#sean-paymentintents

hi there! if you're doing it this way then the 'confirmation' already happened

that's what confirm:true means, it means "try to immediately process the payment when I create the PaymentIntent"

you usually never use it unless you're initiating a payment from the backend on a saved card or you're using the legacy https://stripe.com/docs/payments/accept-a-payment-synchronously approach

I see, thanks for that. I just inherited the project so trying to figure out what the previous developer was doing

looks like "initiating a payment from the backend on a saved card" to me since it begins by listing the customer's saved card and then tries to charge it

so in that case you don't have to contact the customer, you tried to charge their saved card and it worked, you should check the $paymentIntentObject->status to understand the next step

https://stripe.com/docs/payments/save-during-payment-cards-only?platform=web#web-create-payment-intent-off-session is the flow you're doing here basically

On the stripe dashboard, I can see the payment attempts have uncaptured

yep, so you have to capture them

you're using auth-and-capture : https://stripe.com/docs/payments/capture-later it requires and extra API call to capture the payment, that API call does not need the customer, it's a backend action (like a hotel authorising your card can capture those funds automatically if they have to)

Thanks for being so helpful. If I have a customers card, what's stopping me charging them without their consent? Now that I have the card on Stripe, I can create payments myself on the backend without their authorisation...?

if it's really without their consent they would open a dispute with their bank