jarrett - invoice expiration | Stripe Developers | Page 1

steel remnant Mar 9, 2022, 4:28 PM

#

rotund bough Mar 9, 2022, 4:28 PM

#

@rocky parcel yes we have

#

@steel remnant I got it as we agreed

#

@rocky parcel we expire URLs after a while and then there's a recovery flow for the end customer if they need to get access

rocky parcel Mar 9, 2022, 4:38 PM

#

Ugh, this makes things complicated for us. we store the URL. Probably should document this in the API that the URLs expire.

#

thanks

rotund bough Mar 9, 2022, 4:39 PM

#

ah yeah good point, I'll flag to the product team to improve this

rocky parcel Mar 9, 2022, 4:40 PM

#

is this only changed on Invoices btw? or is this an across the board thing?

rotund bough Mar 9, 2022, 4:41 PM

#

It applies to other customer facing URLs like receipts and such and it will slowly apply to all of those for security reasons

rocky parcel Mar 9, 2022, 4:42 PM

#

i see

#

would be nice if there was a simple endpoint to get these URLs

rotund bough Mar 9, 2022, 4:43 PM

#

Not sure what that means, but if you retrieve the Invoice you get a fresh URL that works

rocky parcel Mar 9, 2022, 4:47 PM

#

We store the invoices and copies of all Stripe objects we use and keep them in sync with webhooks so we can make in application decisions without making API calls on various pages. Now this object will never be able to work that way any more because the URL will be junk after a few hours.

rotund bough Mar 9, 2022, 4:48 PM

#

it's not junk after a few hours though

rocky parcel Mar 9, 2022, 4:48 PM

#

And the only way to refresh it is to resync the whole object

#

how long does it last?

rotund bough Mar 9, 2022, 4:48 PM

#

the URL expires after 30 days I think and it refreshes every single time you retrieve the Invoice

#

But yes after 30d the URL is expired, but it still works. It doesn't just say "too bad, no URL there"

rocky parcel Mar 9, 2022, 4:48 PM

#

there is no way for us to know if the URL will be good or bad until a user clicks it

rotund bough Mar 9, 2022, 4:48 PM

#

it explicitly says "this URL expired but you can recover it by doing X" which is usually entering your email address or similar

rocky parcel Mar 9, 2022, 4:49 PM

#

rotund bough Mar 9, 2022, 4:49 PM

#

Do you have the invoice id for that one?

rocky parcel Mar 9, 2022, 4:49 PM

#

in_1KP2QIF6KG2nMs1l9LzqYAh6

rotund bough Mar 9, 2022, 4:52 PM

#

Thanks! Let me check internally,I thought it was supposed to ask the customer for their email address

rocky parcel Mar 9, 2022, 4:55 PM

#

thanks

rotund bough Mar 9, 2022, 5:24 PM

#

Okay sorry for the delay! I discussed this with the product and for now this is "by design". The "recovery flow" only works if the customer already received that invoice over email as documented here https://support.stripe.com/questions/invoice-link-expiration
It doesn't apply for charge_automatically invoices yet. I mentioned that we have the email from the customer internally so we could trust that and have them recover the link themselves which the team will investigate but it might take a while

#

For now, you might want to change your flow to not trust the cached URL and simply call the https://stripe.com/docs/api/invoices/retrieve and get a "fresh url" before redirecting them. A bit more work but that gives you a working URL

#jarrett - invoice expiration