hanners_best-practices | Stripe Developers | Page 1

thorny robinBOT Mar 7, 2025, 4:42 PM

#

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1347610294058487943

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

#

dusky nymph Mar 7, 2025, 4:44 PM

#

Hi, yes you'd likely want this flow: https://docs.stripe.com/payments/build-a-two-step-confirmation

It will allow you to collect the payment method details and then add your logic to either charge the customer or not.

thorny robinBOT Mar 7, 2025, 4:49 PM

#

patent wadi Mar 7, 2025, 5:08 PM

#

Hi, thanks for the links! Seems like the approach we had is similar to the legacy 2 step confirmation. Is there any benefits of using confirmationTokens over using paymentMethodIds?

olive mauve Mar 7, 2025, 5:12 PM

#

Hi! I'm jumping in for my colleague; just give me a sec to catch up.

olive mauve Mar 7, 2025, 5:29 PM

#

Ok, so you want to limit card countries?

patent wadi Mar 7, 2025, 5:32 PM

#

yes, for example, if the currency is myr, to limit to myr credit cards.

olive mauve Mar 7, 2025, 5:39 PM

#

Gotcha. Then you'll want to do this in two steps as suggested by my colleague.

Is there any benefits of using confirmationTokens over using paymentMethodIds?

Can you tell me more about what this means?

patent wadi Mar 7, 2025, 5:41 PM

#

The current project has already implemented the card checking using the createPaymentMethod, which is the legacy 2 step confirmation. I am considering if there are any benefits to change to using confirmationTokens instead.

#

And also, we kind of did it the reverse way: create payment intent first, then call createPaymentMethod, then confirmCardPayment. In the docs, seems like it is more secure to collect payment method, passing it to the server, creating payment intent, then passing the secret back to frontend to confirmPayment (with 3DS). Wondering if you have any advice to give us at this point in time, if a refactor is necessary 😬

patent wadi Mar 7, 2025, 6:02 PM

#

Thanks for the help, have to go, do leave any comments if you have any! Any chance of opening this thread the next time I get back?

olive mauve Mar 7, 2025, 6:04 PM

#

Of course - something urgent came up, I apologize for dropping this.

olive mauve Mar 7, 2025, 6:26 PM

#

So I would say that either way works, but the ConfirmationToken approach is the "new" way, so it's likely worth going with that. Upside here is that you wouldn't even need to create a Payment Intent if the https://docs.stripe.com/api/confirmation_tokens/object#confirmation_token_object-payment_method_preview-card-country didn't match the currency. In fact, they'd still be client-side so you could notify them and try to re-collect a payment method in the right currency.

#

You may also want to consider https://docs.stripe.com/payments/checkout/adaptive-pricing

#hanners_best-practices