#venkata_partner-program

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1496923424918999305

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

• venkata-rohith-pesal_api, 2 days ago, 12 messages

venkata_partner-program

We operate a SaaS platform that helps business owners manage and monitor their revenue, subscriptions, and transaction activity across payment providers in a centralized dashboard.

Our goal is to let users connect their Stripe accounts through our external web application (not through the Stripe Dashboard) and we only need read-only access to data such as customers, products, invoices, and subscriptions.

We are currently facing these limitations:

1. Using read_write (Platform): users who are already connected to another platform cannot connect to us
2. Using read_only (Extension): Extensions are deprecated and long-term support is unclear
3. Using Stripe Apps: runs inside Stripe Dashboard, not suitable for our external app

Our question is:
If we apply for the Stripe Partner program, would that:

Allow us to use a supported OAuth/read-only approach for external apps?
Provide any additional API permissions or remove current connection limitations?

Or would we still be subject to the same restrictions as standard integrations?

What we already attempted?

1. Tested Stripe Connect OAuth with read_write (blocked for users already connected elsewhere)
2. Explored read_only via Extensions (deprecated)
3. Reviewed Stripe Apps (not suitable for external UI)
   4 .Reviewed docs on multi-platform restrictions and OAuth behavior

@shut sentinel no you won't get additional permissions. But "read only extensions" are still possible, you have to work with our support team for acces: https://support.stripe.com/contact

But I think you have misunderstood something about Stripe Apps. They don't always run in the Dashboard. They can be a "server-side only extension" too. Stripe Apps are basically a new integration for extensions. Stripe Connect used to give you complete access to the entire account which was scary (both for app developers and the end customers isntalling it). A bit like how you install an Android app on your phone and you'd never want the app to have default access to everything forever.
Stripe Apps let you configure the permissions you need (as in: what objects do you want to get access to)

https://docs.stripe.com/stripe-apps/build-backend

Give me some time, I have a few questions to ask.

sure

Thanks for the clarification.

I want to explain our use case clearly so we can understand the best long-term approach.

We have an external web application, and our users need to come to our website and connect their Stripe accounts there. We only need read-only access to data such as customers, products, invoices, and subscriptions. We do not need read_write access.

Because we’ve received mixed answers from different channels, I want to confirm the best supported option for this setup.

From our understanding, the options seem to be:

1. read_write via Platform — not suitable for us
2. read_only via Extension — Stripe engineering has already changed our account type from Platform to Extension
3. Stripe Apps / server-side approach — still trying to understand whether this fits our use case better

My main questions are:

• For our exact use case, what is the best supported approach today?
• Since Stripe engineering already changed our account to Extension type, is this a safe and stable long-term option for us even though Extensions are marked as deprecated?
• If not, what is the best alternative for a new integration like ours where users must connect through our external web application?

Sorry for asking again, but we are getting mixed answers from different places and want to make sure we choose the right solution before going live.

If it is easier, I’m also happy to connect through a call, Zoom, or Google Meet. Our goal is to fully clear this up and move forward with the best long-term option.

I'll give you two answers. It will make it a bit more confusing, but it will be an honest answer

The recommended path today is a Stripe App. This lets your end user discover the app online or in their Dashboard and such and "install" the app on their account. Once they do, you have access to the data in their account based on the permissions you asked for (and nothing else). You don't need a UI in the Dashboard, though you can build one.

You didn't say what your business is but let me pick a concrete example: You are a churn revenue recovery platform. You specialize in finding customers whose payments are failing on Subscriptions and they are close to churn and then you email them directly to nudge them to come back and pay.

This works perfectly as a server-side Stripe App. You listen to Events that happen on all of your "connected accounts" that have install your app, you have the right permissions to read information and then you get those customers to come back and pay. You do all of this on your own server, you can make API requests on each "connected account" to read data, etc.

This isn's the perfect example as you said read only, but I needed one to make it compelling.

Does ^ make sense overall? I want to clear this up before I give you my second answer

Yes, that makes sense overall - thank you for explaining it clearly.

Our use case is that we have an external web application where business owners connect their Stripe accounts so we can read data such as customers, products, invoices, and subscriptions for reporting and analytics in our own platform.

Based on your explanation, it sounds like a server-side Stripe App could potentially fit our use case, even if we do not build UI inside the Stripe Dashboard.

A few things I want to confirm before deciding the right direction:

1. In this model, can the user start the connection flow from our external web application, or do they always need to install the app first through Stripe / the App Marketplace?
2. If they install the Stripe App, can we then show the synced Stripe data inside our own external web application dashboard?

#1 yes
#2 yes

Please go ahead and share your second answer as well

Okay so my role at Stripe is to help developers integrate Stripe. I know our products and APIs inside out, I also know the complexity of some things

My personal take is: Stripe Apps are cool and fit your use-case but Stripe Connect + read_only scope is drastically easier to integrate and much much more powerful. If I were leaving Stripe and building your app I would use the "legacy" integration

the main risk is that at some point someone will want to turn this off. If I am still at Stripe I will do my best to convince them not to, but we would at some point.

thanks a lot for your honest and open explanation, really appreciate it.

Glad I could help!