#coryschires - billing
plush granite
Thanks!
hot palm
Are you able to share a request id here so I can further investigate this? Here's how you can find a request ID: https://support.stripe.com/questions/finding-the-id-for-an-api-request
plush granite
Sure. Looking...
If it helps, I don't think this happened bc of an API request I made. AFAIK, this is the default behavior when the invoice is created (i.e. if invoice is set to charge_automatically then Stripe changes the default payment method.
Here is an example of a charge where this was a problem: https://dashboard.stripe.com/events/evt_2KEhvmFH8YjjVMbF0C2ypE5c
So maybe this is what you want: https://dashboard.stripe.com/logs/req_IkgPYljB5zVrne
hot palm
let me test it real quick, I think you might be right that it's an expected behavior.
plush granite
Sounds good. I also may be providing a bad example. I'm pulling it from a really old issue on our end. (I've been meaning to get to the bottom of this problem for a while and finally have the time.)
In the meantime, I will see if I can find a newer / clearer example.
hot palm
I was able to test this on my end and can confirm that what you're describing is an expected behavior. To disable it it, you'd need to listen wot webhooks for customer.source.created and detach the source, https://stripe.com/docs/api/sources/detach from the customer.
No worries, the above example was pretty helpful.
plush granite
I'm curious why Stripe would work this way. After looking quickly at the hosted invoice (i.e. the page where you can pay via CC, ACH, etc), I don't see any indication that my card will be saved for future use (unless I just not seeing it). So it seems really odd – I would even say wrong – that Stripe would quietly save the users card info.
There must be some detail I am missing? Because, when I look at this, it seems like an unambiguous bug.
hot palm
Here is the documentation covering this behavior: https://stripe.com/docs/invoicing/hosted-invoice-page#payment-method-persistence
plush granite
Okay. That's fine. I still don't get it / agree. But it's not like I can change it and it's certainly not your fault.
I have one more question related to this...
As you said, I could delete the card using a webhook. That shouldn't be too difficult. The only tricky bit is somehow distinguishing between:
- A card that was explicitly added by a user through my app
- A card that was silently added by Stripe when paying via the hosted invoice page
Because, in short, I want to keep case 1 but delete case 2.
Do you know how I could make that distinction?
hot palm
Are you able to provide more information on how you add cards to your customers when not using the hosted invoice?
hot palm
Thank yo for providing this, you'd also listen to invoice.finalized webhook event and differentiate how the sources were created.
plush granite
I think I understand your suggestion.
Both scenarios will trigger the customer.source.created event, correct?
hot palm
That is correct!
plush granite
When I look at this page (i.e. the related API request from when I added the card thu my app)
hot palm
Oh wait!
plush granite
I see it has a source of Stripe/v1 RubyBindings/4.24.0 . Maybe I could somehow use that?
hot palm
let me further review this
hot palm
This might be what you're looking for. You can listen to the payment_method.attached event.. If it's non invoice, you'd see id: card_xxx: https://dashboard.stripe.com/test/events/evt_0KtHweFH8YjjVMbFLG2kx7Rj. On the other hand, for invoice you'd see src_xxx: https://dashboard.stripe.com/events/evt_0KsUMqFH8YjjVMbFvGAoT7za.