achillesfirststand_api | Stripe Developers | Page 1

rare lindenBOT Sep 23, 2025, 7:31 PM

#

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1420130564664594493

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

achillesfirststand_api, 23 hours ago, 12 messages
achillesfirststand_stripe-apps-extension, 1 day ago, 25 messages
achillesfirststand_api, 1 day ago, 4 messages

#

tribal night Sep 23, 2025, 7:32 PM

#

Hello again 🙂

kind bluff Sep 23, 2025, 7:32 PM

#

Hey, sorry to be back. I have made progress, I've got stripe test data displaying in my app, now just can't fetch the account name.

tribal night Sep 23, 2025, 7:33 PM

#

Ah nice.. Let me take a look

#

As far as I know, you don't need to set the scope seperately 🤔
As per https://docs.stripe.com/stripe-apps/api-authentication/oauth#obtain-access-token, scope is set by Stripe as stripe_apps and then we'd just use the permissions defined in the apps

kind bluff Sep 23, 2025, 7:42 PM

#

I have connected_account_read permission and scope shows as stripe_apps in OAuth response. But stripe.Account.retrieve(account_id, api_key=access_token) still gives "read_only scope" error.

Is there a specific API endpoint or method I should use with connected_account_read permission to get account business name? Or do I need additional permissions beyond connected_account_read?

Current permissions: connected_account_read, balance_read, customer_read, charge_read, etc.

Does this make sense?

tribal night Sep 23, 2025, 7:43 PM

#

I wonder if this is a limitation of OAuth with Stripe Apps, that's the right endpoint

#

Checking

rare lindenBOT Sep 23, 2025, 7:48 PM

#

tribal night Sep 23, 2025, 7:53 PM

#

I suspect connected_account_read grants your Platform the permission to read your Connected Account's data but since you're using OAuth you're actually making the request as the Connected Account itself & I wonder if that's the reason it doesn't work

#

checking internally though

#

Yup, the above is why you're seeing the error

#

For this specific call, you could just use your Platform's API key

#

and pass the Connected Account ID instead of self

kind bluff Sep 23, 2025, 8:02 PM

#

ok, I will try this. Thank you for the help. Robert

tribal night Sep 23, 2025, 8:02 PM

#

Happy to help

kind bluff Sep 23, 2025, 8:05 PM

#

Still getting the same error with platform key. Can you show the exact code for retrieving connected account info with connected_account_read permission?

Currently trying:
stripe.api_key = platform_secret_key
account = stripe.Account.retrieve(account_id, stripe_account=account_id)

What's the correct syntax? Thank you

misty herald Sep 23, 2025, 8:34 PM

#

I believe this won't work with the stripe_account header

#

your retrieving an account that is connected directly to the platform correct?

kind bluff Sep 23, 2025, 8:36 PM

#

HI, no, it's using Stripe Apps Oauth. I used Stripe Connect previously, but that only allowed read_write permissions, which is not what I wanted. I want read only.

Users will install my Stripe App and I get OAuth tokens to access their data.

Is there any way to get account business name with Stripe Apps OAuth, or is this a limitation? Thanks

misty herald Sep 23, 2025, 8:43 PM

#

sorry didn't go back far enough in the thread.

#

still my understanding is you would not pass the stripe_account header in the retrieve call

#

account = stripe.Account.retrieve(account_id)

rare lindenBOT Sep 23, 2025, 8:46 PM

#

kind bluff Sep 23, 2025, 8:48 PM

#

Still getting the same error with the simple approach:
stripe.Account.retrieve(account_id, api_key=platform_secret_key)

Same error: "Having the 'read_only' scope would allow this request to continue."

Is getting business names simply not possible with Stripe Apps OAuth?

#

Sorry for the ongoing hassle with this. It's not the end of the world if I can't do this, but just want to find out if it's possible.

misty herald Sep 23, 2025, 8:57 PM

#

No worries, just trying make sure I have a grip on the question.

kind bluff Sep 23, 2025, 9:00 PM

#

I have successfully got user data into my app using a Stripe App, I am just trying to get the user's business name as well.

misty herald Sep 23, 2025, 9:04 PM

#

Can you share the request id resulting in the error for your most recent attempt?

kind bluff Sep 23, 2025, 9:06 PM

#

"WARNING:trackers.stripe.services:Failed to sync account info for acct_1QopbFHYbcC0r9g9: Request req_s4aSeaAZ7lmS2g: This application does not have the required permissions for this endpoint on account 'acct_1QopbFHYbcC0r9g9'. Having the 'read_only' scope would allow this request to continue."

misty herald Sep 23, 2025, 9:06 PM

#

if your platform key has read permissions for the account you are trying to retrieve it should work.

kind bluff Sep 23, 2025, 9:09 PM

#

My platform key (sk_test_51SADL2...) is from a different Stripe account than the OAuth account (acct_1QopbFHYbcC0r9g9).

With Stripe Apps OAuth, how do I get read permissions for accounts that install my app? Do they need to be connected via Stripe Connect separately, or should the OAuth flow automatically grant my platform read permissions?

My understanding was that the app permissions (connected_account_read) would handle this, but it seems like there's no relationship between my platform and the OAuth accounts.

I'm making an app where anyone can authorise their account and see their data displayed within my app.

frozen obsidian Sep 23, 2025, 9:11 PM

#

Hi there,
taking over for my colleague who had to step away. Give me a quick second to catch up.

#

I am a bit confused at the moment how this is setup. Can you share a request ID of a failed retrieve request?

kind bluff Sep 23, 2025, 9:25 PM

#

ok, 1 sec

#

Platform request id: req_TPKzs8XMyCyNP3

This is CONFIRMED from our platform key calling stripe.Account.retrieve(account_id, api_key=platform_secret_key) exactly as you suggested.

Platform: sk_test_51SADL2...
Target: acct_1QopbFHYbcC0r9g9 (OAuth installed account)
Error: "read_only scope" required

This proves our platform key cannot read OAuth-installed accounts. Is this a Stripe Apps OAuth limitation?

frozen obsidian Sep 23, 2025, 9:49 PM

#

Still looking into this...

rare lindenBOT Sep 23, 2025, 10:15 PM

#

jovial dune Sep 23, 2025, 10:19 PM

#

👋 I'm a biiiit confused by the ask and it's a long thread but it seems correct to me that you can't use your own API key to retrieve an account that isn't "connected" to your application and instead installed your Stripe App. I agree it can be confusing though especially since you have the right permissions to make the same call with that OAuth token/key

#achillesfirststand_api