#dr strain - webhooks

I'll certainly try to help! What questions do you have?

May I paste some code in to explain better?

I can screenshot it if that's good

So, I am listening for these events on the webhook and I need to locally save some of the stripe ID's which I do through a grpc call after the await in customer.subscription.created.

I'm a little confused as to whether or not this is what the webhooks should be used for. I was trying to follow the tutorial for some guidance but I got lost at the webhooks

The checkout session is created here btw

This is essentially logging the results into your system? eg, paymentService.NewSubscription() is saving teh checkout-created subscription in your own database?

Assuming thats the case, this is a perfect use case for webhooks 🙂

That is exactly the case, I just wanted to make sure this was compliant since I haven't worked with payment data at this level before

well, stripe handles it lol

Yep, you need to track this to provision actual user access following payment and manage your logins etc, all perfectly reasonable

Also, will subscriptions created from this checkout session automatically charge the payments on the interval or is it necessary to use the Subscription Schedule

Because from what I can tell, it's voodoo on the Stripe end and they just tell my server whether or not the charge happened

Subscription schedule is for scheduling changes to the subscritpion, not for payments

The subscription itself automatically renews and either charges the payment method you set or emails the customer, depending on what you use

Awesome, last question, I read in the docs or on stack overflow that you use the private key server side and the public key client side but I can't figure out a use for the private key. If my server is only logging and storing, do I need to use the private key on the backend anywhere or can I just use the public key on the client only

We call them secret (for the server, never share it) and publishable for the client-side application, all users can access this
https://stripe.com/docs/keys

The publishable key is use for client-side actions like confirming payments and collecting sensitive payment details from your customer

right, so if I am using the checkout session and billing portal respectively for the sensitive info, does that change anything or is it still the same use cases? For example, stripe creates the sub client side and then when the webhook is a success, we save the returned information on our server. Is that fine to keep on the client or should I refactor it server-side

not client side, from the checkout session sorry

Assuming you collect no payment info directly in your app and redirect to those stripe-hosted surfaces, you might not have any need for the publishable key

oh sweet, thank you so much for the help!

NP!

Actually that left me with another question, sorry for being a pain lol... will using these stripe api services work with the publishable key?

this.customerService = new CustomerService(stripeClient);
this.subscriptionService = new SubscriptionService(stripeClient);

this.stripeClient = new StripeClient("KEY HERE");

Generally no. A few parts of the API work with the publishable key in limited ways to facilitate those payment detail collection, but most interaction would be done form your server using secret keys

Okay, thank you!

My pleasure 🙂