#Triveraguy - First Post

Hi 👋

From what you are describing the first place I would start is looking into our Setup Intents. This is how Stripe recommends collecting CC details and saving them to a Customer record for future use.

https://stripe.com/docs/payments/save-and-reuse?platform=web

Yeah, I know this not a charge or a subscription, and that Intents are the key. But the devs on my team says that a charge or a subscription MUST be a part of that intent. I'm not a talented enough dev to show them why not or how to do it.

They are incorrect.

Ha! I've actually given that exact link to a dev. LOL

The entire purpose of the Setup Intent is to capture card details for off-session use later

Hallelujah. So I'm not an idiot.

Nope. It sounds like your devs are confusing Setup Intents with Payment Intents. The first "sets up" a card for future charges, the second collects funds.

Cool. That's what I was thinking. Once a talented dev understands that, how long should it take for him to do it?

But once you have your payment details collected it will be important to make sure you create the subscriptions with off_session: true to ensure Stripe processes the charges properly

https://stripe.com/docs/api/subscriptions/create#create_subscription-off_session

Yeah. Once they've submitted their card info, that will be the last the customer will be doing. They will initiate a request for the service, but my client will be the one who will initiate the charge from the dashboard.

Ah okay. IMO it shouldn't take too long to set up but that depends on how complex your back & front ends are.

Integrating the Customer creation and Setup Intent creation logic isn't too complicated and we have code snippets that cover both sides of these steps. Figuring out where this fits in your larger application workflow is a design choice for you and your devs.

It's an old (5.6) version of Concrete 5. It's really been just a page with a form that stored the card numbers in the database, and the client has been grabbing the card info in the admin, writing them down in his notebook (!)

Thus the PCI-DSS fail.

I have no idea what Concrete 5 is. We support 7 different server-side languages though.

Yeah. PHP or JS both will work just fine

But yeah, raw card numbers anywhere is a PCI issue. That's why Stripe.jsj tokenizes the card info prior to saving the payment method

Once the card info has been submitted, the only thing that needs to happen is a thank you, and instructions on how to contact my client to request service.

Okay so I think that, once your devs understand what is and isn't required for Setup Intents, it should be fairly straightforward

OK. Cool.

We've also got more details about the API itself here: https://stripe.com/docs/payments/setup-intents

As developers they may find this interesting and useful

I tried to get him to post here and get his answer. But he's too proud to ask. 🙄

Yeah well if you're not in the right mindset it can just wind up making everyone frustrated. Maybe some serious reading and designing of workflows will help everyone get on the same page.

A Stripe-hosted page that does this woulda/shoulda/coulda made this so much easier.

Oh, you can use Stripe Checkout to collect card info

That's this doc's focus:
https://stripe.com/docs/payments/save-and-reuse?platform=checkout

Without a purchase?

Yup

#@$% LOL

You just need to specify mode: "setup"

Or....in PHP 'mode' => 'setup'

OK, thanks. Let me point him in that direction. If that doesn't work, I'll point him here to do it the other way.

👍