#stripe

at this point... she already has a past due invoice

so the source update paid it

I really just want to have them put the credit card on file so we can bill later. Can I just bill them 0 dollars using checkout?

then the update subscription (same plan) is called... but this one created a new invoice and paid it

@ajs, also can you tell me difference in secret and publishable key. I mean restrictions & when to use each ?

hey spacecadetbrown, you won't be able to set a specific cancel_at time, no. instead, you'd do this from your server (so you could e.g create a cron job for this or listen for the Nth invoice.payment_succeeded event and cancel then)

jack999: yeah, absolutely

jack999: you'd just modify checkout to say like "authorize card" and create a customer object with the token

ajs: so I can just bill them zero dollars using checkout?

Maybe I don't even have to add an amount.

jack999: no need to; checkout or creating a customer object automatically creates a $0/$1 auth ($1 if $0 isn't supported by the bank)

OK, thanks ajs_

jack999: https://support.stripe.com/questions/why-does-m...

spacecadetbrown: sure!

thai_: you can just not subscribe to a new plan if the customer is delinquent

Ok, thanks a lot ajs!

Hey there

need help

i have test php for stripe but there is error is found

yea so before the subscribe plan... the customer->source is updated... once that's done... it does a subscribe plan

the error is Class 'Stripe\Customer' not found

mac__: sure, the publishable key is what you'd use to create a token. the secret key is used server side and should be kept secret as the name implies: https://support.stripe.com/questions/what-happe...

stripe237: that means you probably haven't included the stripe library correctly

Hi there

thai_: when the source is updated the subscription isn't updated/added: it just pays the past due invoice if there is one and the customer stays on the same sub

thai_: if you're making a secondary call to create a sub, you want to not do that

hi stripe173

hi

there is new version in stripe

@ajs : which token creation are we talking of, that publishable key is used ?

Ok

mac__: creating a token with stripe.js or checkout: https://stripe.com/docs/stripe.js

mac__: that happens client-side. your customer types in their card details and the publishable key is used to send those card details to stripe and return a secure representation of them that can be used on your account

@ajs: you mean token against a card before making a charge ?

How do I type out?

I'm doing this for the first time

I mean where should I put publish key

stripe237: feel free to just ask if you have a question

mac__: right

mac__: two parts to this. 1. you'd create a token client side. that token is returned and you submit it to your server

mac__: 2. you use that token and your secret key to create a charge or customer object

@ajs, I am not creating token on client side but using the api from server side

@ajs: but using secret key itself for token generation, what you are suggesting is it can be done using publishable key itself

mac__: you should create a token client side unless you're maintaining your own PCI compliance. sending card details to your server requires much more work

Ok

mac__: https://stripe.com/docs/security

@ajs : we are maintaining PCI compliance. Not possible to do client side as per our implementation. This is for platform account by the way

OH ok

I will see to it and correct

we have a separate blackbox module which routes all the payments in our system

mac__: okay, if you handle PCI compliance yourself, have regular scans/have worked with a QSA and understand the implications, that's fine

@ajs - Yes, we have all those things covered. Any drawbacks in using secret key for token generation. It is from backend server

mac__: yeah, stripe.js provides additional fraud protection since it's able to look at many more things than just numbers that your server submits

@ajs : sure I would have preferred to use it but we have a limitation on it. But using Secret Key instead of publishable key from backend should be fine ?

mac__: yes

Hello

@ajs, Thanks a ton! Appreciated.

I need help regarding the stripe event api

mac__: most welcome

hello SwatiOFL, feel free to just ask if you have a question

the list all events api call has a attribute "types"

it says - types = An array of up to 20 strings containing specific event names.

how do I send array in request url?

types=[customer.subscription.updated,customer.subscription.deleted]

is this correct?

I get bad request error in response

SwatiOFL: yeah, you'll want to pass as strings, e.g "customer.subscription.updated", "customer.subscription.deleted"

ok let me try adding ""

{ "error": { "type": "invalid_request_error", "message": "Invalid array", "param": "types" } }

SwatiOFL: what's the request id?

I don't have a request id

request URL - https://api.stripe.com/v1/events?types=["cu...

SwatiOFL: you want https://api.stripe.com/v1/events?types[]=custom....

Thank you @hpar

this worked

thank you very much :)

cool! glad to hear :)

I cannot, for the life of me, find anywhere in the documentation that specifies how long after a capture we can refund a transaction.

does anyone here know what's the longest amount of time a transaction in refundable in stripe?

hey daxorid, i think that's typically around 90 days

ok thanks

daxorid: you could write in to get a more conclusive answer too: https://support.stripe.com/email

Yeah I just did, but my experience with stripe support is turnaround time on the order of a day, was hoping for a quicker answer from irc :)

daxorid: this channel exists for help with dev questions, but the support folks answer the majority of emails within a few hours

got it

Hi. I know when I create a Customer from a set of CC details, the CC details are "authorized" to ensure the card is valid. How far does that go? If it succeeds, then the card must be a real card, but what if it's blocked / reported stolen / expired?

hi dunpeal

dunpeal: you'll get a decline and you can display that to your customer

ajs_: thanks. how certain can I be that if the Customer creation succeeds, I can later charge that card?

dunpeal: not entirely. the customer's bank can block the charge, they might not have sufficient funds, etc.

ajs_: we're having lots of issues with customers whose cards get authorized, but then later we get a decline when we try to charge them. I wonder how much putting a hold for the expected amount can help.

dunpeal: if you create an authorization, you're guaranteed that amount

dunpeal: so in that sense it'd be the 100% sure way to know that you can charge that amount

dunpeal: but whether this fits your use case is up to you, of course

ajs_: really? what happenes if the card is stolen, and I create a hold, but then try to capture the funds later after the card was reported stolen and blocked?

ajs_: I suppose the capture will succeed, but then I'll get a chargeback later...

correct

once you've captured, those funds are held

*authorized, rather

ajs_: I see. so I just need to do what the URL you pasted earlier says: https://support.stripe.com/questions/does-strip...

yeah

i.e. create a charge with capture=false

thanks

Greetings all, just wanted to make sure, will stripe attempt to process a charge of $.01 USD? or is the minimum higher than that?

ajs_: is there a list of all reasons why an authorization may succeed, but a later charge not?

anyone here?