#devne_pc-checkout-subs

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1481058722552741992

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Hi @lime bison thanks in advance for your help! 🙂

Hello 👋

This sounds a lot like Stripe Checkout to me: https://docs.stripe.com/payments/checkout/how-checkout-works

Can you review this doc and let me know if that meets your needs?

All PCI compliance burden is handled by Stripe in that case.

Bingo - "redirecting customers to a Stripe-hosted payment page, or creating a customised checkout page with Stripe Elements. Checkout supports payments for both one-time purchases and subscriptions."

By any chance to you know if we can brand / theme the portal page (our guys can provide the CSS)

*do you know

There is very little customization but the color in the details section, the business name, and the logo all come from your account settings

In Settings go to Business and then Branding

fantastic. are subscriptions able to be recurring and can we set the durations ie. 1 month, 3 months, 6 months, 12 months etc

(some merchant services we looked at don't allow recurring payments or only on certain fixed durations)

Subscriptions are recurring. That's how they work.

But to achieve specific durations, you would need to look into either Subscription Schedules or update the subscription after it gets created to define the cancel_at parameter

That last one is tricky to get right, since we use UTC timestamps. Being off, even by seconds, will cause prorations.

this seems to answer my questions nicely https://docs.stripe.com/billing/subscriptions/build-subscriptions

Yeah the Subscription part is pretty easy to set up

It' s the custom duration that would be tricky

fortunately we have a bunch of devs who are way smarter than me so they will work it out :))

i'm just a humble product manager!

thank you so much for your time. i will let the devs know that this platform exists so that they can ask more refined questions later on during implementation.

Sure thing, happy to help 🙂

Also this server specializes in helping developers integrate with Stripe APIs/Products. So if they have questions feel free to direct them here.

actually on that point -

i'm just reading through the docs and it is saying we actually install a client and manage sessions on our side

does this put us in a position of hosting the stripe portal on our infra

and thereby ingesting/storing customer payment info? what we're trying to avoid is a situation where we are storing copies of card payment data

There are multiple ways to integrate with Stripe Checkout and that can get confusing.

But let me stop you right there

and thereby ingesting/storing customer payment info?
THis doesn't happen with any Stripe integrtions, even the ones embedded in your site

For all our payments integrations, we abstract away the actual handling of customer payment method data.

what we've done with other products is send subscription info via API to merchant provider and send customer out to merchant portal, then they do all their PII data inputs, then after successful payment completion customer gets returned back to our product with a JWT that says payment successful

then our application updates their product subscription info accordingly

Okay but please just review the actual STripe docs thoroughly. At no point does your integration store customer payment method data (unless you ask us for it and you prove to us you meet the necessary PCI Compliance)

this is extremely reassuring

It's not something we are expert at here (PCI Compliance) because we focus heavily on the technical aspects

But we have a useful doc for this: https://stripe.com/guides/pci-compliance

That can get into the compliance levels and the acronyms that will make lawers happy

Specifically, I think it's useful to call out what this guide mentions for Checkout:

Checkout and Stripe.js and Elements host all card data collection inputs within an iframe served from Stripe’s domain (not yours), so your customers’ card information never touches your servers.

fantastic, i've already sent the devs (and legal) all the links you've posted here

"After the subscription signup succeeds, the customer returns to your website at the success_url, which initiates a checkout.session.completed webhook. When you receive a checkout.session.completed event, use entitlements to provision the subscription. Continue to provision each month (if billing monthly) as you receive invoice.paid events. If you receive an invoice.payment_failed event, notify your customer and send them to the customer portal to update their payment method."

^^ this sounds right to me

Yeah we use webhooks as close to realtime notification system to keep you informed about your integration.

Especially for Subscriptions, it's really useful

your guys documentation is spectacular, frankly

incredibily flexible subscription type options as well

OK thanks so much for your time and help. I really appreciate it

Sure thing! Happy to shed what 💡 I can 🙂