#ed_api

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1351702892565757984

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

hey! looking at this now. this feels like something that people would have asked before, so let me see if there are any recommended solutions to this problem.

what security concerns are you worried about with just storing the pm_ ID and label on your end?

stripe object IDs are generally considered pretty safe, you can even send them here and it's not a security concern

I know it's not a concern if a pm_ leaks outside to the public, but I'm more thinking if I manage the relationships between User & PaymentMethod in my own database, it's another vector for making a mistake.

For example, what if I accidentally leak a pm_ from a customer to a seller that's not supposed to see that pm_

If that seller then charges the pm_, then there's an issue

I guess this is more a question of: what is the convention you see in companies with only 2-3 engineers?

gotcha. PMs are restricted to an account context, so just having a pm_ ID from a different account shouldn't let you charge it, unless everyone is sharing the same secret

Well, with Stripe Connect express, isn't everything connected to my platform account?

depending on your scale i don't really see an issue with just storing it in the metadata and retrieving it, but the local DB option doesn't seem problematic to me either

Haha now I know even less what to do!

What would you choose if you were running your own startup? 🙂

and yes your connected account is making the API calls, but unless someone gets access to your secret key they shouldn't be able to create arbitrary charges to their own account using a payment method ID

In my app, there is a function where the connected account can take a payment method that a buyer has supplied them and then charge them a certain amount

We're kind of like a bar tab, where the seller charges the entire tab when things close out

starting out i would probably just recommend storing the labels on metadata and retrieving the payment method when you need it

Got it. At what point would you decide to make the switch to local DB? How would you weigh that?

👋 I would say it's all up to you 🙂 Saving the Ids isn't something security-ish as they are only unique identifier. It's totally fine to keep in metadata too, IMO

Err what's the point at which we should switch from querying Stripe to storing things on our own local DB?

It's up to you! I don't think it's a matter of time, but more of pros/cons between 2 options

Hey, can I ask you to elaborate a little bit - I'm not really able to parse anything useful from: "more of pros/cons between 2 options"

If you're not able to comment on what you've seen most ppl do

I guess I'm curious to know what pros/cons you have in mind