#erin_api
torn jungleBOT
đ Welcome to your new thread!
â˛ď¸ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.
âąď¸ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.
đ This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1326249765729734707
đ Have more to share? Add more details, code, screenshots, videos, etc. below.
proper kiln
Hello! You can set the expiration time for Checkout Sessions using expires_at: https://docs.stripe.com/api/checkout/sessions/create#create_checkout_session-expires_at
signal yoke
the other issue we have is that we'd like to be able to invalidate the checkout sessions so they can't be reused (by back/forward in the browser)
ya but we'd like to manually invalidate them, if possible
proper kiln
You can also force expire a Checkout Session using this API: https://docs.stripe.com/api/checkout/sessions/expire
signal yoke
for the billing portal we'd like them to last longer or be able to be controlled
ah OK, those are great for the checkout session, thanks!
not sure how I missed those
proper kiln
For the Customer Portal, you don't really have granular control over it. Once the Customer is using the session their use keeps it active.
signal yoke
right but then the hit the back button to go back to their (our) portal
and leave that page open
and then the billing portal link expires
can we invalidate the billing portal session? and extend it?
?
proper kiln
I'm not aware of such a feature, no.
If it expires or is otherwise invalidated you'd need to create a new Session for them.
signal yoke
right but we can't tell if it's expired
it's also a security issue on a shared computer
that it stays active when you leave the page...imagine they're on a shared computer and then someone comes to it and hits the forward button...they're taken to someonen else's billing portal!!!
that ain't good
?
if we make another billing portal session, does it invalidate the previous link?
proper kiln
Those just aren't things we support with the Customer Portal. If you want that level of visibility and control you'd need to build your own management UI and not use the Customer Portal.
signal yoke
but isn't it a security issue, like I mentioned above?
signal yoke
if we make another billing portal session, does it invalidate the previous link?
and what about this ^^^ ?
proper kiln
As far as I know it won't invalidate the previous one, but I've never actually tested that.
signal yoke
so if our customers use a shared computer, and someone else uses their billing portal and costs money, what's our options?
proper kiln
That's a better question for Stripe support than here: https://support.stripe.com/contact
I can only tell you how things work at a technical level.
signal yoke
fair enough, thanks for explaining how it all works, appreciate you
proper kiln
Ah, I found an internal feature request to add this functionality. I'll add a +1 for you.
signal yoke
oh awesome, you rock