup_intent_client_write"
Which is not directly related to Captcha, as I suspected.

hmmm

but required for Checkout Sessions on ocassion?

I woud've thought checkout_read/write permissions would've included this, or any of the core permissions

Yeah, it's weird, since the docs say those are implied: https://docs.stripe.com/stripe-apps/reference/permissions#:~:text=Sessions-,This permission also implies the following permissions%3A,-mandate_read

this presents also another issue, if we have to request all these perms for our app that aren't implied under another one, it might reduce trust in our application

like why are we requesting 200 permissions for a simple app here, type thing (during installation)

Hi, stepping in and catching up here

Awesome

I'm asking support from my teammate to further investigate this permission issues. We'll circle back as soon as we have an update.

awesome thank you

@granite sable Can you share a request id where it just worked in the US?

Do you have elements_write permission? Can you try adding that permission?

can i use a vpn to simulate my location in the US right now?

currently not in NA

and i can try adding that yes

Ok, let me know if that does not work.