alan-tse_api | Stripe Developers | Page 1

dusky oceanBOT Nov 7, 2025, 4:18 AM

#

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1436208089257742349

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

#

autumn nova Nov 7, 2025, 4:20 AM

#

At this point, we set off_session=false, but the payment is still initiated from our server.When we use a test card that requires 3DS, Stripe returns "next_action
I didn't get this part. You are reusing the same PaymentIntent which was created earlier, with off_session=true, aren't you?

lavish crescent Nov 7, 2025, 4:21 AM

#

yes

#

If a PaymentIntent was previously created with off_session=true, is it impossible to change it to off_session=false for a subsequent payment?

autumn nova Nov 7, 2025, 4:23 AM

#

Hmm not sure, did you try and did it give you an error?

#

The general idea is simply confirm it again on frontend using stripe.js, to finish the 3DS and don't change any property

lavish crescent Nov 7, 2025, 4:25 AM

#

i use a test card that requires 3DS, Stripe returns the following information:
"next_action": {
"type": "use_stripe_sdk",
"use_stripe_sdk": {
"directory_server_encryption": {
"algorithm": "RSA",
...
}
}
}

#

But we’d like to handle the 3DS flow entirely on the server side — meaning we want Stripe to return a URL for the 3DS challenge, and then we redirect the customer to that URL ourselves.

autumn nova Nov 7, 2025, 4:26 AM

#

That's on the first step when you call it with off_session=true ?

#

Pass a return_url, it will force it to return a redirect URL

lavish crescent Nov 7, 2025, 4:29 AM

#

In the first step, I set off_session=true, and a 3DS URL was returned, which I successfully processed.

Then, I took the PaymentIntent from the first step, set off_session=false and auto_confirm=true to simulate an on-session scenario where 3DS is required, and received the following response.

#

"next_action": {
"type": "use_stripe_sdk",
"use_stripe_sdk": {
"directory_server_encryption": {
"algorithm": "RSA",
...
}
}
}

autumn nova Nov 7, 2025, 4:31 AM

#

In the first step, I set off_session=true, and a 3DS URL was returned, which I successfully processed.
How do you process here? did you redirect to the 3DS URL? In that case the PI should be succeeded already

lavish crescent Nov 7, 2025, 4:33 AM

#

Oh, I see. Since we are PCI certified, we’re using the PAN payment API. In our current flow, when we receive the next_action containing the 3DS URL, our frontend redirects the customer to the Stripe 3DS page — that part works perfectly fine.

However, what we’re now trying to solve is this: when we initiate a payment using a previously saved card from our server side and attempt to handle any potential 3DS authentication, our test environment (using a 3DS-required test card) returns a response asking us to use the Stripe SDK instead.

autumn nova Nov 7, 2025, 4:37 AM

#

Okie so to avoid confusion... I will igonre the part works perfectly fine.

Now you initiate a PI using a saved card from server side, can you pass a return_url? That should force the response to redirect_to_url instead of use_stripe_sdk

lavish crescent Nov 7, 2025, 4:41 AM

#

For the second simulation, when the customer is on-session, we did provide a return URL. We used these two test cards, and in both cases, the response still returned use_stripe_sdk.

autumn nova Nov 7, 2025, 4:45 AM

#

Can you share that request id? req_xxx

#alan-tse_api