akii-clientsecret | Stripe Developers | Page 1

buoyant smelt Jul 6, 2022, 5:02 AM

#

Hi, do you mean PaymentIntent's ClientSecret?

#

where are you sending it to?

#

Normally it's safe to be exposed to client-side so it shouldn't be a problem to include in URL. But I wonder what scenario is that

abstract imp Jul 6, 2022, 5:15 AM

#

Yes its the Payment Intent's Client Secret.

#

stripe.confirmPayment({
//Elements instance that was used to create the Payment Element
elements,
confirmParams: {
return_url: "http://localhost:3006/user/settings/billing/plans/clientSecret"
}
});

#

It is hitting this URL

#

Stripe is hitting this URL along with ClientSecret

buoyant smelt Jul 6, 2022, 5:18 AM

#

why would you need clientSecret there? You can simply send in the PaymentIntent Id

#

return_url is the redirection after PI has successfully confirmed, so no need for client secret anymore

abstract imp Jul 6, 2022, 5:27 AM

#

Im not sending it, Stripe is redirecting me after successful payment to this URL along with payment intent id and ClientSecret attached.

buoyant smelt Jul 6, 2022, 5:31 AM

#

If you don't need it then feel free to remove it

#

abstract imp Jul 6, 2022, 5:33 AM

#

No i actually need it to get the Payment method id.

buoyant smelt Jul 6, 2022, 5:37 AM

#

To get the PaymentMethodId you only need the Payment Intent Id, I believe

#

You mean Stripe automatically included payment intent id and secret into the return_url, correct? Example?

#

Ah I see what you mean

#

It's safe, no worries

abstract imp Jul 6, 2022, 5:41 AM

#

Yes correct

#

Okay thanks for confirming

#akii-clientsecret