Reputation: 4378
Proper way to use Stripe's JS SDK on behalf of Connect accounts
I apologize that this is a little general, just trying to make sure I use best practice and haven't been able to find out what that is.
I'm cleaning up our use of Stripe and have found that the only way we've implemented API requests on behalf of managed / Connect accounts is by using straight up HTTP requests to the API endpionts, so that we can pass in the secret key of the account, doing https://${ACCOUNT_SECRET_KEY}:@${STRIPE_BASE_URL}/<endpoint>.
While this works, I'd like to clean things up to use the API instead.
I'm wondering, though, is there a way to do this using the same Stripe instance I have set up for our general platform usage? I.e. I have a stripe module with const Stripe = require('stripe')(STRIPE_SECRET_KEY), and use this to make API requests for creating transfers, adding customer cards, etc. I've been trying to comb Stripe's documentation to see if there's a way to pass in the secret key of the account I'm looking to make a request for, but I'm not seeing it.
Is my best bet to create a new instance of this Stripe object using the secret key of the connect account every time I want to make an API call? I.e. set up a new variable within a function instead of using the file level Stripe instance?
Edit to add some code examples of what I mean. I am pretty sure this is an option, but it seems like it might not be the best option since each of these individual functions is creating it's own entirely new instance of Stripe, which seems like it could get expensive, optimization wise. I'm just not really seeing an alternative.
const Stripe = require('Stripe');
const STRIPE_SECRET_KEY = <redacted>,
STRIPE_API_VERSION = <api date>,
stripe = Stripe(STRIPE_SECRET_KEY);
if( STRIPE_API_VERSION )
stripe.setApiVersion(STRIPE_API_VERSION);
// Example of API request from primary account
exports.createCustomerWithCardToken = (token, email) => {
const params = {
source: token,
email: email
};
return stripe.customers.create(params);
}
// Example of API request to managed account
exports.getAccountBalance = accountId => {
const ACCOUNT_SECRET = <get account secret from accountId>;
const managedStripe = Stripe(ACCOUNT_SECRET);
if( STRIPE_API_VERSION )
managedStripe.setApiVersion( STRIPE_API_VERSION ):
return managedStripe.balance.retrieve();
}
Upvotes: 0
Views: 392
Answers (1)
Reputation: 7268
You never need to use the connected account's API keys. You can simply pass the connected account's ID(acct_xxx) as a header on the API requests you make with your platform's account's API key, and this results in the request being processed on behalf of that connected account. All Stripe's official libraries have support for specifying this header.
https://stripe.com/docs/connect/authentication#stripe-account-header
For getting the balance of a connected account using stripe-node, the code would look like :
const stripe = require("stripe")(
"sk_test_xxxx" // platform account's API key
);
await stripe.balance.retrieve({stripe_account : "acct_1DfxucKloGbWHkkL"});
https://github.com/stripe/stripe-node/wiki/Passing-Options#options
This same optional argument can be used to perform any other API request(creating a customer, updating a customer's cards) on the connected account as well.
Upvotes: 2
Related Questions
- Stripe payments Workflow (any change if using Connect-API?)
- terms of service stripe connect
- create customer for stripe connected account node.js
- Stripe Connect - Provide Login Link for Standard Accounts
- Node.js Stripe Connect implementation with already created users on my platform
- Using Stripe Connect with stripe-node to charge shared customer
- How to use stripe connect payment gateway with node.js?
- Stripe: Accessing a payout from a charge
- How to integrate Stripe Connect with Node.js?
- Using stripe with Node