#kunalmehta93_code

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1317154247762247700

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Hi 👋 sorry, I'm not sure what you're referring to when you say you want to avoid "this break in the UX". Can you elaborate on what you're referring to there?

does it require app installers to copy-paste the key?
Yes, that's the final step of the process when using a RAK:
The user copies the generated keys and provides them to your site.
https://docs.stripe.com/stripe-apps/api-authentication/rak#:~:text=The user copies the generated keys and provides them to your site

Yes, we were hoping the user doesn't have to manually take the effort to find + copy the RAK and then paste it, vs. the app install webhook containing the RAK (or some other means of us getting the RAK without manual user input). We were concerned about this being a poor UX vs. the app "just working" after it is installed.

What you're describing sounds more like the OAuth flow.

is the platform key another alternative that would work without users copy-pasting keys to authenticate?

I don't understand the question. Your Platform's API key is how your Platform authenticates with the Stripe API, you would never share that with your users for security reasons.

OAuth is the right flow if you don't want your users to have to copy/paste RAKs.