#B33fb0n3YT-create-subscription

Either with your secret key or bearer auth in the Authorization header
https://stripe.com/docs/api/authentication

Yes, but I cannot set any Header with axios, or could I?

axios is client-side right?

you shouldn't be doing any of this client-side, it requires your Secret key. You need a server for that

thanks 🙂

I really don't understand what you said

Are you using Axios server-side? why don't you just use stripe-node instead?

stripe-node?
I dont know how to use node.js in any way. Never worked with it.
Your API is a Rest API, isn't it?

I'm totally lost. Let's take a step back: where is your code running? In a browser?

I created a project with React. So I start a development server on localhost:3000 (npm start). This is for testing. After I tested everything I going to build and upload it to aws.

yeah I still worry we're talking past each other right now

React is also client-side in almost all cases

exactly

Stripe requires server-side code. You will have to right code server-side for the majority of your integration, it can not run in the browser

if it did, anyone could look at the source code and find your secret key and do whatever they want with it

I cannot get Data from your API and work with it?

my secret key is saved inside my .env file. It's not possible to see this file and the secret key neither

you write server-side code

I dont

I mean you have no choice?

I'm not sure how to say this. You can not make API requests with a secret key client-side with Axios, this is a huge security risk and doesn't make sense

I could call your API, get data and work with it 🤔

we support many server-side languages, https://stripe.com/docs/libraries and have official libraries for each one and as a the developer you have to use that

do not try to use the Secret key client-side in a browser

I do: @stripe/react-stripe-js like this package

you're unfortunately not listening to me

You can not do this. React js is only for client-side code to collect card details and nothing else

How do I get a list of all my subscriptions? A time ago I spoke to a team member from stripe. He said, that I can do it like that... 🤔

Maybe you can see my old thread

cloud I do requests to these endpoints?

oh found it: #dev-help message

https://stripe.com/docs/api/subscriptions/list has code examples in all the languages we support

so I cannot use stripe if I using react. Do I understood this right?

*only for collecting data

I am so sorry, I don't understand why we are not understanding each other at all at this point

oh

Stripe is a payments API first. You do things server-side and then client-side you collect card details in a nutshell. React is a client-side framework. We absolute support React, we have an official library for it, we have docs everywhere about it too. But React is client-side and only works for collecting card details for example
You can not list subscriptions or do anything client-side beyond accepting a payment

thought that I can request these endpoints and get data from the server.

oh thats too bad :/

than I need to find another provider for my payment transfers :()

I really don't understand what that could mean. The majority of processors work that way. You can't, as a developer, accept payments and do everything in a browser with your secret key, that is just impossible

I do think you are mostly confused/lost and that's not really what you want though

have you looked at https://stripe.com/payments/payment-links instead? That is a no code solution and would likely be a better fit

yes. I also thought about that. But I need to create a subscription via my own form. And for that I need a backend. Like you said, I only have a frontend with react. Now I am looking for a "backend provider".

It's possible. I see it at auth0, strapi and many other apis

Thank you. This is humbling 😦

Payment Links will create the subscription for you though

so you could have your own landing page in react that offers various products and each button is associated to a pre-configured payment link and you redirect the customer there

would that work?

maybe the creation is possible, but I also need to query the already created subscription to see if the user have a running subscription. If not, he's not going to see the paied things.

That is, what I want to do:

it's in german...

the green box is the paid area.

yeah I don't speak German and can't really help with something so high level

but really, you're the developer, you have a website, a server and server-side code is always required whether you take payments or not

yeah. I thought, that I collect the data from the customer, create the subscription via POST Rest API Call, transfering the data to stripe and stripe do the payments... but thats not worrking...

yeah I keep telling you you can't do that

if you do that, anyone on your site can see your key and refund all your charges

you never want that

ok. One last question: Stripe have no Rest API, right or wrong?

...

We have a Rest API. It's clearly documented here: https://stripe.com/docs/api. Having a rest API doesn't mean you can make whatever call you want client-side

I'm sorry, I am not trying to be mean or anything, but you are going to put your business at risk if you continue in that direction and don't want to hear that this is impossible, both on Stripe and any other payment processor

I going to find one and after I found one, I gonna show it to you.

My secret key is save inside my .env file. I think I need one at my future provider, but it's save inside.

you're not listening

wherever it's saved doesn't matter. Your code will need to retrieve it from your server to make calls client-side

if it's in the browser anyone can go and find it in seconds

could you find it in seconds, if it's public?

if you return the key yes

ok. If my code will retrieve it from my server, why would I need api keys?

if your code will retrieve what from where?

but I do not. I just gonna use these keys to call the rest api. To be autheticated. To get data from the api. Not to provide it everyone.

my code from my server like you said.

then why do you say you're going to find a competitor and Stripe doesn't work for you?

So you are going to hit your server and have your server-side code access the data and return what's relevant to the client? Because if so that's exactly how your integration should be built!

yes. To retrieve data for my client, right?

I... don't understand that sentence again I'm sorry 😦

Your client-side code, in React, makes an ajax request to your server and your server-side code (in whichever language you use) uses our API + official client library to retrieve data you need. Or you store detailed information in your own database)

I call my server to retrieve data for my client. To output it or do whatever I like.

oh so I need my own API to make your API calls, right?
I call my api, to call your api

Yep, many Stripe API calls need to be made using a secret key securely from a backend server that you control.

That's right: you do your client > your server > Stripe API and then the responses go back the other way

oh thats not for me. I am a frontend developer and have no backend. So I cannot create backend by myself. So I cannot use Stripe 😦

You can use Stripe -- for example using the payment links @whole mist mentioned earlier. Those require no back end.

You cannot implement a custom payment or subscription flow without a back end server, that is true. But we have products that can be used to collect payments and create subscriptions without a server. (Payment Links, Hosted Invoices)

https://stripe.com/docs/invoicing/hosted-invoice-page

You can create the invoices from the dashboard

yeah thats true. But I cannot check if the my customer currently have a running subscription (only with frontend + rest api).

yes manually ... :/

That's true, you can't do any of that without a server

You need a server to make secret key requests, you cannot make secret key requests securely from the client

At this poin we should stop unfortunately

if @thin terrace has never written server-side code and doesn't plan to write any or hire a developer to do this the discussion is moot. Though you will have the same problem on every API/processor

Ok. If I found one, I will let you know 🙂

If u want, you can close this thread now

Will do - good luck with your project!

Archiving this thread 🗄️

Thanks! 🙂