#ErinaceusEAM-api-libraries

Hey! Which specific library are you looking to remove from your integration?

This one - stripe.handleCardAction
We want to redirect client from our side, without your JS library.

Hmm, that's not really possible without Stripe.js

Your entire flow seems a bit confused too. You shouldn't really confirm sever-side, or create a Payment Method directly on the API like you are

We want to do everything on the server side.
What would you suggest?

We want to do everything on the server side.
Well, you can't really. Our server-side APIs/tooling can't handle 3DS challenge flows, which is why Stripe.js is required

You should follow the guide here: https://stripe.com/docs/payments/accept-a-payment?platform=web&ui=elements

We want to collect card data on our side.

Do you have the necessary PCI compliance to handle card data?

https://stripe.com/docs/security/guide#validating-pci-compliance

This is not recommend for the majority of Stripe merchants

Yes, we are integrated to a PCI DSS certified Level 1 certified payment gateway

so it is going to be the gateway that is collecting the data on their side and passing it on to Stripe

If you are PCI compliant for handling PAN data, you will still need to utilise Stripe.js for the 3DS challenge flow (as part of SCA regulations)

There's no way to facilitate that entirely server-side (as it requires customer interaction via a UI)

The question is, how can we redirect customers to your side without the JS library?
If we redirect client to https://stripe.com/sources/test_source_3ds?source=src_1KtTaBGtmuM2mSqPZ9AVQZg4&liv[…]ThnGtmuM2mSqP5dm7ZyNe&amount=1099&currency=usd&usage=single_use all ok, but then client stay on your side.

As explained, you can't. Stripe.js has the logic to handle all of these redirects and returning the customer back to your site: https://stripe.com/docs/js/payment_intents/confirm_payment#confirm_payment_intent-options-confirmParams-return_url

That example URL you've shared is our test 3DS UI. In production, your customers will be redirected to bank/issuer pages to auth and confirm their payments

Stripe.js has the implementation to tell those banks where to return the customers to after they auth their payment. There's no way for you to build that logic yourself

Please advise Where can we specify the redirect url?

function handleServerResponse(response) {
if (response.error) {
// Show error from server on payment form
} else if (response.requires_action) {
// Use Stripe.js to handle required card action
stripe.handleCardAction(
response.payment_intent_client_secret
).then(handleStripeJsResult);
} else {
// Show success message
}
}

function handleStripeJsResult(result) {
if (result.error) {
// Show error in payment form
} else {
// The card action has been handled
// The PaymentIntent can be confirmed again on the server
fetch('/pay', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ payment_intent_id: result.paymentIntent.id })
}).then(function(confirmResult) {
return confirmResult.json();
}).then(handleServerResponse);
}
}

Well, you can't with handleCardAction. Why are you using that function? Why not confirmCardPayment instead? Then that eliminates the server-side call to confirm too

Because wi use this doc https://stripe.com/docs/payments/accept-a-payment-synchronously

Is there a particular reason why you need to do synchronous confirmation? Again, not recommended for most integrations

As you're using Stripe.js, you can handle confirmation client-side when you do the challenge flow

As I've said above, we are running through a gateway and need the card data to be collected on our side& Please advise as to how we can best integrate

And you can do that, yep! You can use confirmCardPayment with the existing Payment Method object you create via the API: https://stripe.com/docs/js/payment_intents/confirm_card_payment#stripe_confirm_card_payment-existing

This will handle 3DS/auth flows, and client-side confirmation

confirmCardPayment doesn't redirect the client to our side?

I'm not sure I understand the question

This flow is ok?
1)Created POST payment method https://api.stripe.com/v1/payment_methods
2)Created payment method https://api.stripe.com/v1/payment_intents
2.)We added return_url to created payment method and client return to us
3)Sent the client to stripe_js - https://hooks.stripe.com/redirect/authenticate/src_1KtEx9GtmuM2mSqPNxSR56BS?client_se[...]U3FQLF9MYVYVBtak5nYXg0VEJyT0ZKbHlGcW9HME5VdGtadk9s0100kYgPNUaN
{ "next_action": {
"type": "use_stripe_sdk",
{ "use_stripe_sdk": {
{ "type": "three_d_secure_redirect",
{ "stripe_js": "https://hooks.stripe.com/redirect/authenticate/src_1KtEx9GtmuM2mSqPNxSR56BS?client_secret=src_client_secret_yuu3HPPHr171rWuX4hEfvWbV&source_redirect_slug=test_YWNjdF8xS2Vjc1VHdG11TTJtU3FQLF9MYVBtak5nYXg0VEJyT0ZKbHlGcW9HME5VdGtadk9s0100kYgPNUaN",
"source": "src_1KtEx9GtmuM2mSqPNxSR56BS"
}
},
4)Confirmed payment POST https://api.stripe.com/v1/payment_intents/{{PAYMENT_INTENT_ID}}/confirm

We added return_url to created payment method and client return to us
Not sure that this means

Have you tested it out? Do you have a Payment Intent ID I can check?

payment_method - pm_1KtUqZGtmuM2mSqP8Fuw5K45
Payment Intent ID - pi_3KtUqfGtmuM2mSqP0B8i9bUy

Looks good to me!

Fantastic

thank you so much for all your help

Np!