#waqas-safdar_api

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1333416777899835393

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

whart's the issue?

We're developing a project that requires onboarding vendors using Stripe Connect for (Express Accounts). The primary challenge is deciding the best approach to implement this integration while ensuring the solution is:

Scalable – To handle a growing number of vendors and transactions effectively.
Secure – To protect sensitive data like API keys and user tokens.
Maintainable – To make future updates and enhancements easy.
Aligned with Stripe best practices – For managing API interactions, logs, and webhooks.
The project consists of:

Backend API (Laravel): Handles core logic and vendor operations like products, bookings, etc.
Dashboard (Vue 3 with Quasar Framework): Allows vendors to manage their accounts, products, payments, etc.
We're unsure whether the Stripe Connect integration should primarily reside in the Laravel backend (as part of the core API) or the Vue.js Dashboard (for more direct interactions with vendors). Each approach has implications for security, performance, and long-term maintainability.

Describe the solution you'd like
We want guidance on the following aspects to implement the integration effectively:

Programming Architecture:

Should the entire integration (e.g., API calls, webhooks) be handled in the Laravel backend, or should it be split between the backend and Vue.js frontend?
Would creating a dedicated module or folder for Stripe in the backend improve maintainability?
Security:

Best practices for securely storing and managing API keys in the backend.
Secure ways to handle sensitive vendor details and Stripe tokens during the onboarding process.
Scalability:

How to design the system to scale with an increasing number of vendors and transactions.
Recommendations for modularizing Stripe-related functionality.
Managing Stripe Logs:
Efficiently log Stripe events (e.g., account creation, payouts, failed transactions) for auditing and debugging.
Should logs be stored in the database or an external service?
Integration at Development Stages?

Most Stripe integrations require a backend and front-end component so you'd be using both (i.e. React front-end, Node.js backend to interact with the API)

I recommend you look through some of our quickstart guides which explain those concepts