For approximately how long is a Stripe card token (aquired through Stripe.js) valid? According to the docs:
The token is single-use only and has a short life. Use it in an API
call immediately.
I understand I shouldn't store the token for use later, but how short is "short" in this case? Should I expect it to expire within seconds or minutes?
(Although not relevant to the question itself, the reason I'm asking is that I would like to take the token exchange step out of the transaction that the user is waiting for, and let a background job handle the actual Stripe integration. Obviously, that's not a good idea if the token has a very short lifetime.)
The card token is valid for a few minutes (usually up to 10). What Stripe recommends in that case is to use the token now to create a customer via the API first to save its card and then let your background job handle the charge part after the fact.
This also ensures that the card is valid as Stripe runs a $0/$1 authorization on the card first. You can then give feedback to the customer immediately in case of an error.
Related
I am working with the Stripe API and I cannot find enough documentation regarding the on_session scenario.
I am saving the card after the first payment and setting the 'setup_future_usage' to 'on_session' because the customer is going to be always present in the checkout flow. However, this triggers authentication every time I try to pay something with the credit card number (4000002500003155). This type of credit card is intended to show only once the authentication process and to use the saved card for the subsequent off-session payment.
It's still totally possible that the issuing bank will require that you authenticate the future on-session payments. I don't think there's a test card to test the specific case you're trying to test though: https://stripe.com/docs/testing#regulatory-cards
On my site I'm giving users the option to save their card or not. If they choose to save it, I'm creating a Stripe customer object, and if not, I'm just saving the card token, and when it comes time to pay, if they have a Stripe Customer id then I charge that way, and if not, I charge the tokenized card.
There could be cases where a week or so passes before I would charge the card token. Would it still work, and is there anything else wrong with this setup?
Thanks for any advice.
Stripe Tokens are meant to be used within a short period of time from when they are created and should not be stored.
https://stripe.com/docs/api/tokens
If you are not charging the token immediately, I would recommend attaching it to a Customer in that scenario as well.
I am using Stripe in a 2 part payment process. i.e.
Pre-authorize the card calling the Charge object with capture = false
Do some database work
Charge the card using charge capture
Do, or should I attempt to cancel this pre-authorization, using the refund method, if step 2 fails (i.e. the DB work)?
I am concerned that if I don't then customers will get irate if they see a charge appear on their account for a couple of days. i.e. before it expires naturally.
If you know for sure you will not capture the charge, it's definitely better to cancel the authorization (by refunding the uncaptured charge) rather than letting it run out. The sooner you cancel the authorization, the sooner the charge will disappear from your customers' credit card statements.
From Stripe Documentation, there is no distinction between a VOID and REFUND, it's basically a reversal of the charge. A VOID would be issued if auth is not captured, that's my understanding.
How do I save a card to a customer with Stripe.js?
I don't want to change them at this point. I just want to save the credit card info to their stripe account so I can use it later.
It seems like I'd need to use createToken from Stipe.js. But my understanding is that this is a one time use token. I want to save the credit card info for later use.
This seems to be a similar question: Stripe Payment: Save token and customer and make payment later from token
but the solution isn't clear. I'm not sure if it means for the customer I need to save card=token and everything will work fine.
Though the question is an old one and solution of this problem is now pretty straightforward in the current Stripe API, I'm just answering for those who accidentally reached or will reach here without reading the Official Stripe Doc properly(like me) searching for this question.
To make a stripe payment You first need to make a call to the Stripe API(Using Stripe's Checkout widget, Elements or Mobile SDKs) with the User's card information. As a response, you will get a token. Then you can charge your customer immediately using Stripe's Charge API. This is for just one-time payment. You will find an example here.
If you want to save customer's information for later payment, you need to create a 'Customer' first using Stripe's API and then using that customer's ID (returned as a response from the previous API call) you can charge this customer. Example here.
I just described the process briefly to show the idea at a glance. But you should really need to read this quickstart guide in Stripe's documentation. This explains the process very well.
I just want to save the credit card info to their stripe account so I
can use it later.
Then that's exactly what you can do!
If you're already passing the token back into your server-side code, you just need to update that server-side code to retrieve the customer and create the card on that customer record using the token.
Not knowing what language you're using I can't provide relevant sample code, but the Stripe API reference has functional examples for Ruby, Python, PHP, Java, and Node.js.
Note that if the customer has any outstanding invoices, this card will be used the next time they attempt to settleāso while simply adding the card won't create a charge by itself, it's possible the card may still be billed.
A key point that the prior answers seems to dance around but do not explicitly state is that you can't simply save the credit card (token) in Stripe. Stripe's API's don't save credit cards per se, however, they can save a customer and attached to the customer you can save one more credit cards (or payment sources). So a credit card (or payment source) is not a stand alone entity in the Stripe storage system, it's a child entity of a Customer.
I am using Stripe for payment for the first time. While clicking on Pay button when we enter email, card number, date and cvc, I get an error message which asks me to activate my account. I learned that it takes all this information and returns a token which we can save in the database. How do I get a token in return?
thanks for thinking of using Stripe! I work on Support there and can help.
If you're getting that error message about activating your account, it's probably because you're using live keys but don't have a live, active account yet. If you email into Stripe support using the email address associated with your Stripe account, I could look into this for you further (e.g., looking at your logs and status).
As for the token, the token is a short-term representation of the customer's credit card information. You wouldn't need to store the token in your database. You should instead use it to process a charge, or create a customer, and then ignore it (because, at that point, the token will have been consumed).
For more, see this page in our docs:
https://stripe.com/docs/tutorials/charges
Cheers,
Larry