Ludvig-pi-receipt-page | Stripe Developers | Page 1

hot coral Mar 10, 2022, 12:38 PM

#

Hey! It's a legitimate concern for sure

#

It would be pretty difficult for somebody to ascertain a Payment Intent ID specifically for your account (your secret key can only fetch PIs on your account)

orchid hazel Mar 10, 2022, 12:44 PM

#

Sure, but how difficult? Difficult as in safe? I'm risking outing my customers orders and details to someone malicious.
Can you recommend me doing this or do you have any other option?

hot coral Mar 10, 2022, 12:46 PM

#

This is a method similar to what we recommend for Checkout Sessions: https://stripe.com/docs/payments/checkout/custom-success-page

Customize your success page

Learn how to display a confirmation page with your customer's order information.

#

I guess if you're concerned about security you could add an auth layer in there to check a session cookie against a value on the PI? Perhaps the email address?

orchid hazel Mar 10, 2022, 12:59 PM

#

I'll have a read. Yeah an auth layer could work to make things even harder. But I guess if stripe recommends a similar approach I'm assuming it's safe.

brisk saffron Mar 10, 2022, 1:03 PM

#

Hi! Yes this is the recommended approach.

orchid hazel Mar 10, 2022, 1:11 PM

#

Thanks a lot for the input from both of you!
Just making sure, this data would be okay to display in your opinion?

"amount": 10200,
"cardBrand": "visa",
"cardLastFour": "4242",
"currency": "eur",
"address": "Teststreet 12",
"city": "Berlin",
"email": "asdasd@asd.asd",
"firstName": "Asd",
"lastName": "Fgh",
"postalCode": "12312",
"shipping": "dhl",
"status": "succeeded"

#Ludvig-pi-receipt-page