Connect
Get started
Onboard your accounts
Accept payments
Pay out
Manage funds
Manage accounts
Sign in
Support
Sign in
Sign up
Connect
Collect payments then pay out
HomePaymentsConnect

Collect payments then pay out

Collect payments from customers and pay them out to sellers or service providers.

This guide demonstrates how to accept payments and move funds to the bank accounts of your sellers or service providers. For demonstration purposes, we’ll build a home-rental marketplace that connects homeowners to people looking for a place to rent. You can use the concepts covered in this guide in other applications as well.

You can see a complete onboarding flow in action in our sample end-to-end Express integration.

Prerequisites

  1. Register your platform.
  2. Activate your account.
  3. Fill out your platform profile.
  4. Customize your brand settings on the Connect settings page. This information is required for Connect Onboarding.

1 Set up Stripe Server-side

Install Stripe’s official libraries so you can access the API from your application:

# Available as a gem
gem install stripe
# If you use bundler, you can add this line to your Gemfile
gem 'stripe'
# Install through pip
pip install --upgrade stripe
# Or find the Stripe package on http://pypi.python.org/pypi/stripe/
# Find the version you want to pin:
# https://github.com/stripe/stripe-python/blob/master/CHANGELOG.md
# Specify that version in your requirements.txt file
stripe>=2.48.0,<3.0
# Install the PHP library via Composer
composer require stripe/stripe-php
# Or download the source directly: https://github.com/stripe/stripe-php/releases
/*
 For Gradle, add the following dependency to your build.gradle and replace {VERSION} with
 the version number you want to use from
 - https://mvnrepository.com/artifact/com.stripe/stripe-java or
 - https://github.com/stripe/stripe-java/releases/latest
*/
implementation "com.stripe:stripe-java:{VERSION}"
<!--
  For Maven, add the following dependency to your POM and replace {VERSION} with the
  version number you want to use from
  - https://mvnrepository.com/artifact/com.stripe/stripe-java or
  - https://github.com/stripe/stripe-java/releases/latest
-->
<dependency>
  <groupId>com.stripe</groupId>
  <artifactId>stripe-java</artifactId>
  <version>{VERSION}</version>
</dependency>
# For other environments, manually install the following JARs:
# - The Stripe JAR from https://github.com/stripe/stripe-java/releases/latest
# - Google Gson from https://github.com/google/gson
# Install via npm
npm install --save stripe
# Make sure your project is using Go Modules
go mod init
# Install stripe-go
go get -u github.com/stripe/stripe-go/v71
// Then import the package
import (
  "github.com/stripe/stripe-go/v71"
)
# Install via dotnet
dotnet add package Stripe.net
dotnet restore
# Or install via NuGet
PM> Install-Package Stripe.net

2 Create a connected account

When a user (seller or service provider) signs up on your platform, create a user Account (referred to as a connected account) so you can accept payments and move funds to their bank account. Connected accounts represent your users in the Stripe API and help collect the information required to verify the user’s identity. In our home-rental example, the connected account represents the homeowner.

What you're building

The Connect button logo is available in our brand assets.

Step 2.1: Create an Express account and prefill information

Use the /v1/accounts API to create an Express account and set type to express in the account creation request.

curl https://api.stripe.com/v1/accounts \
  -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
  -d type=express

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

account = Stripe::Account.create({
  type: 'express',
})

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

account = stripe.Account.create(
  type='express',
)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

$account = \Stripe\Account::create([
  'country' => 'US',
  'type' => 'express',
]);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

AccountCreateParams params =
  AccountCreateParams.builder()
    .setType(AccountCreateParams.Type.EXPRESS)
    .build();

Account account = Account.create(params);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

const account = await stripe.accounts.create({
  type: 'express',
});

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

params := &stripe.AccountParams{
  Type: stripe.String(string(stripe.AccountTypeExpress)),
}
acct, _ := account.New(params)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

var options = new AccountCreateOptions
{
  Type = "express",
};

var service = new AccountService();
var account = service.Create(options);

If you already collected information for your connected accounts, you can prefill that information on the account object for the user and it won’t be collected again in the Connect Onboarding flow. Connect Onboarding only collects required information when you create or update an account.

Step 2.2: Create an account link

You can create an account link by calling the Account Links API with the following parameters:

  • account
  • refresh_url
  • return_url
  • type = account_onboarding
curl https://api.stripe.com/v1/account_links \
  -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
  -d account=acct_1032D82eZvKYlo2C \
  -d refresh_url="https://example.com/reauth" \
  -d return_url="https://example.com/return" \
  -d type=account_onboarding

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

account_links = Stripe::AccountLink.create({
  account: 'acct_1032D82eZvKYlo2C',
  refresh_url: 'https://example.com/reauth',
  return_url: 'https://example.com/return',
  type: 'account_onboarding',
})

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

account_links = stripe.AccountLink.create(
  account='acct_1032D82eZvKYlo2C',
  refresh_url='https://example.com/reauth',
  return_url='https://example.com/return',
  type='account_onboarding',
)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

$account_links = \Stripe\AccountLink::create([
  'account' => 'acct_1032D82eZvKYlo2C',
  'refresh_url' => 'https://example.com/reauth',
  'return_url' => 'https://example.com/return',
  'type' => 'account_onboarding',
]);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

AccountLinkCreateParams params =
  AccountLinkCreateParams.builder()
    .setAccount("acct_1032D82eZvKYlo2C")
    .setRefreshUrl("https://example.com/reauth")
    .setReturnUrl("https://example.com/return")
    .setType("account_onboarding")
    .build();

AccountLink accountLink = AccountLink.create(params);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

const accountLinks = await stripe.accountLinks.create({
  account: 'acct_1032D82eZvKYlo2C',
  refresh_url: 'https://example.com/reauth',
  return_url: 'https://example.com/return',
  type: 'account_onboarding',
});

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

params := &stripe.AccountLinkParams{
    Account: stripe.String("acct_1032D82eZvKYlo2C"),
    RefreshURL: stripe.String("https://example.com/reauth"),
    ReturnURL: stripe.String("https://example.com/return"),
    Type: stripe.String("account_onboarding"),
}
acc, _ := accountlink.New(params)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

var options = new AccountLinkCreateOptions
{
    Account = "acct_1032D82eZvKYlo2C",
    RefreshUrl = "https://example.com/reauth",
    ReturnUrl = "https://example.com/return",
    Type = "account_onboarding",
};
var service = new AccountLinkService();
var accountLink = service.Create(options);

Step 2.3: Redirect your user to the account link URL

The response to your Account Links request includes a value for the key url. Redirect to this link to send your user into the flow. URLs from the Account Links API are temporary and can only be used once, because they grant access to the account holder’s personal information. Authenticate the user in your application before redirecting them to this URL. If you want to prefill information, you must do so before generating the account link. After you create the account link for an Express account, you can’t read or write information for the account.

Step 2.4: Handle the user returning to your platform

Connect Onboarding requires you to pass both a return_url and refresh_url to handle all cases where the user is redirected to your platform. It’s important that you implement these correctly to provide the best experience for your user.

return_url

Stripe issues a redirect to this URL when the user completes the Connect Onboarding flow. This doesn’t mean that all information has been collected or that there are no outstanding requirements on the account. This only means the flow was entered and exited properly.

No state is passed through this URL. After a user is redirected to your return_url, check the state of the details_submitted parameter on their account by doing either of the following:

  • Listening to account.updated webhooks
  • Calling the Accounts API and inspecting the returned object

refresh_url

Your user will be redirected to the refresh_url in these cases:

  • The link is expired (a few minutes went by since the link was created).
  • The link was already visited (the user refreshed the page or clicked back or forward in the browser).
  • Your platform is no longer able to access the account.
  • The account has been rejected.

Your refresh_url should trigger a method on your server to call Account Links again with the same parameters, and redirect the user to the Connect Onboarding flow to create a seamless experience.

Step 2.5: Handle users that haven't completed onboarding

A user that’s redirected to your return_url might not have completed the onboarding process. Use the /v1/accounts endpoint to retrieve the user’s account and check for charges_enabled. If the account isn’t fully onboarded, provide UI prompts to allow the user to continue onboarding later. The user can complete their account activation through a new account link (generated by your integration). You can check the state of the details_submitted parameter on their account to see if they’ve completed the onboarding process.

3 Accept a payment

Stripe Elements is a set of prebuilt UI components, like inputs and buttons, for building your checkout flow. If you’d rather not build your own payment form, consider Checkout, a Stripe-hosted page to accept payments for one-time purchases and subscriptions.

What you're building

Step 3.1: Create a PaymentIntent Server-side

Stripe uses a PaymentIntent object to represent your intent to collect payment from a customer, tracking charge attempts and payment state changes throughout the process.

Create a PaymentIntent on your server with an amount and currency. Always decide how much to charge on the server side, a trusted environment, as opposed to the client. This prevents malicious customers from being able to choose their own prices.

curl https://api.stripe.com/v1/payment_intents \
  -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
  -d "payment_method_types[]"=card \
  -d amount=1000 \
  -d currency=usd \
  -d application_fee_amount=123 \
  -d "transfer_data[destination]"="{{CONNECTED_STRIPE_ACCOUNT_ID}}"

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

payment_intent = Stripe::PaymentIntent.create({
  payment_method_types: ['card'],
  amount: 1000,
  currency: 'usd',
  application_fee_amount: 123,
  transfer_data: {
    destination: '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
  },
})

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

payment_intent = stripe.PaymentIntent.create(
  payment_method_types=['card'],
  amount=1000,
  currency='usd',
  application_fee_amount=123,
  transfer_data={
    'destination': '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
  }
)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

$payment_intent = \Stripe\PaymentIntent::create([
  'payment_method_types' => ['card'],
  'amount' => 1000,
  'currency' => 'usd',
  'application_fee_amount' => 123,
  'transfer_data' => [
    'destination' => '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
  ],
]);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

ArrayList paymentMethodTypes = new ArrayList();
paymentMethodTypes.add("card");

Map<String, Object> params = new HashMap<>();
params.put("payment_method_types", paymentMethodTypes);
params.put("amount", 1000);
params.put("currency", "usd");
params.put("application_fee_amount", 123);
Map<String, Object> transferDataParams = new HashMap<>();
transferDataParams.put("destination", "{{CONNECTED_STRIPE_ACCOUNT_ID}}");
params.put("transfer_data", transferDataParams);
PaymentIntent paymentIntent = PaymentIntent.create(params);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

const paymentIntent = await stripe.paymentIntents.create({
  payment_method_types: ['card'],
  amount: 1000,
  currency: 'usd',
  application_fee_amount: 123,
  transfer_data: {
    destination: '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
  },
});

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

params := &stripe.PaymentIntentParams{
  PaymentMethodTypes: stripe.StringSlice([]string{
    "card",
  }),
  Amount: stripe.Int64(1000),
  Currency: stripe.String(string(stripe.CurrencyUSD)),
  ApplicationFeeAmount: stripe.Int64(123),
  TransferData: &stripe.PaymentIntentTransferDataParams{
    Destination: stripe.String("{{CONNECTED_STRIPE_ACCOUNT_ID}}"),
  },
}
pi, _ := paymentintent.New(params)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

var service = new PaymentIntentService();
var createOptions = new PaymentIntentCreateOptions
{
  PaymentMethodTypes = new List<string>
  {
    "card",
  },
  Amount = 2000,
  Currency = "usd",
  ApplicationFeeAmount = 123,
  TransferData = new PaymentIntentTransferDataOptions 
  {
    Destination = "{{CONNECTED_STRIPE_ACCOUNT_ID}}",
  },
};
service.Create(createOptions);

In our home-rental example, we want to build an experience where customers pay for rentals by using our platform, and where we pay homeowners for renting to customers. To set this experience up:

  • Indicate the rental is a destination charge with transfer_data[destination].
  • Specify how much of the rental amount will go to the platform with application_fee_amount.

When a rental charge occurs, Stripe transfers the entire amount to the connected account’s pending balance (transfer_data[destination]). Afterward, Stripe transfers the fee amount (application_fee_amount) to the platform’s account, which is the share of the revenue for facilitating the rental. Then, Stripe deducts the Stripe fees from the platform’s fee amount. An illustration of this funds flow is below:

Included in the returned PaymentIntent is a client secret, which is used on the client side to securely complete the payment process instead of passing the entire PaymentIntent object. There are different approaches that you can use to pass the client secret to the client side.

You can retrieve the client secret from an endpoint on your server using the browser’s fetch function on the client side. This approach is generally most suitable when your client side is a single-page application, particularly one built with a modern frontend framework such as React. This example shows how to create the server endpoint that serves the client secret:

get '/secret' do
  intent = # ... Create or retrieve the PaymentIntent
  {client_secret: intent.client_secret}.to_json
end
from flask import Flask, jsonify
app = Flask(__name__)

@app.route('/secret')
def secret():
  intent = # ... Create or retrieve the PaymentIntent
  return jsonify(client_secret=intent.client_secret)
<?php
    $intent = # ... Create or retrieve the PaymentIntent
    echo json_encode(array('client_secret' => $intent->client_secret));
?>
import java.util.HashMap;
import java.util.Map;

import com.stripe.model.PaymentIntent;

import com.google.gson.Gson;

import static spark.Spark.get;

public class StripeJavaQuickStart {
    public static void main(String[] args) {
      Gson gson = new Gson();

      get("/secret", (request, response) -> {
        PaymentIntent intent = // ... Fetch or create the PaymentIntent

        Map<String, String> map = new HashMap();
        map.put("client_secret", intent.getClientSecret());

        return map;
      }, gson::toJson);
    }
}
const express = require('express');
const app = express();

app.get('/secret', async (req, res) => {
  const intent = // ... Fetch or create the PaymentIntent
  res.json({client_secret: intent.client_secret});
});

app.listen(3000, () => {
  console.log('Running on port 3000');
});
package main

import (
  "encoding/json"
  "net/http"

  stripe "github.com/stripe/stripe-go/v71"
)

type CheckoutData struct {
  ClientSecret string `json:"client_secret"`
}

func main() {
  http.HandleFunc("/secret", func(w http.ResponseWriter, r *http.Request) {
    intent := // ... Fetch or create the PaymentIntent
    data := CheckoutData{
      ClientSecret: intent.ClientSecret,
    }
    w.Header().Set("Content-Type", "application/json")
    w.WriteHeader(http.StatusOK)
    json.NewEncoder(w).Encode(data)
  })

  http.ListenAndServe(":3000", nil)
}
using System;
using Microsoft.AspNetCore.Mvc;
using Stripe;

namespace StripeExampleApi.Controllers
{
    [Route("secret")]
    [ApiController]
    public class CheckoutApiController : Controller
    {
        [HttpGet]
        public ActionResult Get()
        {
            var intent = // ... Fetch or create the PaymentIntent
            return Json(new {client_secret = intent.ClientSecret});
        }
    }
}

This example demonstrates how to fetch the client secret with JavaScript on the client side:

var response = fetch('/secret').then(function(response) {
  return response.json();
}).then(function(responseJson) {
  var clientSecret = responseJson.client_secret;
  // Call stripe.confirmCardPayment() with the client secret.
});
(async () => {
  const response = await fetch('/secret');
  const {client_secret: clientSecret} = await response.json();
  // Call stripe.confirmCardPayment() with the client secret.
})();

If your application uses server-side rendering, you may wish to use your template framework to embed the client secret in the HTML output of your checkout page during rendering. You can embed it in a data attribute or hidden HTML element and then extract it with JavaScript in order to use it to complete payment.

<input id="card-name" type="text">
<!-- placeholder for Elements -->
<div id="card-element"></div>
<button id="card-button" data-secret="<%= @intent.client_secret %>">Submit Payment</button>
get '/checkout' do
  @intent = # ... Fetch or create the PaymentIntent
  erb :checkout
end
<input id="card-name" type="text">
<!-- placeholder for Elements -->
<div id="card-element"></div>
<button id="card-button" data-secret="{{ client_secret }}">
  Submit Payment
</button>
@app.route('/checkout')
def checkout():
  intent = # ... Fetch or create the PaymentIntent
  return render_template('checkout.html', client_secret=intent.client_secret)
<?php
    $intent = # ... Fetch or create the PaymentIntent;
?>
...
<input id="card-name" type="text">
<!-- placeholder for Elements -->
<div id="card-element"></div>
<button id="card-button" data-secret="<?= $intent->client_secret ?>">
  Submit Payment
</button>
...
<input id="card-name" type="text">
<!-- placeholder for Elements -->
<div id="card-element"></div>
<button id="card-button" data-secret="{{ client_secret }}">
  Submit Payment
</button>
import java.util.HashMap;
import java.util.Map;

import com.stripe.model.PaymentIntent;

import spark.ModelAndView;

import static spark.Spark.get;

public class StripeJavaQuickStart {
    public static void main(String[] args) {
        get("/checkout", (request, response) -> {
          PaymentIntent intent = // ... Fetch or create the PaymentIntent

          Map map = new HashMap();
          map.put("client_secret", intent.getClientSecret());

          return new ModelAndView(map, "checkout.hbs");
        }, new HandlebarsTemplateEngine());
    }
}
<input id="card-name" type="text">
<!-- placeholder for Elements -->
<div id="card-element"></div>
<button id="card-button" data-secret="{{ client_secret }}">
  Submit Payment
</button>
const express = require('express');
const expressHandlebars = require('express-handlebars');
const app = express();

app.engine('.hbs', expressHandlebars({ extname: '.hbs' }));
app.set('view engine', '.hbs');
app.set('views', './views');

app.get('/checkout', async (req, res) => {
  const intent = // ... Fetch or create the PaymentIntent
  res.render('checkout', { client_secret: intent.client_secret });
});

app.listen(3000, () => {
  console.log('Running on port 3000');
});
<input id="card-name" type="text">
<!-- placeholder for Elements -->
<div id="card-element"></div>
<button id="card-button" data-secret="{{ .ClientSecret }}">
  Submit Payment
</button>
package main

import (
  "html/template"
  "net/http"

  stripe "github.com/stripe/stripe-go/v71"
)

type CheckoutData struct {
  ClientSecret string
}

func main() {
  checkoutTmpl := template.Must(template.ParseFiles("views/checkout.html"))

  http.HandleFunc("/checkout", func(w http.ResponseWriter, r *http.Request) {
    intent := // ... Fetch or create the PaymentIntent
    data := CheckoutData{
      ClientSecret: intent.ClientSecret,
    }
    checkoutTmpl.Execute(w, data)
  })

  http.ListenAndServe(":3000", nil)
}
<input id="card-name" type="text">
<!-- placeholder for Elements -->
<div id="card-element"></div>
<button id="card-button" data-secret="@ViewData["ClientSecret"]">
  Submit Payment
</button>
using System;
using Microsoft.AspNetCore.Mvc;
using Stripe;

namespace StripeExampleApi.Controllers
{
    [Route("/[controller]")]
    public class CheckoutController : Controller
    {
        public IActionResult Index()
        {
          var intent = // ... Fetch or create the PaymentIntent
          ViewData["ClientSecret"] = intent.ClientSecret;
          return View();
        }
    }
}

Step 3.2: Collect card details Client-side

You’re ready to collect card information on the client with Stripe Elements. Elements is a set of prebuilt UI components for collecting and validating card number, ZIP code, and expiration date.

A Stripe Element contains an iframe that securely sends the payment information to Stripe over a HTTPS connection. The checkout page address must also start with https:// rather than http:// for your integration to work.

You can test your integration without using HTTPS. Enable it when you’re ready to accept live payments.

Set up Stripe Elements

Stripe Elements is automatically available as a feature of Stripe.js. Include the Stripe.js script on your checkout page by adding it to the head of your HTML file. Always load Stripe.js directly from js.stripe.com to remain PCI compliant. Do not include the script in a bundle or host a copy of it yourself.

<head>
  <title>Checkout</title>
  <script src="https://js.stripe.com/v3/"></script>
</head>

Create an instance of Elements with the following JavaScript on your checkout page:

// Set your publishable key: remember to change this to your live publishable key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
var stripe = Stripe('pk_test_TYooMQauvdEDq54NiTphI7jx');
var elements = stripe.elements();

Add Elements to your payment page

Elements needs a place to live in your payment form. Create empty DOM nodes (containers) with unique IDs in your payment form and then pass those IDs to Elements.

<form id="payment-form">
  <div id="card-element">
    <!-- Elements will create input elements here -->
  </div>

  <!-- We'll put the error messages in this element -->
  <div id="card-errors" role="alert"></div>

  <button id="submit">Pay</button>
</form>

When the form above has loaded, create an instance of an Element and mount it to the Element container:

// Set up Stripe.js and Elements to use in checkout form
var elements = stripe.elements();
var style = {
  base: {
    color: "#32325d",
  }
};

var card = elements.create("card", { style: style });
card.mount("#card-element");

The card Element simplifies the form and minimizes the number of required fields by inserting a single, flexible input field that securely collects all necessary card and billing details. Otherwise, combine cardNumber, cardExpiry, and cardCvc Elements for a flexible, multi-input card form.

For a full list of supported Element types, refer to our Stripe.js reference documentation.

Elements validates user input as it is typed. To help your customers catch mistakes, listen to change events on the card Element and display any errors:

card.on('change', ({error}) => {
  let displayError = document.getElementById('card-errors');
  if (error) {
    displayError.textContent = error.message;
  } else {
    displayError.textContent = '';
  }
});

card.on('change', function(event) {
  var displayError = document.getElementById('card-errors');
  if (event.error) {
    displayError.textContent = event.error.message;
  } else {
    displayError.textContent = '';
  }
});

Postal code validation depends on your customer’s billing country. Use our international test cards to experiment with other postal code formats.

Install React Stripe.js and the Stripe.js loader from the npm public registry.

npm install --save @stripe/react-stripe-js @stripe/stripe-js

We also provide a UMD build for sites that do not use npm or modules.

Include the Stripe.js script, which exports a global Stripe function, and the UMD build of React Stripe.js, which exports a global ReactStripe object. Always load the Stripe.js script directly from js.stripe.com to remain PCI compliant. Do not include the script in a bundle or host a copy of it yourself.

<!-- Stripe.js -->
<script src="https://js.stripe.com/v3/"></script>

<!-- React Stripe.js development build -->
<script src="https://unpkg.com/@stripe/react-stripe-js@latest/dist/react-stripe.umd.js"></script>

<!-- When you are ready to deploy your site to production, remove the
     above development script, and include the following production build. -->
<script src="https://unpkg.com/@stripe/react-stripe-js@latest/dist/react-stripe.umd.min.js"></script>

Add Stripe.js and Elements to your page

To use Element components, wrap the root of your React app in an Elements provider. Call loadStripe with your publishable key and pass the returned Promise to the Elements provider.

import React from 'react';
import ReactDOM from 'react-dom';
import {Elements} from '@stripe/react-stripe-js';
import {loadStripe} from '@stripe/stripe-js';

import CheckoutForm from './CheckoutForm';

// Make sure to call `loadStripe` outside of a component’s render to avoid
// recreating the `Stripe` object on every render.
const stripePromise = loadStripe("pk_test_TYooMQauvdEDq54NiTphI7jx");

function App() {
  return (
    <Elements stripe={stripePromise}>
      <CheckoutForm />
    </Elements>
  );
};

ReactDOM.render(<App />, document.getElementById('root'));

Add and configure a CardElement component

Use individual Element components, such as CardElement, to build your form.

/**
* Use the CSS tab above to style your Element's container.
*/
import React from 'react';
import {CardElement} from '@stripe/react-stripe-js';
import './CardSectionStyles.css'

const CARD_ELEMENT_OPTIONS = {
  style: {
    base: {
      color: "#32325d",
      fontFamily: '"Helvetica Neue", Helvetica, sans-serif',
      fontSmoothing: "antialiased",
      fontSize: "16px",
      "::placeholder": {
        color: "#aab7c4",
      },
    },
    invalid: {
      color: "#fa755a",
      iconColor: "#fa755a",
    },
  },
};

function CardSection() {
  return (
    <label>
      Card details
      <CardElement options={CARD_ELEMENT_OPTIONS} />
    </label>
  );
};

export default CardSection;

/**
* Shows how you can use CSS to style your Element's container.
* These classes are added to your Stripe Element by default.
* You can override these classNames by using the options passed
* to the CardElement component.
* https://stripe.com/docs/js/elements_object/create_element?type=card#elements_create-options-classes
*/

.StripeElement {
  height: 40px;
  padding: 10px 12px;
  width: 100%;
  color: #32325d;
  background-color: white;
  border: 1px solid transparent;
  border-radius: 4px;

  box-shadow: 0 1px 3px 0 #e6ebf1;
  -webkit-transition: box-shadow 150ms ease;
  transition: box-shadow 150ms ease;
}

.StripeElement--focus {
  box-shadow: 0 1px 3px 0 #cfd7df;
}

.StripeElement--invalid {
  border-color: #fa755a;
}

.StripeElement--webkit-autofill {
  background-color: #fefde5 !important;
}

Elements are completely customizable. You can style Elements to match the look and feel of your site, providing a seamless checkout experience for your customers. It’s also possible to style various input states, for example when the Element has focus.

The CardElement simplifies the form and minimizes the number of required fields by inserting a single, flexible input field that securely collects all necessary card and billing details. Otherwise, combine CardNumberElement, CardExpiryElement, and CardCvcElement elements for a flexible, multi-input card form.

Step 3.3: Submit the payment to Stripe Client-side

Rather than sending the entire PaymentIntent object to the client, use its client secret from Step 3.1. This is different from your API keys that authenticate Stripe API requests.

The client secret should still be handled carefully because it can complete the charge. Do not log it, embed it in URLs, or expose it to anyone but the customer.

To complete the payment when the user clicks, retrieve the client secret from the PaymentIntent you created in step 3.1 and call stripe.confirmCardPayment with the client secret.

Pass additional billing details, such as the cardholder name and address, to the billing_details hash. The card Element automatically sends the customer’s postal code information. However, combining cardNumber, cardCvc, and cardExpiry Elements requires you to pass the postal code to billing_details[address][postal_code].

var form = document.getElementById('payment-form');

form.addEventListener('submit', function(ev) {
  ev.preventDefault();
  stripe.confirmCardPayment(clientSecret, {
    payment_method: {
      card: card,
      billing_details: {
        name: 'Jenny Rosen'
      }
    }
  }).then(function(result) {
    if (result.error) {
      // Show error to your customer (e.g., insufficient funds)
      console.log(result.error.message);
    } else {
      // The payment has been processed!
      if (result.paymentIntent.status === 'succeeded') {
        // Show a success message to your customer
        // There's a risk of the customer closing the window before callback
        // execution. Set up a webhook or plugin to listen for the
        // payment_intent.succeeded event that handles any business critical
        // post-payment actions.
      }
    }
  });
});

If the customer must authenticate the card, Stripe.js walks them through that process by showing them a modal. You can see an example of this modal experience by using the test card number 4000 0025 0000 3155 with any CVC, future expiration date, and postal code in the demo at the top of the page.

When the payment completes successfully, the value of the returned PaymentIntent’s status property is succeeded. Check the status of a PaymentIntent in the Dashboard or by inspecting the status property on the object. If the payment is not successful, inspect the returned error to determine the cause.

To complete the payment when the user clicks, retrieve the client secret from the PaymentIntent you created in step two and call stripe.confirmCardPayment with the client secret and the Element. Pass additional billing details, such as the cardholder name and address, to the billing_details hash.

To call stripe.confirmCardPayment from your payment form component, use the useStripe and useElements hooks.

If you prefer traditional class components over hooks, you can instead use an ElementsConsumer.

import React from 'react';
import {useStripe, useElements, CardElement} from '@stripe/react-stripe-js';

import CardSection from './CardSection';

export default function CheckoutForm() {
  const stripe = useStripe();
  const elements = useElements();

  const handleSubmit = async (event) => {
    // We don't want to let default form submission happen here,
    // which would refresh the page.
    event.preventDefault();

    if (!stripe || !elements) {
      // Stripe.js has not yet loaded.
      // Make sure to disable form submission until Stripe.js has loaded.
      return;
    }

    const result = await stripe.confirmCardPayment('{CLIENT_SECRET}', {
      payment_method: {
        card: elements.getElement(CardElement),
        billing_details: {
          name: 'Jenny Rosen',
        },
      }
    });

    if (result.error) {
      // Show error to your customer (e.g., insufficient funds)
      console.log(result.error.message);
    } else {
      // The payment has been processed!
      if (result.paymentIntent.status === 'succeeded') {
        // Show a success message to your customer
        // There's a risk of the customer closing the window before callback
        // execution. Set up a webhook or plugin to listen for the
        // payment_intent.succeeded event that handles any business critical
        // post-payment actions.
      }
    }
  };

  return (
    <form onSubmit={handleSubmit}>
      <CardSection />
      <button disabled={!stripe}>Confirm order</button>
    </form>
  );
}

import React from 'react';
import {ElementsConsumer, CardElement} from '@stripe/react-stripe-js';

import CardSection from './CardSection';

class CheckoutForm extends React.Component {
  handleSubmit = async (event) => {
    // We don't want to let default form submission happen here,
    // which would refresh the page.
    event.preventDefault();

    const {stripe, elements} = this.props

    if (!stripe || !elements) {
      // Stripe.js has not yet loaded.
      // Make  sure to disable form submission until Stripe.js has loaded.
      return;
    }

    const result = await stripe.confirmCardPayment('{CLIENT_SECRET}', {
      payment_method: {
        card: elements.getElement(CardElement),
        billing_details: {
          name: 'Jenny Rosen',
        },
      }
    });

    if (result.error) {
      // Show error to your customer (e.g., insufficient funds)
      console.log(result.error.message);
    } else {
      // The payment has been processed!
      if (result.paymentIntent.status === 'succeeded') {
        // Show a success message to your customer
        // There's a risk of the customer closing the window before callback
        // execution. Set up a webhook or plugin to listen for the
        // payment_intent.succeeded event that handles any business critical
        // post-payment actions.
      }
    }
  };

  render() {
    return (
      <form onSubmit={this.handleSubmit}>
        <CardSection />
        <button disabled={!this.props.stripe}>Confirm order</button>
      </form>
    );
  }
}

export default function InjectedCheckoutForm() {
  return (
    <ElementsConsumer>
      {({stripe, elements}) => (
        <CheckoutForm  stripe={stripe} elements={elements} />
      )}
    </ElementsConsumer>
  );
}

If the customer must authenticate the card, Stripe.js walks them through that process by showing them a modal. You can see an example of this modal experience by using the test card number 4000 0025 0000 3155 with any CVC, future expiration date, and postal code in the demo at the top of the page.

When the payment completes successfully, the value of the returned PaymentIntent’s status property is succeeded. Check the status of a PaymentIntent in the Dashboard or by inspecting the status property on the object. If the payment is not successful, inspect the returned error to determine the cause.

Step 3.4: Fulfillment Server-side

After the payment is completed, you’ll need to handle any fulfillment necessary on your end. A home-rental company that requires payment upfront, for instance, would connect the homeowner with the renter after a successful payment.

Configure a webhook endpoint (for events from your account) in your dashboard.

Then create an HTTP endpoint on your server to monitor for completed payments to then enable your sellers or service providers to fulfill purchases.

# Using Sinatra.
require 'sinatra'
require 'stripe'

set :port, 4242

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

# Uncomment and replace with a real secret. You can find your endpoint's
# secret in your webhook settings.
# webhook_secret = 'whsec_...'

post '/webhook' do
  payload = request.body.read
  sig_header = request.env['HTTP_STRIPE_SIGNATURE']

  event = nil

  # Verify webhook signature and extract the event.
  # See https://stripe.com/docs/webhooks/signatures for more information.
  begin
    event = Stripe::Webhook.construct_event(
      payload, sig_header, webhook_secret
    )
  rescue JSON::ParserError => e
    # Invalid payload.
    status 400
    return
  rescue Stripe::SignatureVerificationError => e
    # Invalid Signature.
    status 400
    return
  end

  if event['type'] == 'payment_intent.succeeded'
    payment_intent = event['data']['object']
    handle_successful_payment_intent(payment_intent)
  end

  status 200
end

def handle_successful_payment_intent(payment_intent)
  # Fulfill the purchase.
  puts payment_intent.to_s
end
import stripe
import json

# Using Flask.
from flask import (
    Flask,
    render_template,
    request,
    Response,
)

app = Flask(__name__, static_folder=".",
            static_url_path="", template_folder=".")

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

# Uncomment and replace with a real secret. You can find your endpoint's
# secret in your webhook settings.
# webhook_secret = 'whsec_...'

@app.route("/webhook", methods=["POST"])
def webhook_received():
  request_data = json.loads(request.data)
  signature = request.headers.get("stripe-signature")

  # Verify webhook signature and extract the event.
  # See https://stripe.com/docs/webhooks/signatures for more information.
  try:
    event = stripe.Webhook.construct_event(
        payload=request.data, sig_header=signature, secret=webhook_secret
    )
  except ValueError as e:
    # Invalid payload.
    return Response(status=400)
  except stripe.error.SignatureVerificationError as e:
    # Invalid Signature.
    return Response(status=400)

  if event["type"] == "payment_intent.succeeded":
    payment_intent = event["data"]["object"]
    handle_successful_payment_intent(payment_intent)

  return json.dumps({"success": True}), 200

def handle_successful_payment_intent(payment_intent):
  # Fulfill the purchase.
  print(str( payment_intent))

if __name__ == "__main__":
  app.run(port=4242)
<?php
// Using Slim.
use Slim\Http\Request;
use Slim\Http\Response;
use Stripe\Stripe;

require_once('vendor/autoload.php');

$app = new \Slim\App;

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

// Uncomment and replace with a real secret. You can find your endpoint's
// secret in your webhook settings.
// $webhook_secret = 'whsec_...';

$app->post('/webhook', function ($request, $response, $next) {
  $payload = $request->getBody();
  $sig_header = $request->getHeaderLine('stripe-signature');

  $event = null;

  // Verify webhook signature and extract the event.
  // See https://stripe.com/docs/webhooks/signatures for more information.
  try {
    $event = \Stripe\Webhook::constructEvent(
      $payload, $sig_header, $webhook_secret
    );
  } catch(\UnexpectedValueException $e) {
    // Invalid payload.
    return $response->withStatus(400);
  } catch(\Stripe\Exception\SignatureVerificationException $e) {
    // Invalid Signature.
    return $response->withStatus(400);
  }

  if ($event->type == 'payment_intent.succeeded') {
    $paymentIntent = $event->data->object;
    handleSuccessfulPaymentIntent($paymentIntent);
  }

  return $response->withStatus(200);
});

function handleSuccessfulPaymentIntent($paymentIntent) {
  // Fulfill the purchase.
  echo $paymentIntent;
};

$app->run();
// Using Express
const express = require('express');
const bodyParser = require("body-parser");
const app = express();
app.use(express.json());

// Use JSON parser for all non-webhook routes
app.use((req, res, next) => {
  if (req.originalUrl === "/webhook") {
    next();
  } else {
    bodyParser.json()(req, res, next);
  }
});

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

// Uncomment and replace with a real secret. You can find your endpoint's
// secret in your webhook settings.
// const webhook_secret = 'whsec_...''

app.post('/webhook', bodyParser.raw({type: 'application/json'}), (request, response) => {
  const sig = request.headers['stripe-signature'];

  let event;

  // Verify webhook signature and extract the event.
  // See https://stripe.com/docs/webhooks/signatures for more information.
  try {
    event = stripe.webhooks.constructEvent(request.body, sig, webhook_secret);
  } catch (err) {
    return response.status(400).send(`Webhook Error: ${err.message}`);
  }

  if (event.type === 'payment_intent.succeeded') {
    const paymentIntent = event.data.object;
    handleSuccessfulPaymentIntent(paymentIntent);
  }

  response.json({received: true});
});

const handleSuccessfulPaymentIntent = (paymentIntent) => {
  // Fulfill the purchase.
  console.log(JSON.stringify(paymentIntent));
}

app.listen(4242, () => console.log(`Node server listening on port ${4242}!`));
package com.stripe.sample;

import com.stripe.Stripe;
import com.stripe.model.PaymentIntent;
import com.stripe.model.Event;
import com.stripe.model.EventDataObjectDeserializer;
import com.stripe.exception.SignatureVerificationException;
import com.stripe.net.Webhook;
import com.google.gson.JsonSyntaxException;
import spark.Response;

// Using Spark.
import static spark.Spark.*;

public class Server {
  public static void main(String[] args) {
    port(4242);

    // Set your secret key. Remember to switch to your live secret key in production!
    // See your keys here: https://dashboard.stripe.com/account/apikeys
    Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";
    post("/webhook", (request, response) -> {
      String payload = request.body();
      String sigHeader = request.headers("Stripe-Signature");

      // Uncomment and replace with a real secret. You can find your endpoint's
      // secret in your webhook settings.
      // String webhookSecret = "whsec_..."

      Event event = null;

      // Verify webhook signature and extract the event.
      // See https://stripe.com/docs/webhooks/signatures for more information.
      try {
        event = Webhook.constructEvent(
          payload, sigHeader, webhookSecret
        );
      } catch (JsonSyntaxException e) {
      // Invalid payload.
        response.status(400);
        return "";
      } catch (SignatureVerificationException e) {
      // Invalid Signature.
        response.status(400);
        return "";
      }

      if ("payment_intent.succeeded".equals(event.getType())) {
        // Deserialize the nested object inside the event
        EventDataObjectDeserializer dataObjectDeserializer = event.getDataObjectDeserializer();
        PaymentIntent paymentIntent = null;
        if (dataObjectDeserializer.getObject().isPresent()) {
          paymentIntent = (PaymentIntent) dataObjectDeserializer.getObject().get();
          handleSuccessfulPaymentIntent(paymentIntent);
        } else {
          // Deserialization failed, probably due to an API version mismatch.
          // Refer to the Javadoc documentation on `EventDataObjectDeserializer` for
          // instructions on how to handle this case, or return an error here.
        }
      }

      response.status(200);
      return "";
    });
  }

  private static void handleSuccessfulPaymentIntent(PaymentIntent paymentIntent) {
    // Fulfill the purchase.
    System.out.println(paymentIntent.getId());
  }
}
package main

import (
  "encoding/json"
  "log"
  "fmt"
  "net/http"
  "io/ioutil"

  "github.com/stripe/stripe-go/v71"
  "github.com/stripe/stripe-go/v71/webhook"

  "os"
)

func main() {
  // Set your secret key. Remember to switch to your live secret key in production!
  // See your keys here: https://dashboard.stripe.com/account/apikeys
  stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

  http.HandleFunc("/webhook", handleWebhook)
  addr := "localhost:4242"

  log.Printf("Listening on %s ...", addr)
  log.Fatal(http.ListenAndServe(addr, nil))
}

func handleWebhook(w http.ResponseWriter, req *http.Request) {
  const MaxBodyBytes = int64(65536)
  req.Body = http.MaxBytesReader(w, req.Body, MaxBodyBytes)
  body, err := ioutil.ReadAll(req.Body)
  if err != nil {
      fmt.Fprintf(os.Stderr, "Error reading request body: %v\n", err)
      w.WriteHeader(http.StatusServiceUnavailable)
      return
  }

  // Uncomment and replace with a real secret. You can find your endpoint's
  // secret in your webhook settings.
  // webhookSecret := "whsec_..."

  // Verify webhook signature and extract the event.
  // See https://stripe.com/docs/webhooks/signatures for more information.
  event, err := webhook.ConstructEvent(body, req.Header.Get("Stripe-Signature"), webhookSecret)

  if err != nil {
      fmt.Fprintf(os.Stderr, "Error verifying webhook signature: %v\n", err)
      w.WriteHeader(http.StatusBadRequest) // Return a 400 error on a bad signature.
      return
  }

  if event.Type == "payment_intent.succeeded" {
      var paymentIntent stripe.PaymentIntent
      err := json.Unmarshal(event.Data.Raw, &paymentIntent)
      if err != nil {
          fmt.Fprintf(os.Stderr, "Error parsing webhook JSON: %v\n", err)
          w.WriteHeader(http.StatusBadRequest)
          return
      }
      handleSuccessfulPaymentIntent(paymentIntent)
  }

  w.WriteHeader(http.StatusOK)
}

func handleSuccessfulPaymentIntent(paymentIntent stripe.PaymentIntent) {
  // Fulfill the purchase.
  log.Println(paymentIntent.ID)
}
// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

using System;
using System.IO;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;

using Stripe;

namespace Controllers
{
  public class ConnectController : Controller
  {
    private readonly ILogger<ConnectController> logger;

    public ConnectController(
      ILogger<ConnectController> logger,
    ) {
      this.logger = logger;
    }

    [HttpPost("webhook")]
    public async Task<IActionResult> ProcessWebhookEvent()
    {
      var json = await new StreamReader(HttpContext.Request.Body).ReadToEndAsync();

      // Uncomment and replace with a real secret. You can find your endpoint's
      // secret in your webhook settings.
      // const string webhookSecret = "whsec_..."

      // Verify webhook signature and extract the event.
      // See https://stripe.com/docs/webhooks/signatures for more information.
      try
      {
        var stripeEvent = EventUtility.ConstructEvent(json, Request.Headers["Stripe-Signature"], webhookSecret);

        if (stripeEvent.Type == Events.PaymentIntentSucceeded) {
          var paymentIntent = stripeEvent.Data.Object as PaymentIntent;
          HandleSuccessfulPaymentIntent(paymentIntent);
        }

        return Ok();
      }
      catch (Exception e)
      {
        logger.LogInformation(e.ToString());
        return BadRequest();
      }
    }

      // Fulfill the purchase.
    private void HandleSuccessfulPaymentIntent(PaymentIntent paymentIntent) {
      logger.LogInformation($"{paymentIntent}");
    }
  }
}

Learn more in our fulfillment guide for payments.

Testing webhooks locally

Testing webhooks locally is easy with the Stripe CLI.

  1. First, install the Stripe CLI on your machine if you haven’t already.

  2. Then, to log in run stripe login in the command line, and follow the instructions.

  3. Finally, to allow your local host to receive a simulated event on your connected account run stripe listen --forward-to localhost:{PORT}/webhook in one terminal window, and run stripe trigger payment_intent.succeeded (or trigger any other supported event) in another.

Step 3.5: Disputes

As the settlement merchant on charges, your platform is responsible for disputes. Make sure you understand the best practices for responding to disputes.

What you're building

This sample integration is running in test mode, which means that it won’t create a real charge. Use 4242 4242 4242 4242 as your card number, any three-digit CVC code, and an expiration date in the future to simulate a successful payment.

Step 3.1: Create a Checkout session Server-side

On your server, make the following call to Stripe’s API:

curl https://api.stripe.com/v1/checkout/sessions \
  -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
  -d "payment_method_types[]"=card \
  -d "line_items[][name]"="Kavholm rental" \
  -d "line_items[][amount]"=1000 \
  -d "line_items[][currency]"=usd \
  -d "line_items[][quantity]"=1 \
  -d "payment_intent_data[application_fee_amount]"=123 \
  -d "payment_intent_data[transfer_data][destination]"="{{CONNECTED_STRIPE_ACCOUNT_ID}}" \
  -d success_url="https://example.com/success" \
  -d cancel_url="https://example.com/failure"

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

session = Stripe::Checkout::Session.create({
  payment_method_types: ['card'],
  line_items: [{
    name: 'Kavholm rental',
    amount: 1000,
    currency: 'usd',
    quantity: 1,
  }],
  payment_intent_data: {
    application_fee_amount: 123,
    transfer_data: {
      destination: '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
    },
  },
  success_url: 'https://example.com/success',
  cancel_url: 'https://example.com/failure',
})

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

session = stripe.checkout.Session.create(
  payment_method_types=['card'],
  line_items=[{
    'name': 'Kavholm rental',
    'amount': 1000,
    'currency': 'usd',
    'quantity': 1,
  }],
  payment_intent_data={
    'application_fee_amount': 123,
    'transfer_data': {
      'destination': '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
    },
  },
  success_url='https://example.com/success',
  cancel_url='https://example.com/failure',
)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

$session = \Stripe\Checkout\Session::create([
  'payment_method_types' => ['card'],
  'line_items' => [[
    'name' => 'Kavholm rental',
    'amount' => 1000,
    'currency' => 'usd',
    'quantity' => 1,
  ]],
  'payment_intent_data' => [
    'application_fee_amount' => 123,
    'transfer_data' => [
      'destination' => '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
    ],
  ],
  'success_url' => 'https://example.com/success',
  'cancel_url' => 'https://example.com/failure',
]);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

const session = await stripe.checkout.sessions.create({
  payment_method_types: ['card'],
  line_items: [{
    name: 'Kavholm rental',
    amount: 1000,
    currency: 'usd',
    quantity: 1,
  }],
  payment_intent_data: {
    application_fee_amount: 123,
    transfer_data: {
      destination: '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
    },
  },
  success_url: 'https://example.com/success',
  cancel_url: 'https://example.com/failure',
});

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

Map<String, Object> params = new HashMap<String, Object>();

ArrayList<String> paymentMethodTypes = new ArrayList<>();
paymentMethodTypes.add("card");
params.put("payment_method_types", paymentMethodTypes);

ArrayList<HashMap<String, Object>> lineItems = new ArrayList<>();
HashMap<String, Object> lineItem = new HashMap<String, Object>();
lineItem.put("name", "Kavholm rental");
lineItem.put("amount", 1000);
lineItem.put("currency", "usd");
lineItem.put("quantity", 1);
lineItems.add(lineItem);
params.put("line_items", lineItems);

HashMap<String, Object> paymentIntentData = new HashMap<String, Object>();
paymentIntentData.put("application_fee_amount", 123);
HashMap<String, Object> transferData = new HashMap<String, Object>();
transferData.put("destination", "{{CONNECTED_STRIPE_ACCOUNT_ID}}");
paymentIntentData.put("transfer_data", transferData);
params.put("payment_intent_data", paymentIntentData);

params.put("success_url", "https://example.com/success");
params.put("cancel_url", "https://example.com/failure");

Session session = Session.create(params, requestOptions);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

params := &stripe.CheckoutSessionParams{
    PaymentMethodTypes: stripe.StringSlice([]string{
        "card",
    }),
    LineItems: []*stripe.CheckoutSessionLineItemParams{
        &stripe.CheckoutSessionLineItemParams{
            Name: stripe.String("Kavholm rental"),
            Amount: stripe.Int64(1000),
            Currency: stripe.String(string(stripe.CurrencyUSD)),
            Quantity: stripe.Int64(1),
        },
    },
    PaymentIntentData: &stripe.CheckoutSessionPaymentIntentDataParams{
        ApplicationFeeAmount: stripe.Int64(123),
        TransferData: &stripe.CheckoutSessionPaymentIntentDataTransferDataParams{
          Destination: stripe.String("{{CONNECTED_STRIPE_ACCOUNT_ID}}"),
        },
    },
    SuccessURL: stripe.String("https://example.com/success"),
    CancelURL: stripe.String("https://example.com/failure"),
}

session, err := session.New(params)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

var options = new SessionCreateOptions
{
    PaymentMethodTypes = new List<string>
    {
        "card",
    },
    LineItems = new List<SessionLineItemOptions>
    {
        new SessionLineItemOptions
        {
            Name = "Kavholm rental",
            Amount = 1000,
            Currency = "usd",
            Quantity = 1,
        },
    },
    PaymentIntentData = new SessionPaymentIntentDataOptions
    {
        ApplicationFeeAmount = 123,
        TransferData = new SessionPaymentIntentDataTransferDataOptions
        {
          Destination = "{{CONNECTED_STRIPE_ACCOUNT_ID}}",
        },
    },
    SuccessUrl = "https://example.com/success",
    CancelUrl = "https://example.com/failure",
};

var service = new SessionService();
Session session = service.Create(options);

This returns a Checkout Session object with an id attribute that’s needed on the client side.

  • payment_intent_data[transfer_data][destination] - This argument indicates that this is a destination charge. A destination charge means the charge is processed on the platform and then the funds are immediately and automatically transferred to the connected account’s pending balance. For our ride-hailing example, we want to build an experience where the customer pays through the platform and the driver gets paid by the platform.
  • line_items - This argument represents the items the customer is purchasing. The items are displayed in the Stripe-hosted user interface.
  • success_url - This argument redirects a user after they complete a payment.
  • cancel_url - This argument redirects a user after they click cancel.
  • payment_intent_data[application_fee_amount] - This argument specifies the amount your platform plans to take from the transaction. The full charge amount is immediately transferred from the platform to the connected account that’s specified by transfer_data[destination] after the charge is captured. The application_fee_amount is then transferred back to the platform, and the Stripe fee is deducted from the platform’s amount.

Step 3.2: Add a checkout button Client-side

On your checkout page, include the Stripe.js script by adding it to the head of your HTML file.

<head>
  <title>Checkout</title>
  <script src="https://js.stripe.com/v3/"></script>
</head>

Fetch the Session ID from your server. Add a button to your client with a click handler that calls Stripe’s frontend API:

var stripe = Stripe('pk_test_TYooMQauvdEDq54NiTphI7jx');

var checkoutButton = document.getElementById('checkout-button');

checkoutButton.addEventListener('click', function() {
  stripe.redirectToCheckout({
    // Make the id field from the Checkout Session creation API response
    // available to this file, so you can provide it as argument here
    // instead of the {{CHECKOUT_SESSION_ID}} placeholder.
    sessionId: '{{CHECKOUT_SESSION_ID}}'
  }).then(function (result) {
    // If `redirectToCheckout` fails due to a browser or network
    // error, display the localized error message to your customer
    // using `result.error.message`.
  });
});
const stripe = Stripe('pk_test_TYooMQauvdEDq54NiTphI7jx');

const checkoutButton = document.getElementById('checkout-button');

checkoutButton.addEventListener('click', () => {
  stripe.redirectToCheckout({
    // Make the id field from the Checkout Session creation API response
    // available to this file, so you can provide it as argument here
    // instead of the {{CHECKOUT_SESSION_ID}} placeholder.
    sessionId: '{{CHECKOUT_SESSION_ID}}'
  })
  // If `redirectToCheckout` fails due to a browser or network
  // error, display the localized error message to your customer
  // using `error.message`.
});

You can customize your branding settings.

Step 3.3: Fulfillment Server-side

After the payment is completed, you’ll need to handle any fulfillment necessary on your end. A home-rental company that requires payment upfront, for instance, would connect the homeowner with the renter after a successful payment.

Configure a webhook endpoint (for events from your account) in your dashboard.

Then create an HTTP endpoint on your server to monitor for completed payments to then enable your sellers or service providers to fulfill purchases.

# Using Sinatra.
require 'sinatra'
require 'stripe'

set :port, 4242

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

# Uncomment and replace with a real secret. You can find your endpoint's
# secret in your webhook settings.
# webhook_secret = 'whsec_...'

post '/webhook' do
  payload = request.body.read
  sig_header = request.env['HTTP_STRIPE_SIGNATURE']

  event = nil

  # Verify webhook signature and extract the event.
  # See https://stripe.com/docs/webhooks/signatures for more information.
  begin
    event = Stripe::Webhook.construct_event(
      payload, sig_header, webhook_secret
    )
  rescue JSON::ParserError => e
    # Invalid payload.
    status 400
    return
  rescue Stripe::SignatureVerificationError => e
    # Invalid Signature.
    status 400
    return
  end

  if event['type'] == 'checkout.session.completed'
    session = event['data']['object']
    handle_completed_checkout_session(session)
  end

  status 200
end

def handle_completed_checkout_session(session)
  # Fulfill the purchase.
  puts session.to_s
end
import stripe
import json

# Using Flask.
from flask import (
    Flask,
    render_template,
    request,
    Response,
)

app = Flask(__name__, static_folder=".",
            static_url_path="", template_folder=".")

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

# Uncomment and replace with a real secret. You can find your endpoint's
# secret in your webhook settings.
# webhook_secret = 'whsec_...'

@app.route("/webhook", methods=["POST"])
def webhook_received():
  request_data = json.loads(request.data)
  signature = request.headers.get("stripe-signature")

  # Verify webhook signature and extract the event.
  # See https://stripe.com/docs/webhooks/signatures for more information.
  try:
    event = stripe.Webhook.construct_event(
        payload=request.data, sig_header=signature, secret=webhook_secret
    )
  except ValueError as e:
    # Invalid payload.
    return Response(status=400)
  except stripe.error.SignatureVerificationError as e:
    # Invalid Signature.
    return Response(status=400)

  if event["type"] == "checkout.session.completed":
    session = event["data"]["object"]
    handle_completed_checkout_session(session)

  return json.dumps({"success": True}), 200

def handle_completed_checkout_session(session):
  # Fulfill the purchase.
  print(str( session))

if __name__ == "__main__":
  app.run(port=4242)
<?php
// Using Slim.
use Slim\Http\Request;
use Slim\Http\Response;
use Stripe\Stripe;

require_once('vendor/autoload.php');

$app = new \Slim\App;

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

// Uncomment and replace with a real secret. You can find your endpoint's
// secret in your webhook settings.
// $webhook_secret = 'whsec_...';

$app->post('/webhook', function ($request, $response, $next) {
  $payload = $request->getBody();
  $sig_header = $request->getHeaderLine('stripe-signature');

  $event = null;

  // Verify webhook signature and extract the event.
  // See https://stripe.com/docs/webhooks/signatures for more information.
  try {
    $event = \Stripe\Webhook::constructEvent(
      $payload, $sig_header, $webhook_secret
    );
  } catch(\UnexpectedValueException $e) {
    // Invalid payload.
    return $response->withStatus(400);
  } catch(\Stripe\Exception\SignatureVerificationException $e) {
    // Invalid Signature.
    return $response->withStatus(400);
  }

  if ($event->type == 'checkout.session.completed') {
    $session = $event->data->object;
    handleCompletedCheckoutSession($session);
  }

  return $response->withStatus(200);
});

function handleCompletedCheckoutSession($session) {
  // Fulfill the purchase.
  echo $session;
};

$app->run();
// Using Express
const express = require('express');
const bodyParser = require("body-parser");
const app = express();
app.use(express.json());

// Use JSON parser for all non-webhook routes
app.use((req, res, next) => {
  if (req.originalUrl === "/webhook") {
    next();
  } else {
    bodyParser.json()(req, res, next);
  }
});

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

// Uncomment and replace with a real secret. You can find your endpoint's
// secret in your webhook settings.
// const webhook_secret = 'whsec_...''

app.post('/webhook', bodyParser.raw({type: 'application/json'}), (request, response) => {
  const sig = request.headers['stripe-signature'];

  let event;

  // Verify webhook signature and extract the event.
  // See https://stripe.com/docs/webhooks/signatures for more information.
  try {
    event = stripe.webhooks.constructEvent(request.body, sig, webhook_secret);
  } catch (err) {
    return response.status(400).send(`Webhook Error: ${err.message}`);
  }

  if (event.type === 'checkout.session.completed') {
    const session = event.data.object;
    handleCompletedCheckoutSession(session);
  }

  response.json({received: true});
});

const handleCompletedCheckoutSession = (session) => {
  // Fulfill the purchase.
  console.log(JSON.stringify(session));
}

app.listen(4242, () => console.log(`Node server listening on port ${4242}!`));
package com.stripe.sample;

import com.stripe.Stripe;
import com.stripe.model.checkout.Session;
import com.stripe.model.Event;
import com.stripe.model.EventDataObjectDeserializer;
import com.stripe.exception.SignatureVerificationException;
import com.stripe.net.Webhook;
import com.google.gson.JsonSyntaxException;
import spark.Response;

// Using Spark.
import static spark.Spark.*;

public class Server {
  public static void main(String[] args) {
    port(4242);

    // Set your secret key. Remember to switch to your live secret key in production!
    // See your keys here: https://dashboard.stripe.com/account/apikeys
    Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";
    post("/webhook", (request, response) -> {
      String payload = request.body();
      String sigHeader = request.headers("Stripe-Signature");

      // Uncomment and replace with a real secret. You can find your endpoint's
      // secret in your webhook settings.
      // String webhookSecret = "whsec_..."

      Event event = null;

      // Verify webhook signature and extract the event.
      // See https://stripe.com/docs/webhooks/signatures for more information.
      try {
        event = Webhook.constructEvent(
          payload, sigHeader, webhookSecret
        );
      } catch (JsonSyntaxException e) {
      // Invalid payload.
        response.status(400);
        return "";
      } catch (SignatureVerificationException e) {
      // Invalid Signature.
        response.status(400);
        return "";
      }

      if ("checkout.session.completed".equals(event.getType())) {
        // Deserialize the nested object inside the event
        EventDataObjectDeserializer dataObjectDeserializer = event.getDataObjectDeserializer();
        Session session = null;
        if (dataObjectDeserializer.getObject().isPresent()) {
          session = (Session) dataObjectDeserializer.getObject().get();
          handleCompletedCheckoutSession(session);
        } else {
          // Deserialization failed, probably due to an API version mismatch.
          // Refer to the Javadoc documentation on `EventDataObjectDeserializer` for
          // instructions on how to handle this case, or return an error here.
        }
      }

      response.status(200);
      return "";
    });
  }

  private static void handleCompletedCheckoutSession(Session session) {
    // Fulfill the purchase.
    System.out.println(session.getId());
  }
}
package main

import (
  "encoding/json"
  "log"
  "fmt"
  "net/http"
  "io/ioutil"

  "github.com/stripe/stripe-go/v71"
  "github.com/stripe/stripe-go/v71/webhook"

  "os"
)

func main() {
  // Set your secret key. Remember to switch to your live secret key in production!
  // See your keys here: https://dashboard.stripe.com/account/apikeys
  stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

  http.HandleFunc("/webhook", handleWebhook)
  addr := "localhost:4242"

  log.Printf("Listening on %s ...", addr)
  log.Fatal(http.ListenAndServe(addr, nil))
}

func handleWebhook(w http.ResponseWriter, req *http.Request) {
  const MaxBodyBytes = int64(65536)
  req.Body = http.MaxBytesReader(w, req.Body, MaxBodyBytes)
  body, err := ioutil.ReadAll(req.Body)
  if err != nil {
      fmt.Fprintf(os.Stderr, "Error reading request body: %v\n", err)
      w.WriteHeader(http.StatusServiceUnavailable)
      return
  }

  // Uncomment and replace with a real secret. You can find your endpoint's
  // secret in your webhook settings.
  // webhookSecret := "whsec_..."

  // Verify webhook signature and extract the event.
  // See https://stripe.com/docs/webhooks/signatures for more information.
  event, err := webhook.ConstructEvent(body, req.Header.Get("Stripe-Signature"), webhookSecret)

  if err != nil {
      fmt.Fprintf(os.Stderr, "Error verifying webhook signature: %v\n", err)
      w.WriteHeader(http.StatusBadRequest) // Return a 400 error on a bad signature.
      return
  }

  if event.Type == "checkout.session.completed" {
      var session stripe.CheckoutSession
      err := json.Unmarshal(event.Data.Raw, &session)
      if err != nil {
          fmt.Fprintf(os.Stderr, "Error parsing webhook JSON: %v\n", err)
          w.WriteHeader(http.StatusBadRequest)
          return
      }
      handleCompletedCheckoutSession(session)
  }

  w.WriteHeader(http.StatusOK)
}

func handleCompletedCheckoutSession(session stripe.CheckoutSession) {
  // Fulfill the purchase.
  log.Println(session.ID)
}
// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

using System;
using System.IO;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;

using Stripe;
using Stripe.Checkout

namespace Controllers
{
  public class ConnectController : Controller
  {
    private readonly ILogger<ConnectController> logger;

    public ConnectController(
      ILogger<ConnectController> logger,
    ) {
      this.logger = logger;
    }

    [HttpPost("webhook")]
    public async Task<IActionResult> ProcessWebhookEvent()
    {
      var json = await new StreamReader(HttpContext.Request.Body).ReadToEndAsync();

      // Uncomment and replace with a real secret. You can find your endpoint's
      // secret in your webhook settings.
      // const string webhookSecret = "whsec_..."

      // Verify webhook signature and extract the event.
      // See https://stripe.com/docs/webhooks/signatures for more information.
      try
      {
        var stripeEvent = EventUtility.ConstructEvent(json, Request.Headers["Stripe-Signature"], webhookSecret);

        if (stripeEvent.Type == Events.CheckoutSessionCompleted) {
          var session = stripeEvent.Data.Object as Session;
          HandleCompletedCheckoutSession(session);
        }

        return Ok();
      }
      catch (Exception e)
      {
        logger.LogInformation(e.ToString());
        return BadRequest();
      }
    }

      // Fulfill the purchase.
    private void HandleCompletedCheckoutSession(Session session) {
      logger.LogInformation($"{session}");
    }
  }
}

Learn more in our fulfillment guide for Checkout.

Testing webhooks locally

Testing webhooks locally is easy with the Stripe CLI.

  1. First, install the Stripe CLI on your machine if you haven’t already.

  2. Then, to log in run stripe login in the command line, and follow the instructions.

  3. Finally, to allow your local host to receive a simulated event on your connected account run stripe listen --forward-to localhost:{PORT}/webhook in one terminal window, and run stripe trigger checkout.session.completed (or trigger any other supported event) in another.

Step 3.4: Disputes

As the settlement merchant on charges, your platform is responsible for disputes. Make sure you understand the best practices for responding to disputes.

4 Complete and customize your integration

You now have a working integration. From your account dashboard, you can view an account and its balance.

You can review other Connect features that you might want to consider adding to the integration.

Payouts

By default, any charge that you transfer to a connected account accumulates in the connected account’s Stripe balance and is paid out on a daily rolling basis. But, you can change the payout schedule if needed.

Testing

The Connect-specific testing resource provides tokens to help simulate flows for accounts and onboarding, payouts, and top-ups. To test your payments and disputes flow, we provide a number of test cards available to simulate payment outcomes.

Next steps

Manage connected accounts

Customize payments

This guide demonstrates how to accept payments and move funds to the bank accounts of your sellers or service providers. For demonstration purposes, we’ll build a home-rental marketplace that connects homeowners to people looking for a place to rent. You can use the concepts covered in this guide in other applications as well.

You can see a complete onboarding flow in action in our sample end-to-end Express integration.

Prerequisites

  1. Register your platform.
  2. Activate your account.
  3. Fill out your platform profile.
  4. Customize your brand settings on the Connect settings page. This information is required for Connect Onboarding.

1 Set up Stripe Server-side Client-side

First, you need a Stripe account. Register now.

Server-side

This integration requires endpoints on your server that talk to the Stripe API. Use our official libraries for access to the Stripe API from your server:

# Available as a gem
gem install stripe
# If you use bundler, you can add this line to your Gemfile
gem 'stripe'
# Install through pip
pip install --upgrade stripe
# Or find the Stripe package on http://pypi.python.org/pypi/stripe/
# Find the version you want to pin:
# https://github.com/stripe/stripe-python/blob/master/CHANGELOG.md
# Specify that version in your requirements.txt file
stripe>=2.48.0,<3.0
# Install the PHP library via Composer
composer require stripe/stripe-php
# Or download the source directly: https://github.com/stripe/stripe-php/releases
/*
 For Gradle, add the following dependency to your build.gradle and replace {VERSION} with
 the version number you want to use from
 - https://mvnrepository.com/artifact/com.stripe/stripe-java or
 - https://github.com/stripe/stripe-java/releases/latest
*/
implementation "com.stripe:stripe-java:{VERSION}"
<!--
  For Maven, add the following dependency to your POM and replace {VERSION} with the
  version number you want to use from
  - https://mvnrepository.com/artifact/com.stripe/stripe-java or
  - https://github.com/stripe/stripe-java/releases/latest
-->
<dependency>
  <groupId>com.stripe</groupId>
  <artifactId>stripe-java</artifactId>
  <version>{VERSION}</version>
</dependency>
# For other environments, manually install the following JARs:
# - The Stripe JAR from https://github.com/stripe/stripe-java/releases/latest
# - Google Gson from https://github.com/google/gson
# Install via npm
npm install --save stripe
# Make sure your project is using Go Modules
go mod init
# Install stripe-go
go get -u github.com/stripe/stripe-go/v71
// Then import the package
import (
  "github.com/stripe/stripe-go/v71"
)
# Install via dotnet
dotnet add package Stripe.net
dotnet restore
# Or install via NuGet
PM> Install-Package Stripe.net

Client-side

The iOS SDK is open source, fully documented, and compatible with apps supporting iOS 11 or above.

  1. If you haven't already, install the latest version of CocoaPods.
  2. If you don't have an existing Podfile, run the following command to create one: 
    pod init
  3. Add this line to your Podfile: 
    pod 'Stripe'
  4. Run the following command: 
    pod install
  5. Don't forget to use the .xcworkspace file to open your project in Xcode, instead of the .xcodeproj file, from here on out.
  6. In the future, to update to the latest version of the SDK, just run: 
    pod update Stripe
  1. If you haven't already, install the latest version of Carthage.
  2. Add this line to your Cartfile: 
    github "stripe/stripe-ios"
  3. Follow the Carthage installation instructions.
  4. In the future, to update to the latest version of the SDK, run the following command: 
    carthage update stripe-ios --platform ios
  1. Head to our GitHub releases page and download and unzip Stripe.framework.zip.
  2. Drag Stripe.framework to the "Embedded Binaries" section of your Xcode project's "General" settings. Make sure to select "Copy items if needed".
  3. Head to the "Build Phases" section of your Xcode project settings, and create a new "Run Script Build Phase". Paste the following snippet into the text field: 
    bash "${BUILT_PRODUCTS_DIR}/${FRAMEWORKS_FOLDER_PATH}/Stripe.framework/integrate-dynamic-framework.sh"
  4. In the future, to update to the latest version of our SDK, just repeat steps 1 and 2.

When your app starts, configure the SDK with your Stripe publishable key so that it can make requests to the Stripe API.

import UIKit
import Stripe

@UIApplicationMain
class AppDelegate: UIResponder, UIApplicationDelegate {

    func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?) -> Bool {
        Stripe.setDefaultPublishableKey("pk_test_TYooMQauvdEDq54NiTphI7jx")
        // do any other necessary launch configuration
        return true
    }
}
#import "AppDelegate.h"
#import <Stripe/Stripe.h>

@implementation AppDelegate
- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
    [Stripe setDefaultPublishableKey:@"pk_test_TYooMQauvdEDq54NiTphI7jx"];
    // do any other necessary launch configuration
    return YES;
}
@end

2 Create a connected account

When a user (seller or service provider) signs up on your platform, create a user Account (referred to as a connected account) so you can accept payments and move funds to their bank account. Connected accounts represent your users in the Stripe API and help collect the information required to verify the user’s identity. In our home-rental example, the connected account represents the homeowner.

Step 2.1: Create an Express account and prefill information Server-side

Use the /v1/accounts API to create an Express account and set type to express in the account creation request.

curl https://api.stripe.com/v1/accounts \
  -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
  -d type=express

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

account = Stripe::Account.create({
  type: 'express',
})

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

account = stripe.Account.create(
  type='express',
)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

$account = \Stripe\Account::create([
  'country' => 'US',
  'type' => 'express',
]);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

AccountCreateParams params =
  AccountCreateParams.builder()
    .setType(AccountCreateParams.Type.EXPRESS)
    .build();

Account account = Account.create(params);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

const account = await stripe.accounts.create({
  type: 'express',
});

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

params := &stripe.AccountParams{
  Type: stripe.String(string(stripe.AccountTypeExpress)),
}
acct, _ := account.New(params)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

var options = new AccountCreateOptions
{
  Type = "express",
};

var service = new AccountService();
var account = service.Create(options);

If you have previously collected information for your connected accounts, you can prefill that information on the account object for the user and it won’t be collected again in the Connect Onboarding flow. Connect Onboarding will only collect required information when you create or update an account.

Step 2.2: Create an account link Server-side

You can create an account link by calling the Account Links API with the following parameters:

  • account
  • refresh_url
  • return_url
  • type = account_onboarding
curl https://api.stripe.com/v1/account_links \
  -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
  -d account=acct_1032D82eZvKYlo2C \
  -d refresh_url="https://example.com/reauth" \
  -d return_url="https://example.com/return" \
  -d type=account_onboarding

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

account_links = Stripe::AccountLink.create({
  account: 'acct_1032D82eZvKYlo2C',
  refresh_url: 'https://example.com/reauth',
  return_url: 'https://example.com/return',
  type: 'account_onboarding',
})

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

account_links = stripe.AccountLink.create(
  account='acct_1032D82eZvKYlo2C',
  refresh_url='https://example.com/reauth',
  return_url='https://example.com/return',
  type='account_onboarding',
)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

$account_links = \Stripe\AccountLink::create([
  'account' => 'acct_1032D82eZvKYlo2C',
  'refresh_url' => 'https://example.com/reauth',
  'return_url' => 'https://example.com/return',
  'type' => 'account_onboarding',
]);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

AccountLinkCreateParams params =
  AccountLinkCreateParams.builder()
    .setAccount("acct_1032D82eZvKYlo2C")
    .setRefreshUrl("https://example.com/reauth")
    .setReturnUrl("https://example.com/return")
    .setType("account_onboarding")
    .build();

AccountLink accountLink = AccountLink.create(params);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

const accountLinks = await stripe.accountLinks.create({
  account: 'acct_1032D82eZvKYlo2C',
  refresh_url: 'https://example.com/reauth',
  return_url: 'https://example.com/return',
  type: 'account_onboarding',
});

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

params := &stripe.AccountLinkParams{
    Account: stripe.String("acct_1032D82eZvKYlo2C"),
    RefreshURL: stripe.String("https://example.com/reauth"),
    ReturnURL: stripe.String("https://example.com/return"),
    Type: stripe.String("account_onboarding"),
}
acc, _ := accountlink.New(params)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

var options = new AccountLinkCreateOptions
{
    Account = "acct_1032D82eZvKYlo2C",
    RefreshUrl = "https://example.com/reauth",
    ReturnUrl = "https://example.com/return",
    Type = "account_onboarding",
};
var service = new AccountLinkService();
var accountLink = service.Create(options);

Step 2.3: Redirect your user to the account link URL Client-side

The response to your Account Links request includes a value for the key url. Redirect to this link to send your user into the flow. URLs from the Account Links API are temporary and can be used only once because they grant access to the account holder’s personal information. Authenticate the user in your application before redirecting them to this URL. If you want to prefill information, you must do so before generating the account link. After you create the account link for an Express account, you will not be able to read or write information for the account.

import UIKit
import SafariServices

class ConnectOnboardViewController: UIViewController {

    // ...

    override func viewDidLoad() {
        super.viewDidLoad()

        let connectWithStripeButton = UIButton(type: .system)
        connectWithStripeButton.setTitle("Connect with Stripe", for: .normal)
        connectWithStripeButton.addTarget(self, action: #selector(didSelectConnectWithStripe), for: .touchUpInside)
        view.addSubview(connectWithStripeButton)

        // ...
    }

    @objc
    func didSelectConnectWithStripe() {
        if let url = URL(string: Settings.BackendAPIBaseURL)?.appendingPathComponent("onboard-user") {
          var request = URLRequest(url: url)
          request.httpMethod = "POST"
          let task = URLSession.shared.dataTask(with: request) { (data, response, error) in
              guard let data = data,
                  let json = try? JSONSerialization.jsonObject(with: data, options: []) as? [String : Any],
                  let accountURLString = json["url"] as? String,
                  let accountURL = URL(string: accountURLString) else {
                      // handle error
              }

              let safariViewController = SFSafariViewController(url: url)
              safariViewController.delegate = self

              DispatchQueue.main.async {
                  self.present(safariViewController, animated: true, completion: nil)
              }
          }
        }
    }

    // ...
}

extension ConnectOnboardViewController: SFSafariViewControllerDelegate {
    func safariViewControllerDidFinish(_ controller: SFSafariViewController) {
        // the user may have closed the SFSafariViewController instance before a redirect
        // occurred. Sync with your backend to confirm the correct state
    }
}
#import "ConnectOnboardViewController.h"

#import <SafariServices/SafariServices.h>

@interface ConnectOnboardViewController () <SFSafariViewControllerDelegate>
// ...
@end

@implementation ConnectOnboardViewController 

// ...

- (void)viewDidLoad {
    [super viewDidLoad];

    UIButton *connectWithStripeButton = [UIButton buttonWithType:UIButtonTypeSystem];
    [connectWithStripeButton setTitle:@"Connect with Stripe" forState:UIControlStateNormal];
    [connectWithStripeButton addTarget:self action:@selector(_didSelectConnectWithStripe) forControlEvents:UIControlEventTouchUpInside];
    [self.view addSubview:connectWithStripeButton];

    // ...
}

- (void)_didSelectConnectWithStripe {
  NSURL *url = [NSURL URLWithString:[kBackendAPIBaseURL stringByAppendingPathComponent:@"onboard-user"]];
  NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url];
  request.HTTPMethod = @"POST";
  
  NSURLSessionTask *task = [[NSURLSession sharedSession] dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {
      if (data != nil) {
          NSError *jsonError = nil;
          id json = [NSJSONSerialization JSONObjectWithData:data options:0 error:&jsonError];
          
          if (json != nil && [json isKindOfClass:[NSDictionary class]]) {
              NSDictionary *jsonDictionary = (NSDictionary *)json;
              NSURL *accountURL = [NSURL URLWithString:jsonDictionary[@"url"]];
              if (accountURL != nil) {
                  SFSafariViewController *safariViewController = [[SFSafariViewController alloc] initWithURL:accountURL];
                  safariViewController.delegate = self;
                  
                  dispatch_async(dispatch_get_main_queue(), ^{
                      [self presentViewController:safariViewController animated:YES completion:nil];
                  });
              } else {
                  // handle  error
              }
          } else {
              // handle error
          }
      } else {
          // handle error
      }
  }];
  [task resume];
}

// ...

#pragma mark - SFSafariViewControllerDelegate
- (void)safariViewControllerDidFinish:(SFSafariViewController *)controller {
    // The user may have closed the SFSafariViewController instance before a redirect
    // occurred. Sync with your backend to confirm the correct state
}

@end

Step 2.4: Handle the user returning to your platform Client-side

Connect Onboarding requires you to pass both a return_url and refresh_url to handle all cases where the user will be redirected to your platform. It’s important that you implement these correctly to provide the best experience for your user. You can set up a universal link to enable iOS to redirect to your app automatically.

return_url

Stripe issues a redirect to this URL when the user completes the Connect Onboarding flow. This does not mean that all information has been collected or that there are no outstanding requirements on the account. This only means the flow was entered and exited properly.

No state is passed through this URL. After a user is redirected to your return_url, check the state of the details_submitted parameter on their account by doing either of the following:

  • Listening to account.updated webhooks
  • Calling the Accounts API and inspecting the returned object

refresh_url

Your user will be redirected to the refresh_url in these cases:

  • The link is expired (a few minutes went by since the link was created)
  • The link was already visited (the user refreshed the page or clicked back or forward in the browser)
  • Your platform is no longer able to access the account
  • The account has been rejected

Your refresh_url should trigger a method on your server to call Account Links again with the same parameters, and redirect the user to the Connect Onboarding flow to create a seamless experience.

Step 2.5: Handle users that have not completed onboarding

A user that is redirected to your return_url might not have completed the onboarding process. Use the /v1/accounts endpoint to retrieve the user’s account and check for charges_enabled. If the account is not fully onboarded, provide UI prompts to allow the user to continue onboarding later. The user can complete their account activation through a new account link (generated by your integration). You can check the state of the details_submitted parameter on their account to see if they’ve completed the onboarding process.

3 Accept a payment

Step 3.1: Create your checkout page Client-side

Securely collect card information on the client with STPPaymentCardTextField, a drop-in UI component provided by the SDK.

STPPaymentCardTextField performs on-the-fly validation and formatting.

Create an instance of the card component and a Pay button with the following code:

import UIKit
import Stripe

class CheckoutViewController: UIViewController {

    lazy var cardTextField: STPPaymentCardTextField = {
        let cardTextField = STPPaymentCardTextField()
        return cardTextField
    }()
    lazy var payButton: UIButton = {
        let button = UIButton(type: .custom)
        button.layer.cornerRadius = 5
        button.backgroundColor = .systemBlue
        button.titleLabel?.font = UIFont.systemFont(ofSize: 22)
        button.setTitle("Pay", for: .normal)
        button.addTarget(self, action: #selector(pay), for: .touchUpInside)
        return button
    }()

    override func viewDidLoad() {
        super.viewDidLoad()
        view.backgroundColor = .white
        let stackView = UIStackView(arrangedSubviews: [cardTextField, payButton])
        stackView.axis = .vertical
        stackView.spacing = 20
        stackView.translatesAutoresizingMaskIntoConstraints = false
        view.addSubview(stackView)
        NSLayoutConstraint.activate([
            stackView.leftAnchor.constraint(equalToSystemSpacingAfter: view.leftAnchor, multiplier: 2),
            view.rightAnchor.constraint(equalToSystemSpacingAfter: stackView.rightAnchor, multiplier: 2),
            stackView.topAnchor.constraint(equalToSystemSpacingBelow: view.topAnchor, multiplier: 2),
        ])
    }

    @objc
    func pay() {
        // ...
    }
}

#import "CheckoutViewController.h"
#import <Stripe/Stripe.h>

@interface CheckoutViewController ()

@property (weak) STPPaymentCardTextField *cardTextField;
@property (weak) UIButton *payButton;

@end

@implementation CheckoutViewController

- (void)viewDidLoad {
    [super viewDidLoad];
    self.view.backgroundColor = [UIColor whiteColor];

    STPPaymentCardTextField *cardTextField = [[STPPaymentCardTextField alloc] init];
    self.cardTextField = cardTextField;

    UIButton *button = [UIButton buttonWithType:UIButtonTypeCustom];
    button.layer.cornerRadius = 5;
    button.backgroundColor = [UIColor systemBlueColor];
    button.titleLabel.font = [UIFont systemFontOfSize:22];
    [button setTitle:@"Pay" forState:UIControlStateNormal];
    [button addTarget:self action:@selector(pay) forControlEvents:UIControlEventTouchUpInside];
    self.payButton = button;

    UIStackView *stackView = [[UIStackView alloc] initWithArrangedSubviews:@[cardTextField, button]];
    stackView.axis = UILayoutConstraintAxisVertical;
    stackView.translatesAutoresizingMaskIntoConstraints = NO;
    stackView.spacing = 20;
    [self.view addSubview:stackView];

    [NSLayoutConstraint activateConstraints:@[
        [stackView.leftAnchor constraintEqualToSystemSpacingAfterAnchor:self.view.leftAnchor multiplier:2],
        [self.view.rightAnchor constraintEqualToSystemSpacingAfterAnchor:stackView.rightAnchor multiplier:2],
        [stackView.topAnchor constraintEqualToSystemSpacingBelowAnchor:self.view.topAnchor multiplier:2],
    ]];
}

- (void)pay {
    // ...
}

@end

Run your app, and make sure your checkout page shows the card component and pay button.

Step 3.2: Create a PaymentIntent Server-sideClient-side

Stripe uses a PaymentIntent object to represent your intent to collect payment from a customer, tracking your charge attempts and payment state changes throughout the process.

Server-side

On your server, make an endpoint that creates a PaymentIntent with an amount and currency. Always decide how much to charge on the server side, a trusted environment, as opposed to the client. This prevents malicious customers from being able to choose their own prices.

curl https://api.stripe.com/v1/payment_intents \
  -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
  -d "payment_method_types[]"=card \
  -d amount=1000 \
  -d currency=usd \
  -d application_fee_amount=123 \
  -d "transfer_data[destination]"="{{CONNECTED_STRIPE_ACCOUNT_ID}}"

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

payment_intent = Stripe::PaymentIntent.create({
  payment_method_types: ['card'],
  amount: 1000,
  currency: 'usd',
  application_fee_amount: 123,
  transfer_data: {
    destination: '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
  },
})
client_secret = payment_intent['client_secret']
# Pass the client secret to the client

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

payment_intent = stripe.PaymentIntent.create(
  payment_method_types=['card'],
  amount=1000,
  currency='usd',
  application_fee_amount=123,
  transfer_data={
    'destination': '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
  }
)
client_secret = intent.client_secret
# Pass the client secret to the client

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

$payment_intent = \Stripe\PaymentIntent::create([
  'payment_method_types' => ['card'],
  'amount' => 1000,
  'currency' => 'usd',
  'application_fee_amount' => 123,
  'transfer_data' => [
    'destination' => '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
  ],
]);
$client_secret = $intent->client_secret;
// Pass the client secret to the client

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

ArrayList paymentMethodTypes = new ArrayList();
paymentMethodTypes.add("card");

Map<String, Object> params = new HashMap<>();
params.put("payment_method_types", paymentMethodTypes);
params.put("amount", 1000);
params.put("currency", "usd");
params.put("application_fee_amount", 123);
Map<String, Object> transferDataParams = new HashMap<>();
transferDataParams.put("destination", "{{CONNECTED_STRIPE_ACCOUNT_ID}}");
params.put("transfer_data", transferDataParams);
PaymentIntent paymentIntent = PaymentIntent.create(params);
PaymentIntent intent = PaymentIntent.create(params);
String clientSecret = intent.getClientSecret();
// Pass the client secret to the client

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

const paymentIntent = await stripe.paymentIntents.create({
  payment_method_types: ['card'],
  amount: 1000,
  currency: 'usd',
  application_fee_amount: 123,
  transfer_data: {
    destination: '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
  },
});
const clientSecret = paymentIntent.client_secret;

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

params := &stripe.PaymentIntentParams{
  PaymentMethodTypes: stripe.StringSlice([]string{
    "card",
  }),
  Amount: stripe.Int64(1000),
  Currency: stripe.String(string(stripe.CurrencyUSD)),
  ApplicationFeeAmount: stripe.Int64(123),
  TransferData: &stripe.PaymentIntentTransferDataParams{
    Destination: stripe.String("{{CONNECTED_STRIPE_ACCOUNT_ID}}"),
  },
}
pi, _ := paymentintent.New(params)
// Pass the client secret to the client

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

var service = new PaymentIntentService();
var createOptions = new PaymentIntentCreateOptions
{
  PaymentMethodTypes = new List<string>
  {
    "card",
  },
  Amount = 2000,
  Currency = "usd",
  ApplicationFeeAmount = 123,
  TransferData = new PaymentIntentTransferDataOptions 
  {
    Destination = "{{CONNECTED_STRIPE_ACCOUNT_ID}}",
  },
};
service.Create(createOptions);
// Pass the client secret to the client

In our home-rental example, we want to build an experience where customers pay for rentals by using our platform, and where we pay homeowners for renting to customers. To set this experience up:

  • Indicate the rental is a destination charge with transfer_data[destination].
  • Specify how much of the rental amount will go to the platform with application_fee_amount.

When a rental charge occurs, Stripe transfers the entire amount to the connected account’s pending balance (transfer_data[destination]). Afterward, Stripe transfers the fee amount (application_fee_amount) to the platform’s account, which is the share of the revenue for facilitating the rental. Then, Stripe deducts the Stripe fees from the platform’s fee amount. An illustration of this funds flow is below:

Instead of passing the entire PaymentIntent object to your app, just return its client secret. The PaymentIntent’s client secret is a unique key that lets you confirm the payment and update card details on the client, without allowing manipulation of sensitive information, like payment amount.

Client-side

On the client, request a PaymentIntent from your server and store its client secret.

class CheckoutViewController: UIViewController {
    var paymentIntentClientSecret: String?

    // ...continued from previous step

    override func viewDidLoad() {
        // ...continued from previous step
        startCheckout()
    }

    func startCheckout() {
        // Request a PaymentIntent from your server and store its client secret
        // Click Open on GitHub to see a full implementation
    }
}

@interface CheckoutViewController ()

// ...continued from previous step
@property (strong) NSString *paymentIntentClientSecret;

@end

@implementation CheckoutViewController

- (void)viewDidLoad {
    [super viewDidLoad];
    // ...continued from previous step
    [self startCheckout];
}

- (void)startCheckout {
    // Request a PaymentIntent from your server and store its client secret
    // Click Open on GitHub to see a full implementation
}

@end

Step 3.3: Submit the payment to Stripe Client-side

When the customer taps the Pay button, confirm the PaymentIntent to complete the payment.

First, assemble a STPPaymentIntentParams object with:

  1. The card text field’s payment method details
  2. The PaymentIntent client secret from your server

Rather than sending the entire PaymentIntent object to the client, use its client secret. This is different from your API keys that authenticate Stripe API requests. The client secret is a string that lets your app access important fields from the PaymentIntent (e.g., status) while hiding sensitive ones (e.g., customer).

The client secret should still be handled carefully because it can complete the charge. Do not log it, embed it in URLs, or expose it to anyone but the customer.

Next, complete the payment by calling the STPPaymentHandler confirmPayment method.

class CheckoutViewController: UIViewController {

    // ...

    @objc
    func pay() {
        guard let paymentIntentClientSecret = paymentIntentClientSecret else {
            return;
        }
        // Collect card details
        let cardParams = cardTextField.cardParams
        let paymentMethodParams = STPPaymentMethodParams(card: cardParams, billingDetails: nil, metadata: nil)
        let paymentIntentParams = STPPaymentIntentParams(clientSecret: paymentIntentClientSecret)
        paymentIntentParams.paymentMethodParams = paymentMethodParams

        // Submit the payment
        let paymentHandler = STPPaymentHandler.shared()
        paymentHandler.confirmPayment(withParams: paymentIntentParams, authenticationContext: self) { (status, paymentIntent, error) in
            switch (status) {
            case .failed:
                self.displayAlert(title: "Payment failed", message: error?.localizedDescription ?? "")
                break
            case .canceled:
                self.displayAlert(title: "Payment canceled", message: error?.localizedDescription ?? "")
                break
            case .succeeded:
                self.displayAlert(title: "Payment succeeded", message: paymentIntent?.description ?? "", restartDemo: true)
                break
            @unknown default:
                fatalError()
                break
            }
        }
    }
}

extension CheckoutViewController: STPAuthenticationContext {
    func authenticationPresentingViewController() -> UIViewController {
        return self
    }
}

@interface CheckoutViewController ()  <STPAuthenticationContext>

// ...

@end

@implementation CheckoutViewController

// ...

- (void)pay {
    if (!self.paymentIntentClientSecret) {
        NSLog(@"PaymentIntent hasn't been created");
        return;
    }

    // Collect card details
    STPPaymentMethodCardParams *cardParams = self.cardTextField.cardParams;
    STPPaymentMethodParams *paymentMethodParams = [STPPaymentMethodParams paramsWithCard:cardParams billingDetails:nil metadata:nil];
    STPPaymentIntentParams *paymentIntentParams = [[STPPaymentIntentParams alloc] initWithClientSecret:self.paymentIntentClientSecret];
    paymentIntentParams.paymentMethodParams = paymentMethodParams;

    // Submit the payment
    STPPaymentHandler *paymentHandler = [STPPaymentHandler sharedHandler];
    [paymentHandler confirmPayment:paymentIntentParams withAuthenticationContext:self completion:^(STPPaymentHandlerActionStatus status, STPPaymentIntent *paymentIntent, NSError *error) {
        dispatch_async(dispatch_get_main_queue(), ^{
            switch (status) {
                case STPPaymentHandlerActionStatusFailed: {
                    [self displayAlertWithTitle:@"Payment failed" message:error.localizedDescription ?: @"" restartDemo:NO];
                    break;
                }
                case STPPaymentHandlerActionStatusCanceled: {
                    [self displayAlertWithTitle:@"Payment canceled" message:error.localizedDescription ?: @"" restartDemo:NO];
                    break;
                }
                case STPPaymentHandlerActionStatusSucceeded: {
                    [self displayAlertWithTitle:@"Payment succeeded" message:paymentIntent.description ?: @"" restartDemo:YES];
                    break;
                }
                default:
                    break;
            }
        });
    }];
}

# pragma mark STPAuthenticationContext
- (UIViewController *)authenticationPresentingViewController {
    return self;
}

@end

If authentication is required by regulation such as Strong Customer Authentication, STPPaymentHandler presents view controllers using the STPAuthenticationContext passed in and walks the customer through that process. See Supporting 3D Secure Authentication on iOS to learn more.

If the payment succeeds, the completion handler is called with a status of .succeeded. If it fails, the status is .failed and you can display the error.localizedDescription to the user.

You can also check the status of a PaymentIntent in the Dashboard or by inspecting the status property on the object.

Step 3.4: Test the integration Client-side

By this point you should have a basic card integration that collects card details and makes a payment.

There are several test cards you can use in test mode to make sure this integration is ready. Use them with any CVC, postal code, and future expiration date.

Number Description
4242424242424242 Succeeds and immediately processes the payment.
4000002500003155 Requires authentication. Stripe will trigger a modal asking for the customer to authenticate.
4000000000009995 Always fails with a decline code of insufficient_funds.

For the full list of test cards see our guide on testing.

Step 3.5: Fulfillment Server-side

After the payment is completed, you’ll need to handle any fulfillment necessary on your end. A home-rental company that requires payment upfront, for instance, would connect the homeowner with the renter after a successful payment.

Configure a webhook endpoint (for events from your account) in your dashboard.

Then create an HTTP endpoint on your server to monitor for completed payments to then enable your sellers or service providers to fulfill purchases.

# Using Sinatra.
require 'sinatra'
require 'stripe'

set :port, 4242

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

# Uncomment and replace with a real secret. You can find your endpoint's
# secret in your webhook settings.
# webhook_secret = 'whsec_...'

post '/webhook' do
  payload = request.body.read
  sig_header = request.env['HTTP_STRIPE_SIGNATURE']

  event = nil

  # Verify webhook signature and extract the event.
  # See https://stripe.com/docs/webhooks/signatures for more information.
  begin
    event = Stripe::Webhook.construct_event(
      payload, sig_header, webhook_secret
    )
  rescue JSON::ParserError => e
    # Invalid payload.
    status 400
    return
  rescue Stripe::SignatureVerificationError => e
    # Invalid Signature.
    status 400
    return
  end

  if event['type'] == 'payment_intent.succeeded'
    payment_intent = event['data']['object']
    handle_successful_payment_intent(payment_intent)
  end

  status 200
end

def handle_successful_payment_intent(payment_intent)
  # Fulfill the purchase.
  puts payment_intent.to_s
end
import stripe
import json

# Using Flask.
from flask import (
    Flask,
    render_template,
    request,
    Response,
)

app = Flask(__name__, static_folder=".",
            static_url_path="", template_folder=".")

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

# Uncomment and replace with a real secret. You can find your endpoint's
# secret in your webhook settings.
# webhook_secret = 'whsec_...'

@app.route("/webhook", methods=["POST"])
def webhook_received():
  request_data = json.loads(request.data)
  signature = request.headers.get("stripe-signature")

  # Verify webhook signature and extract the event.
  # See https://stripe.com/docs/webhooks/signatures for more information.
  try:
    event = stripe.Webhook.construct_event(
        payload=request.data, sig_header=signature, secret=webhook_secret
    )
  except ValueError as e:
    # Invalid payload.
    return Response(status=400)
  except stripe.error.SignatureVerificationError as e:
    # Invalid Signature.
    return Response(status=400)

  if event["type"] == "payment_intent.succeeded":
    payment_intent = event["data"]["object"]
    handle_successful_payment_intent(payment_intent)

  return json.dumps({"success": True}), 200

def handle_successful_payment_intent(payment_intent):
  # Fulfill the purchase.
  print(str( payment_intent))

if __name__ == "__main__":
  app.run(port=4242)
<?php
// Using Slim.
use Slim\Http\Request;
use Slim\Http\Response;
use Stripe\Stripe;

require_once('vendor/autoload.php');

$app = new \Slim\App;

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

// Uncomment and replace with a real secret. You can find your endpoint's
// secret in your webhook settings.
// $webhook_secret = 'whsec_...';

$app->post('/webhook', function ($request, $response, $next) {
  $payload = $request->getBody();
  $sig_header = $request->getHeaderLine('stripe-signature');

  $event = null;

  // Verify webhook signature and extract the event.
  // See https://stripe.com/docs/webhooks/signatures for more information.
  try {
    $event = \Stripe\Webhook::constructEvent(
      $payload, $sig_header, $webhook_secret
    );
  } catch(\UnexpectedValueException $e) {
    // Invalid payload.
    return $response->withStatus(400);
  } catch(\Stripe\Exception\SignatureVerificationException $e) {
    // Invalid Signature.
    return $response->withStatus(400);
  }

  if ($event->type == 'payment_intent.succeeded') {
    $paymentIntent = $event->data->object;
    handleSuccessfulPaymentIntent($paymentIntent);
  }

  return $response->withStatus(200);
});

function handleSuccessfulPaymentIntent($paymentIntent) {
  // Fulfill the purchase.
  echo $paymentIntent;
};

$app->run();
// Using Express
const express = require('express');
const bodyParser = require("body-parser");
const app = express();
app.use(express.json());

// Use JSON parser for all non-webhook routes
app.use((req, res, next) => {
  if (req.originalUrl === "/webhook") {
    next();
  } else {
    bodyParser.json()(req, res, next);
  }
});

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

// Uncomment and replace with a real secret. You can find your endpoint's
// secret in your webhook settings.
// const webhook_secret = 'whsec_...''

app.post('/webhook', bodyParser.raw({type: 'application/json'}), (request, response) => {
  const sig = request.headers['stripe-signature'];

  let event;

  // Verify webhook signature and extract the event.
  // See https://stripe.com/docs/webhooks/signatures for more information.
  try {
    event = stripe.webhooks.constructEvent(request.body, sig, webhook_secret);
  } catch (err) {
    return response.status(400).send(`Webhook Error: ${err.message}`);
  }

  if (event.type === 'payment_intent.succeeded') {
    const paymentIntent = event.data.object;
    handleSuccessfulPaymentIntent(paymentIntent);
  }

  response.json({received: true});
});

const handleSuccessfulPaymentIntent = (paymentIntent) => {
  // Fulfill the purchase.
  console.log(JSON.stringify(paymentIntent));
}

app.listen(4242, () => console.log(`Node server listening on port ${4242}!`));
package com.stripe.sample;

import com.stripe.Stripe;
import com.stripe.model.PaymentIntent;
import com.stripe.model.Event;
import com.stripe.model.EventDataObjectDeserializer;
import com.stripe.exception.SignatureVerificationException;
import com.stripe.net.Webhook;
import com.google.gson.JsonSyntaxException;
import spark.Response;

// Using Spark.
import static spark.Spark.*;

public class Server {
  public static void main(String[] args) {
    port(4242);

    // Set your secret key. Remember to switch to your live secret key in production!
    // See your keys here: https://dashboard.stripe.com/account/apikeys
    Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";
    post("/webhook", (request, response) -> {
      String payload = request.body();
      String sigHeader = request.headers("Stripe-Signature");

      // Uncomment and replace with a real secret. You can find your endpoint's
      // secret in your webhook settings.
      // String webhookSecret = "whsec_..."

      Event event = null;

      // Verify webhook signature and extract the event.
      // See https://stripe.com/docs/webhooks/signatures for more information.
      try {
        event = Webhook.constructEvent(
          payload, sigHeader, webhookSecret
        );
      } catch (JsonSyntaxException e) {
      // Invalid payload.
        response.status(400);
        return "";
      } catch (SignatureVerificationException e) {
      // Invalid Signature.
        response.status(400);
        return "";
      }

      if ("payment_intent.succeeded".equals(event.getType())) {
        // Deserialize the nested object inside the event
        EventDataObjectDeserializer dataObjectDeserializer = event.getDataObjectDeserializer();
        PaymentIntent paymentIntent = null;
        if (dataObjectDeserializer.getObject().isPresent()) {
          paymentIntent = (PaymentIntent) dataObjectDeserializer.getObject().get();
          handleSuccessfulPaymentIntent(paymentIntent);
        } else {
          // Deserialization failed, probably due to an API version mismatch.
          // Refer to the Javadoc documentation on `EventDataObjectDeserializer` for
          // instructions on how to handle this case, or return an error here.
        }
      }

      response.status(200);
      return "";
    });
  }

  private static void handleSuccessfulPaymentIntent(PaymentIntent paymentIntent) {
    // Fulfill the purchase.
    System.out.println(paymentIntent.getId());
  }
}
package main

import (
  "encoding/json"
  "log"
  "fmt"
  "net/http"
  "io/ioutil"

  "github.com/stripe/stripe-go/v71"
  "github.com/stripe/stripe-go/v71/webhook"

  "os"
)

func main() {
  // Set your secret key. Remember to switch to your live secret key in production!
  // See your keys here: https://dashboard.stripe.com/account/apikeys
  stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

  http.HandleFunc("/webhook", handleWebhook)
  addr := "localhost:4242"

  log.Printf("Listening on %s ...", addr)
  log.Fatal(http.ListenAndServe(addr, nil))
}

func handleWebhook(w http.ResponseWriter, req *http.Request) {
  const MaxBodyBytes = int64(65536)
  req.Body = http.MaxBytesReader(w, req.Body, MaxBodyBytes)
  body, err := ioutil.ReadAll(req.Body)
  if err != nil {
      fmt.Fprintf(os.Stderr, "Error reading request body: %v\n", err)
      w.WriteHeader(http.StatusServiceUnavailable)
      return
  }

  // Uncomment and replace with a real secret. You can find your endpoint's
  // secret in your webhook settings.
  // webhookSecret := "whsec_..."

  // Verify webhook signature and extract the event.
  // See https://stripe.com/docs/webhooks/signatures for more information.
  event, err := webhook.ConstructEvent(body, req.Header.Get("Stripe-Signature"), webhookSecret)

  if err != nil {
      fmt.Fprintf(os.Stderr, "Error verifying webhook signature: %v\n", err)
      w.WriteHeader(http.StatusBadRequest) // Return a 400 error on a bad signature.
      return
  }

  if event.Type == "payment_intent.succeeded" {
      var paymentIntent stripe.PaymentIntent
      err := json.Unmarshal(event.Data.Raw, &paymentIntent)
      if err != nil {
          fmt.Fprintf(os.Stderr, "Error parsing webhook JSON: %v\n", err)
          w.WriteHeader(http.StatusBadRequest)
          return
      }
      handleSuccessfulPaymentIntent(paymentIntent)
  }

  w.WriteHeader(http.StatusOK)
}

func handleSuccessfulPaymentIntent(paymentIntent stripe.PaymentIntent) {
  // Fulfill the purchase.
  log.Println(paymentIntent.ID)
}
// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

using System;
using System.IO;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;

using Stripe;

namespace Controllers
{
  public class ConnectController : Controller
  {
    private readonly ILogger<ConnectController> logger;

    public ConnectController(
      ILogger<ConnectController> logger,
    ) {
      this.logger = logger;
    }

    [HttpPost("webhook")]
    public async Task<IActionResult> ProcessWebhookEvent()
    {
      var json = await new StreamReader(HttpContext.Request.Body).ReadToEndAsync();

      // Uncomment and replace with a real secret. You can find your endpoint's
      // secret in your webhook settings.
      // const string webhookSecret = "whsec_..."

      // Verify webhook signature and extract the event.
      // See https://stripe.com/docs/webhooks/signatures for more information.
      try
      {
        var stripeEvent = EventUtility.ConstructEvent(json, Request.Headers["Stripe-Signature"], webhookSecret);

        if (stripeEvent.Type == Events.PaymentIntentSucceeded) {
          var paymentIntent = stripeEvent.Data.Object as PaymentIntent;
          HandleSuccessfulPaymentIntent(paymentIntent);
        }

        return Ok();
      }
      catch (Exception e)
      {
        logger.LogInformation(e.ToString());
        return BadRequest();
      }
    }

      // Fulfill the purchase.
    private void HandleSuccessfulPaymentIntent(PaymentIntent paymentIntent) {
      logger.LogInformation($"{paymentIntent}");
    }
  }
}

Learn more in our fulfillment guide for payments.

Testing webhooks locally

Testing webhooks locally is easy with the Stripe CLI.

  1. First, install the Stripe CLI on your machine if you haven’t already.

  2. Then, to log in run stripe login in the command line, and follow the instructions.

  3. Finally, to allow your local host to receive a simulated event on your connected account run stripe listen --forward-to localhost:{PORT}/webhook in one terminal window, and run stripe trigger payment_intent.succeeded (or trigger any other supported event) in another.

Step 3.6: Disputes

As the settlement merchant on charges, your platform is responsible for disputes. Make sure you understand the best practices for responding to disputes.

4 Complete and customize your integration

You now have a working integration. From your account dashboard, you can view an account and its balance.

You can review other Connect features that you might want to consider adding to the integration.

Payouts

By default, any charge that you transfer to a connected account accumulates in the connected account’s Stripe balance and is paid out on a daily rolling basis. But, you can change the payout schedule if needed.

Testing

The Connect-specific testing resource provides tokens to help simulate flows for accounts and onboarding, payouts, and top-ups. To test your payments and disputes flow, we provide a number of test cards available to simulate payment outcomes.

Next steps

Manage connected accounts

Customize payments

This guide demonstrates how to accept payments and move funds to the bank accounts of your sellers or service providers. For demonstration purposes, we’ll build a home-rental marketplace that connects homeowners to people looking for a place to rent. You can use the concepts covered in this guide in other applications as well.

You can see a complete onboarding flow in action in our sample end-to-end Express integration.

Prerequisites

  1. Register your platform.
  2. Activate your account.
  3. Fill out your platform profile.
  4. Customize your brand settings on the Connect settings page. This information is required for Connect Onboarding.

1 Set up Stripe Server-side Client-side

First, you need a Stripe account. Register now.

Server-side

This integration requires endpoints on your server that talk to the Stripe API. Use our official libraries for access to the Stripe API from your server:

# Available as a gem
gem install stripe
# If you use bundler, you can add this line to your Gemfile
gem 'stripe'
# Install through pip
pip install --upgrade stripe
# Or find the Stripe package on http://pypi.python.org/pypi/stripe/
# Find the version you want to pin:
# https://github.com/stripe/stripe-python/blob/master/CHANGELOG.md
# Specify that version in your requirements.txt file
stripe>=2.48.0,<3.0
# Install the PHP library via Composer
composer require stripe/stripe-php
# Or download the source directly: https://github.com/stripe/stripe-php/releases
/*
 For Gradle, add the following dependency to your build.gradle and replace {VERSION} with
 the version number you want to use from
 - https://mvnrepository.com/artifact/com.stripe/stripe-java or
 - https://github.com/stripe/stripe-java/releases/latest
*/
implementation "com.stripe:stripe-java:{VERSION}"
<!--
  For Maven, add the following dependency to your POM and replace {VERSION} with the
  version number you want to use from
  - https://mvnrepository.com/artifact/com.stripe/stripe-java or
  - https://github.com/stripe/stripe-java/releases/latest
-->
<dependency>
  <groupId>com.stripe</groupId>
  <artifactId>stripe-java</artifactId>
  <version>{VERSION}</version>
</dependency>
# For other environments, manually install the following JARs:
# - The Stripe JAR from https://github.com/stripe/stripe-java/releases/latest
# - Google Gson from https://github.com/google/gson
# Install via npm
npm install --save stripe
# Make sure your project is using Go Modules
go mod init
# Install stripe-go
go get -u github.com/stripe/stripe-go/v71
// Then import the package
import (
  "github.com/stripe/stripe-go/v71"
)
# Install via dotnet
dotnet add package Stripe.net
dotnet restore
# Or install via NuGet
PM> Install-Package Stripe.net

Client-side

The Android SDK is open source and fully documented.

To install the SDK, add stripe-android to the dependencies block of your app/build.gradle file:

This example requires the Androidx Browser library.

apply plugin: 'com.android.application'

android { ... }

dependencies {
  // ...

  // Stripe Android SDK
  implementation 'com.stripe:stripe-android:16.0.1'

  // AndroidX Browser library
  implementation 'androidx.browser:browser:1.2.0'

}

Using the Androidx Browser library allows you to open the user’s preferred browser in a separate activity which is tied to your app.

If you do not wish to include the Androidx Browser library, you can launch a web intent using the same URL.

Configure the SDK with your Stripe publishable key so that it can make requests to the Stripe API, such as in your Application subclass:

import com.stripe.android.PaymentConfiguration

class MyApp : Application() {
    override fun onCreate() {
        super.onCreate()
        PaymentConfiguration.init(
            applicationContext,
            "pk_test_TYooMQauvdEDq54NiTphI7jx"
        )
    }
}

import com.stripe.android.PaymentConfiguration;

public class MyApp extends Application {
    @Override
    public void onCreate() {
        super.onCreate();
        PaymentConfiguration.init(
            getApplicationContext(),
            "pk_test_TYooMQauvdEDq54NiTphI7jx"
        );
    }
}

Our code samples also use OkHttp and GSON to make HTTP requests to a server.

2 Create a connected account

When a user (seller or service provider) signs up on your platform, create a user Account (referred to as a connected account) so you can accept payments and move funds to their bank account. Connected accounts represent your users in the Stripe API and help collect the information required to verify the user’s identity. In our home-rental example, the connected account represents the homeowner.

Step 2.1: Create an Express account and prefill information Server-side

Use the /v1/accounts API to create an Express account and set type to express in the account creation request.

curl https://api.stripe.com/v1/accounts \
  -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
  -d type=express

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

account = Stripe::Account.create({
  type: 'express',
})

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

account = stripe.Account.create(
  type='express',
)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

$account = \Stripe\Account::create([
  'country' => 'US',
  'type' => 'express',
]);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

AccountCreateParams params =
  AccountCreateParams.builder()
    .setType(AccountCreateParams.Type.EXPRESS)
    .build();

Account account = Account.create(params);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

const account = await stripe.accounts.create({
  type: 'express',
});

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

params := &stripe.AccountParams{
  Type: stripe.String(string(stripe.AccountTypeExpress)),
}
acct, _ := account.New(params)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

var options = new AccountCreateOptions
{
  Type = "express",
};

var service = new AccountService();
var account = service.Create(options);

If you already collected information for your connected accounts, you can prefill that information on the account object for the user and it won’t be collected again in the Connect Onboarding flow. Connect Onboarding only collects required information when you create or update an account.

Step 2.2: Create an account link Server-side

You can create an account link by calling the Account Links API with the following parameters:

  • account
  • refresh_url
  • return_url
  • type = account_onboarding
curl https://api.stripe.com/v1/account_links \
  -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
  -d account=acct_1032D82eZvKYlo2C \
  -d refresh_url="https://example.com/reauth" \
  -d return_url="https://example.com/return" \
  -d type=account_onboarding

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

account_links = Stripe::AccountLink.create({
  account: 'acct_1032D82eZvKYlo2C',
  refresh_url: 'https://example.com/reauth',
  return_url: 'https://example.com/return',
  type: 'account_onboarding',
})

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

account_links = stripe.AccountLink.create(
  account='acct_1032D82eZvKYlo2C',
  refresh_url='https://example.com/reauth',
  return_url='https://example.com/return',
  type='account_onboarding',
)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

$account_links = \Stripe\AccountLink::create([
  'account' => 'acct_1032D82eZvKYlo2C',
  'refresh_url' => 'https://example.com/reauth',
  'return_url' => 'https://example.com/return',
  'type' => 'account_onboarding',
]);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

AccountLinkCreateParams params =
  AccountLinkCreateParams.builder()
    .setAccount("acct_1032D82eZvKYlo2C")
    .setRefreshUrl("https://example.com/reauth")
    .setReturnUrl("https://example.com/return")
    .setType("account_onboarding")
    .build();

AccountLink accountLink = AccountLink.create(params);

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

const accountLinks = await stripe.accountLinks.create({
  account: 'acct_1032D82eZvKYlo2C',
  refresh_url: 'https://example.com/reauth',
  return_url: 'https://example.com/return',
  type: 'account_onboarding',
});

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

params := &stripe.AccountLinkParams{
    Account: stripe.String("acct_1032D82eZvKYlo2C"),
    RefreshURL: stripe.String("https://example.com/reauth"),
    ReturnURL: stripe.String("https://example.com/return"),
    Type: stripe.String("account_onboarding"),
}
acc, _ := accountlink.New(params)

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

var options = new AccountLinkCreateOptions
{
    Account = "acct_1032D82eZvKYlo2C",
    RefreshUrl = "https://example.com/reauth",
    ReturnUrl = "https://example.com/return",
    Type = "account_onboarding",
};
var service = new AccountLinkService();
var accountLink = service.Create(options);

Step 2.3: Redirect your user to the account link URL Client-side

The response to your Account Links request includes a value for the key url. Redirect to this link to send your user into the flow. URLs from the Account Links API are temporary and can only be used once, because they grant access to the account holder’s personal information. Authenticate the user in your application before redirecting them to this URL. If you want to prefill information, you must do so before generating the account link. After you create the account link for an Express account, you can’t read or write information for the account.

<?xml version="1.0" encoding="utf-8"?>
<androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
    xmlns:app="http://schemas.android.com/apk/res-auto"
    xmlns:tools="http://schemas.android.com/tools"
    android:layout_width="match_parent"
    android:layout_height="match_parent"
    tools:context=".activity.ConnectWithStripeActivity">

    <Button
        android:id="@+id/connect_with_stripe"
        android:text="Connect with Stripe"
        android:layout_height="wrap_content"
        android:layout_width="wrap_content"
        app:layout_constraintBottom_toBottomOf="parent"
        app:layout_constraintEnd_toEndOf="parent"
        app:layout_constraintStart_toStartOf="parent"
        app:layout_constraintTop_toTopOf="parent"
        style="?attr/materialButtonOutlinedStyle"
        />

</androidx.constraintlayout.widget.ConstraintLayout>

class ConnectWithStripeActivity : AppCompatActivity() {

    private val viewBinding: ActivityConnectWithStripeViewBinding by lazy {
        ActivityConnectWithStripeViewBinding.inflate(layoutInflater)
    }
    private val httpClient = OkHttpClient()

    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        setContentView(viewBinding.root)

        viewBinding.connectWithStripe.setOnClickListener {
            val weakActivity = WeakReference<Activity>(this)
            val request = Request.Builder()
                .url(BACKEND_URL + "onboard-user")
                .post("".toRequestBody())
                .build()
            httpClient.newCall(request)
                .enqueue(object: Callback {
                    override fun onFailure(call: Call, e: IOException) {
                        // Request failed
                    }
                    override fun onResponse(call: Call, response: Response) {
                        if (!response.isSuccessful) {
                            // Request failed
                        } else {
                            val responseData = response.body?.string()
                            val responseJson =
                                responseData?.let { JSONObject(it) } ?: JSONObject()
                            val url = responseJson.getString("url")

                            weakActivity.get()?.let {
                                val builder: CustomTabsIntent.Builder = CustomTabsIntent.Builder()
                                val customTabsIntent = builder.build()
                                customTabsIntent.launchUrl(it, Uri.parse(url))
                            }
                        }
                    }
                })
        }
    }

    internal companion object {
        internal const val BACKEND_URL = "https://example-backend-url.com/"
    }
}
public class ConnectWithStripeActivity extends AppCompatActivity {
    private static final String BACKEND_URL = "https://example-backend-url.com/";
    private OkHttpClient httpClient = new OkHttpClient();
    private ActivityConnectWithStripeViewBinding viewBinding;

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        viewBinding = ActivityConnectWithStripeViewBinding.inflate(getLayoutInflater());

        viewBinding.connectWithStripe.setOnClickListener(view -> {
            WeakReference<Activity> weakActivity = new WeakReference<>(this);
            Request request = new Request.Builder()
                    .url(BACKEND_URL + "onboard-user")
                    .post(RequestBody.create("", MediaType.get("application/json; charset=utf-8")))
                    .build();
            httpClient.newCall(request)
                    .enqueue(new Callback() {
                        @Override
                        public void onFailure(@NotNull Call call, @NotNull IOException e) {
                            // Request failed
                        }

                        @Override
                        public void onResponse(@NotNull Call call, @NotNull Response response) throws IOException {
                            final Activity activity = weakActivity.get();
                            if (activity == null) {
                                return;
                            }
                            if (!response.isSuccessful() || response.body() == null) {
                                // Request failed
                            } else {
                                String body = response.body().string();
                                try {
                                    JSONObject responseJson = new JSONObject(body);
                                    String url = responseJson.getString("url");
                                    CustomTabsIntent.Builder builder = new CustomTabsIntent.Builder();
                                    CustomTabsIntent customTabsIntent = builder.build();
                                    customTabsIntent.launchUrl(view.getContext(), Uri.parse(url));
                                } catch (JSONException e) {
                                    e.printStackTrace();
                                }
                            }
                        }
                    });
        });
    }
}

Step 2.4: Handle the user returning to your platform Client-side

Connect Onboarding requires you to pass both a return_url and refresh_url to handle all cases where the user will be redirected to your platform. It’s important that you implement these correctly to provide the best experience for your user. You can set up a deep link to enable Android to redirect to your app automatically.

return_url

Stripe issues a redirect to this URL when the user completes the Connect Onboarding flow. This doesn’t mean that all information has been collected or that there are no outstanding requirements on the account. This only means the flow was entered and exited properly.

No state is passed through this URL. After a user is redirected to your return_url, check the state of the details_submitted parameter on their account by doing either of the following:

  • Listening to account.updated webhooks
  • Calling the Accounts API and inspecting the returned object

refresh_url

Your user will be redirected to the refresh_url in these cases:

  • The link is expired (a few minutes went by since the link was created).
  • The link was already visited (the user refreshed the page or clicked back or forward in the browser).
  • Your platform is no longer able to access the account.
  • The account has been rejected.

Your refresh_url should trigger a method on your server to call Account Links again with the same parameters, and redirect the user to the Connect Onboarding flow to create a seamless experience.

Step 2.5: Handle users that haven't completed onboarding

A user that’s redirected to your return_url might not have completed the onboarding process. Use the /v1/accounts endpoint to retrieve the user’s account and check for charges_enabled. If the account isn’t fully onboarded, provide UI prompts to allow the user to continue onboarding later. The user can complete their account activation through a new account link (generated by your integration). You can check the state of the details_submitted parameter on their account to see if they’ve completed the onboarding process.

3 Accept a payment

Step 3.1: Create your checkout page Client-side

Securely collect card information on the client with CardInputWidget, a drop-in UI component provided by the SDK.

CardInputWidget performs on-the-fly validation and formatting.

Create an instance of the card component and a Pay button by adding the following to your checkout page’s layout:

<?xml version="1.0" encoding="utf-8"?>

<LinearLayout
    xmlns:android="http://schemas.android.com/apk/res/android"
    xmlns:tools="http://schemas.android.com/tools"
    android:layout_width="match_parent"
    android:layout_height="match_parent"
    android:orientation="vertical"
    android:padding="20dp"
    tools:context=".CheckoutActivityKotlin"
    tools:showIn="@layout/activity_checkout">

    <!--  ...  -->

    <com.stripe.android.view.CardInputWidget
        android:id="@+id/cardInputWidget"
        android:layout_width="match_parent"
        android:layout_height="wrap_content" />

    <Button
        android:text="@string/pay"
        android:layout_width="match_parent"
        android:layout_height="wrap_content"
        android:id="@+id/payButton"
        android:layout_marginTop="20dp"
        android:backgroundTint="@android:color/holo_green_light"/>

    <!--  ...  -->

</LinearLayout>

Run your app, and make sure your checkout page shows the card component and pay button.

Step 3.2: Create a PaymentIntent Server-sideClient-side

Stripe uses a PaymentIntent object to represent your intent to collect payment from a customer, tracking your charge attempts and payment state changes throughout the process.

Server-side

On your server, make an endpoint that creates a PaymentIntent with an amount and currency. Always decide how much to charge on the server side, a trusted environment, as opposed to the client. This prevents malicious customers from being able to choose their own prices.

curl https://api.stripe.com/v1/payment_intents \
  -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
  -d "payment_method_types[]"=card \
  -d amount=1000 \
  -d currency=usd \
  -d application_fee_amount=123 \
  -d "transfer_data[destination]"="{{CONNECTED_STRIPE_ACCOUNT_ID}}"

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

payment_intent = Stripe::PaymentIntent.create({
  payment_method_types: ['card'],
  amount: 1000,
  currency: 'usd',
  application_fee_amount: 123,
  transfer_data: {
    destination: '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
  },
})
client_secret = payment_intent['client_secret']
# Pass the client secret to the client

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

payment_intent = stripe.PaymentIntent.create(
  payment_method_types=['card'],
  amount=1000,
  currency='usd',
  application_fee_amount=123,
  transfer_data={
    'destination': '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
  }
)
client_secret = intent.client_secret
# Pass the client secret to the client

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

$payment_intent = \Stripe\PaymentIntent::create([
  'payment_method_types' => ['card'],
  'amount' => 1000,
  'currency' => 'usd',
  'application_fee_amount' => 123,
  'transfer_data' => [
    'destination' => '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
  ],
]);
$client_secret = $intent->client_secret;
// Pass the client secret to the client

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

ArrayList paymentMethodTypes = new ArrayList();
paymentMethodTypes.add("card");

Map<String, Object> params = new HashMap<>();
params.put("payment_method_types", paymentMethodTypes);
params.put("amount", 1000);
params.put("currency", "usd");
params.put("application_fee_amount", 123);
Map<String, Object> transferDataParams = new HashMap<>();
transferDataParams.put("destination", "{{CONNECTED_STRIPE_ACCOUNT_ID}}");
params.put("transfer_data", transferDataParams);
PaymentIntent paymentIntent = PaymentIntent.create(params);
PaymentIntent intent = PaymentIntent.create(params);
String clientSecret = intent.getClientSecret();
// Pass the client secret to the client

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

const paymentIntent = await stripe.paymentIntents.create({
  payment_method_types: ['card'],
  amount: 1000,
  currency: 'usd',
  application_fee_amount: 123,
  transfer_data: {
    destination: '{{CONNECTED_STRIPE_ACCOUNT_ID}}',
  },
});
const clientSecret = paymentIntent.client_secret;

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

params := &stripe.PaymentIntentParams{
  PaymentMethodTypes: stripe.StringSlice([]string{
    "card",
  }),
  Amount: stripe.Int64(1000),
  Currency: stripe.String(string(stripe.CurrencyUSD)),
  ApplicationFeeAmount: stripe.Int64(123),
  TransferData: &stripe.PaymentIntentTransferDataParams{
    Destination: stripe.String("{{CONNECTED_STRIPE_ACCOUNT_ID}}"),
  },
}
pi, _ := paymentintent.New(params)
// Pass the client secret to the client

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

var service = new PaymentIntentService();
var createOptions = new PaymentIntentCreateOptions
{
  PaymentMethodTypes = new List<string>
  {
    "card",
  },
  Amount = 2000,
  Currency = "usd",
  ApplicationFeeAmount = 123,
  TransferData = new PaymentIntentTransferDataOptions 
  {
    Destination = "{{CONNECTED_STRIPE_ACCOUNT_ID}}",
  },
};
service.Create(createOptions);
// Pass the client secret to the client

In our home-rental example, we want to build an experience where customers pay for rentals by using our platform, and where we pay homeowners for renting to customers. To set this experience up:

  • Indicate the rental is a destination charge with transfer_data[destination].
  • Specify how much of the rental amount will go to the platform with application_fee_amount.

When a rental charge occurs, Stripe transfers the entire amount to the connected account’s pending balance (transfer_data[destination]). Afterward, Stripe transfers the fee amount (application_fee_amount) to the platform’s account, which is the share of the revenue for facilitating the rental. Then, Stripe deducts the Stripe fees from the platform’s fee amount. An illustration of this funds flow is below:

Instead of passing the entire PaymentIntent object to your app, just return its client secret. The PaymentIntent’s client secret is a unique key that lets you confirm the payment and update card details on the client, without allowing manipulation of sensitive information, like payment amount.

Client-side

On the client, request a PaymentIntent from your server and store its client secret.

class CheckoutActivity : AppCompatActivity() {

  private lateinit var paymentIntentClientSecret: String

  override fun onCreate(savedInstanceState: Bundle?) {
      super.onCreate(savedInstanceState)
      // ...
      startCheckout()
  }

  private fun startCheckout() {
      // Request a PaymentIntent from your server and store its client secret in paymentIntentClientSecret
      // Click Open on GitHub to see a full implementation
  }
}

public class CheckoutActivity extends AppCompatActivity {

    private String paymentIntentClientSecret;

    @Override
    public void onCreate(Bundle savedInstanceState) {
        // ...
        startCheckout();
    }

    private void startCheckout() {
        // Request a PaymentIntent from your server and store its client secret in paymentIntentClientSecret
        // Click Open on GitHub to see a full implementation
    }
}

Step 3.3: Submit the payment to Stripe Client-side

When the customer taps the Pay button, confirm the PaymentIntent to complete the payment.

First, assemble a ConfirmPaymentIntentParams object with:

  1. The card component’s payment method details
  2. The PaymentIntent client secret from your server

Rather than sending the entire PaymentIntent object to the client, use its client secret. This is different from your API keys that authenticate Stripe API requests. The client secret is a string that lets your app access important fields from the PaymentIntent (e.g., status) while hiding sensitive ones (e.g., customer).

The client secret should still be handled carefully because it can complete the charge. Do not log it, embed it in URLs, or expose it to anyone but the customer.

Next, complete the payment by calling the stripe confirmPayment method.

class CheckoutActivity : AppCompatActivity() {
    // ...
    private lateinit var paymentIntentClientSecret: String
    private lateinit var stripe: Stripe

    private fun startCheckout() {
        // ...

        // Hook up the pay button to the card widget and stripe instance
        val payButton: Button = findViewById(R.id.payButton)
        payButton.setOnClickListener {
            val params = cardInputWidget.paymentMethodCreateParams
            if (params != null) {
                val confirmParams = ConfirmPaymentIntentParams
                    .createWithPaymentMethodCreateParams(params, paymentIntentClientSecret)
                stripe = Stripe(applicationContext, PaymentConfiguration.getInstance(applicationContext).publishableKey)
                stripe.confirmPayment(this, confirmParams)
            }
        }
    }

    override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
        super.onActivityResult(requestCode, resultCode, data)
        val weakActivity = WeakReference<Activity>(this)

        // Handle the result of stripe.confirmPayment
        stripe.onPaymentResult(requestCode, data, object : ApiResultCallback<PaymentIntentResult> {
            override fun onSuccess(result: PaymentIntentResult) {
                val paymentIntent = result.intent
                val status = paymentIntent.status
                if (status == StripeIntent.Status.Succeeded) {
                    val gson = GsonBuilder().setPrettyPrinting().create()
                    displayAlert(weakActivity.get(), "Payment succeeded", gson.toJson(paymentIntent), restartDemo = true)
                } else {
                    displayAlert(weakActivity.get(), "Payment failed", paymentIntent.lastPaymentError?.message ?: "")
                }
            }

            override fun onError(e: Exception) {
                displayAlert(weakActivity.get(), "Payment failed", e.toString())
            }
        })
    }
}

public class CheckoutActivity extends AppCompatActivity {
    // ...
    private String paymentIntentClientSecret;
    private Stripe stripe;

    private void startCheckout() {
        // ...

        // Hook up the pay button to the card widget and stripe instance
        Button payButton = findViewById(R.id.payButton);
        payButton.setOnClickListener((View view) -> {
            PaymentMethodCreateParams params = cardInputWidget.getPaymentMethodCreateParams();
            if (params != null) {
                ConfirmPaymentIntentParams confirmParams = ConfirmPaymentIntentParams
                        .createWithPaymentMethodCreateParams(params, paymentIntentClientSecret);
                final Context context = getApplicationContext();
                stripe = new Stripe(
                        context,
                        PaymentConfiguration.getInstance(context).getPublishableKey()
                );
                stripe.confirmPayment(this, confirmParams);
            }
        });
    }

    // ...

    @Override
    protected void onActivityResult(int requestCode, int resultCode, @Nullable Intent data) {
        super.onActivityResult(requestCode, resultCode, data);

        // Handle the result of stripe.confirmPayment
        stripe.onPaymentResult(requestCode, data, new PaymentResultCallback(this));
    }

    // ...

    private static final class PaymentResultCallback
            implements ApiResultCallback<PaymentIntentResult> {
        @NonNull private final WeakReference<CheckoutActivity> activityRef;

        PaymentResultCallback(@NonNull CheckoutActivity activity) {
            activityRef = new WeakReference<>(activity);
        }

        @Override
        public void onSuccess(@NonNull PaymentIntentResult result) {
            final CheckoutActivity activity = activityRef.get();
            if (activity == null) {
                return;
            }

            PaymentIntent paymentIntent = result.getIntent();
            PaymentIntent.Status status = paymentIntent.getStatus();
            if (status == PaymentIntent.Status.Succeeded) {
                // Payment completed successfully
                Gson gson = new GsonBuilder().setPrettyPrinting().create();
                activity.displayAlert(
                        "Payment completed",
                        gson.toJson(paymentIntent),
                        true
                );
            } else if (status == PaymentIntent.Status.RequiresPaymentMethod) {
                // Payment failed
                activity.displayAlert(
                        "Payment failed",
                        Objects.requireNonNull(paymentIntent.getLastPaymentError()).getMessage(),
                        false
                );
            }
        }

        @Override
        public void onError(@NonNull Exception e) {
            final CheckoutActivity activity = activityRef.get();
            if (activity == null) {
                return;
            }

            // Payment request failed – allow retrying using the same payment method
            activity.displayAlert("Error", e.toString(), false);
        }
    }
}

If authentication is required by regulation such as Strong Customer Authentication, the SDK presents additional activities and walks the customer through that process. See Supporting 3D Secure Authentication on Android to learn more.

When the payment completes, onSuccess is called and the value of the returned PaymentIntent’s status is Succeeded. Any other value indicates the payment was not successful. Inspect lastPaymentError to determine the cause.

You can also check the status of a PaymentIntent in the Dashboard or by inspecting the status property on the object.

Step 3.4: Test the integration Client-side

By this point you should have a basic card integration that collects card details and makes a payment.

There are several test cards you can use in test mode to make sure this integration is ready. Use them with any CVC, postal code, and future expiration date.

Number Description
4242424242424242 Succeeds and immediately processes the payment.
4000002500003155 Requires authentication. Stripe will trigger a modal asking for the customer to authenticate.
4000000000009995 Always fails with a decline code of insufficient_funds.

For the full list of test cards see our guide on testing.

Step 3.5: Fulfillment Server-side

After the payment is completed, you’ll need to handle any fulfillment necessary on your end. A home-rental company that requires payment upfront, for instance, would connect the homeowner with the renter after a successful payment.

Configure a webhook endpoint (for events from your account) in your dashboard.

Then create an HTTP endpoint on your server to monitor for completed payments to then enable your sellers or service providers to fulfill purchases.

# Using Sinatra.
require 'sinatra'
require 'stripe'

set :port, 4242

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

# Uncomment and replace with a real secret. You can find your endpoint's
# secret in your webhook settings.
# webhook_secret = 'whsec_...'

post '/webhook' do
  payload = request.body.read
  sig_header = request.env['HTTP_STRIPE_SIGNATURE']

  event = nil

  # Verify webhook signature and extract the event.
  # See https://stripe.com/docs/webhooks/signatures for more information.
  begin
    event = Stripe::Webhook.construct_event(
      payload, sig_header, webhook_secret
    )
  rescue JSON::ParserError => e
    # Invalid payload.
    status 400
    return
  rescue Stripe::SignatureVerificationError => e
    # Invalid Signature.
    status 400
    return
  end

  if event['type'] == 'payment_intent.succeeded'
    payment_intent = event['data']['object']
    handle_successful_payment_intent(payment_intent)
  end

  status 200
end

def handle_successful_payment_intent(payment_intent)
  # Fulfill the purchase.
  puts payment_intent.to_s
end
import stripe
import json

# Using Flask.
from flask import (
    Flask,
    render_template,
    request,
    Response,
)

app = Flask(__name__, static_folder=".",
            static_url_path="", template_folder=".")

# Set your secret key. Remember to switch to your live secret key in production!
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc'

# Uncomment and replace with a real secret. You can find your endpoint's
# secret in your webhook settings.
# webhook_secret = 'whsec_...'

@app.route("/webhook", methods=["POST"])
def webhook_received():
  request_data = json.loads(request.data)
  signature = request.headers.get("stripe-signature")

  # Verify webhook signature and extract the event.
  # See https://stripe.com/docs/webhooks/signatures for more information.
  try:
    event = stripe.Webhook.construct_event(
        payload=request.data, sig_header=signature, secret=webhook_secret
    )
  except ValueError as e:
    # Invalid payload.
    return Response(status=400)
  except stripe.error.SignatureVerificationError as e:
    # Invalid Signature.
    return Response(status=400)

  if event["type"] == "payment_intent.succeeded":
    payment_intent = event["data"]["object"]
    handle_successful_payment_intent(payment_intent)

  return json.dumps({"success": True}), 200

def handle_successful_payment_intent(payment_intent):
  # Fulfill the purchase.
  print(str( payment_intent))

if __name__ == "__main__":
  app.run(port=4242)
<?php
// Using Slim.
use Slim\Http\Request;
use Slim\Http\Response;
use Stripe\Stripe;

require_once('vendor/autoload.php');

$app = new \Slim\App;

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

// Uncomment and replace with a real secret. You can find your endpoint's
// secret in your webhook settings.
// $webhook_secret = 'whsec_...';

$app->post('/webhook', function ($request, $response, $next) {
  $payload = $request->getBody();
  $sig_header = $request->getHeaderLine('stripe-signature');

  $event = null;

  // Verify webhook signature and extract the event.
  // See https://stripe.com/docs/webhooks/signatures for more information.
  try {
    $event = \Stripe\Webhook::constructEvent(
      $payload, $sig_header, $webhook_secret
    );
  } catch(\UnexpectedValueException $e) {
    // Invalid payload.
    return $response->withStatus(400);
  } catch(\Stripe\Exception\SignatureVerificationException $e) {
    // Invalid Signature.
    return $response->withStatus(400);
  }

  if ($event->type == 'payment_intent.succeeded') {
    $paymentIntent = $event->data->object;
    handleSuccessfulPaymentIntent($paymentIntent);
  }

  return $response->withStatus(200);
});

function handleSuccessfulPaymentIntent($paymentIntent) {
  // Fulfill the purchase.
  echo $paymentIntent;
};

$app->run();
// Using Express
const express = require('express');
const bodyParser = require("body-parser");
const app = express();
app.use(express.json());

// Use JSON parser for all non-webhook routes
app.use((req, res, next) => {
  if (req.originalUrl === "/webhook") {
    next();
  } else {
    bodyParser.json()(req, res, next);
  }
});

// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc');

// Uncomment and replace with a real secret. You can find your endpoint's
// secret in your webhook settings.
// const webhook_secret = 'whsec_...''

app.post('/webhook', bodyParser.raw({type: 'application/json'}), (request, response) => {
  const sig = request.headers['stripe-signature'];

  let event;

  // Verify webhook signature and extract the event.
  // See https://stripe.com/docs/webhooks/signatures for more information.
  try {
    event = stripe.webhooks.constructEvent(request.body, sig, webhook_secret);
  } catch (err) {
    return response.status(400).send(`Webhook Error: ${err.message}`);
  }

  if (event.type === 'payment_intent.succeeded') {
    const paymentIntent = event.data.object;
    handleSuccessfulPaymentIntent(paymentIntent);
  }

  response.json({received: true});
});

const handleSuccessfulPaymentIntent = (paymentIntent) => {
  // Fulfill the purchase.
  console.log(JSON.stringify(paymentIntent));
}

app.listen(4242, () => console.log(`Node server listening on port ${4242}!`));
package com.stripe.sample;

import com.stripe.Stripe;
import com.stripe.model.PaymentIntent;
import com.stripe.model.Event;
import com.stripe.model.EventDataObjectDeserializer;
import com.stripe.exception.SignatureVerificationException;
import com.stripe.net.Webhook;
import com.google.gson.JsonSyntaxException;
import spark.Response;

// Using Spark.
import static spark.Spark.*;

public class Server {
  public static void main(String[] args) {
    port(4242);

    // Set your secret key. Remember to switch to your live secret key in production!
    // See your keys here: https://dashboard.stripe.com/account/apikeys
    Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";
    post("/webhook", (request, response) -> {
      String payload = request.body();
      String sigHeader = request.headers("Stripe-Signature");

      // Uncomment and replace with a real secret. You can find your endpoint's
      // secret in your webhook settings.
      // String webhookSecret = "whsec_..."

      Event event = null;

      // Verify webhook signature and extract the event.
      // See https://stripe.com/docs/webhooks/signatures for more information.
      try {
        event = Webhook.constructEvent(
          payload, sigHeader, webhookSecret
        );
      } catch (JsonSyntaxException e) {
      // Invalid payload.
        response.status(400);
        return "";
      } catch (SignatureVerificationException e) {
      // Invalid Signature.
        response.status(400);
        return "";
      }

      if ("payment_intent.succeeded".equals(event.getType())) {
        // Deserialize the nested object inside the event
        EventDataObjectDeserializer dataObjectDeserializer = event.getDataObjectDeserializer();
        PaymentIntent paymentIntent = null;
        if (dataObjectDeserializer.getObject().isPresent()) {
          paymentIntent = (PaymentIntent) dataObjectDeserializer.getObject().get();
          handleSuccessfulPaymentIntent(paymentIntent);
        } else {
          // Deserialization failed, probably due to an API version mismatch.
          // Refer to the Javadoc documentation on `EventDataObjectDeserializer` for
          // instructions on how to handle this case, or return an error here.
        }
      }

      response.status(200);
      return "";
    });
  }

  private static void handleSuccessfulPaymentIntent(PaymentIntent paymentIntent) {
    // Fulfill the purchase.
    System.out.println(paymentIntent.getId());
  }
}
package main

import (
  "encoding/json"
  "log"
  "fmt"
  "net/http"
  "io/ioutil"

  "github.com/stripe/stripe-go/v71"
  "github.com/stripe/stripe-go/v71/webhook"

  "os"
)

func main() {
  // Set your secret key. Remember to switch to your live secret key in production!
  // See your keys here: https://dashboard.stripe.com/account/apikeys
  stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

  http.HandleFunc("/webhook", handleWebhook)
  addr := "localhost:4242"

  log.Printf("Listening on %s ...", addr)
  log.Fatal(http.ListenAndServe(addr, nil))
}

func handleWebhook(w http.ResponseWriter, req *http.Request) {
  const MaxBodyBytes = int64(65536)
  req.Body = http.MaxBytesReader(w, req.Body, MaxBodyBytes)
  body, err := ioutil.ReadAll(req.Body)
  if err != nil {
      fmt.Fprintf(os.Stderr, "Error reading request body: %v\n", err)
      w.WriteHeader(http.StatusServiceUnavailable)
      return
  }

  // Uncomment and replace with a real secret. You can find your endpoint's
  // secret in your webhook settings.
  // webhookSecret := "whsec_..."

  // Verify webhook signature and extract the event.
  // See https://stripe.com/docs/webhooks/signatures for more information.
  event, err := webhook.ConstructEvent(body, req.Header.Get("Stripe-Signature"), webhookSecret)

  if err != nil {
      fmt.Fprintf(os.Stderr, "Error verifying webhook signature: %v\n", err)
      w.WriteHeader(http.StatusBadRequest) // Return a 400 error on a bad signature.
      return
  }

  if event.Type == "payment_intent.succeeded" {
      var paymentIntent stripe.PaymentIntent
      err := json.Unmarshal(event.Data.Raw, &paymentIntent)
      if err != nil {
          fmt.Fprintf(os.Stderr, "Error parsing webhook JSON: %v\n", err)
          w.WriteHeader(http.StatusBadRequest)
          return
      }
      handleSuccessfulPaymentIntent(paymentIntent)
  }

  w.WriteHeader(http.StatusOK)
}

func handleSuccessfulPaymentIntent(paymentIntent stripe.PaymentIntent) {
  // Fulfill the purchase.
  log.Println(paymentIntent.ID)
}
// Set your secret key. Remember to switch to your live secret key in production!
// See your keys here: https://dashboard.stripe.com/account/apikeys
StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";

using System;
using System.IO;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;

using Stripe;

namespace Controllers
{
  public class ConnectController : Controller
  {
    private readonly ILogger<ConnectController> logger;

    public ConnectController(
      ILogger<ConnectController> logger,
    ) {
      this.logger = logger;
    }

    [HttpPost("webhook")]
    public async Task<IActionResult> ProcessWebhookEvent()
    {
      var json = await new StreamReader(HttpContext.Request.Body).ReadToEndAsync();

      // Uncomment and replace with a real secret. You can find your endpoint's
      // secret in your webhook settings.
      // const string webhookSecret = "whsec_..."

      // Verify webhook signature and extract the event.
      // See https://stripe.com/docs/webhooks/signatures for more information.
      try
      {
        var stripeEvent = EventUtility.ConstructEvent(json, Request.Headers["Stripe-Signature"], webhookSecret);

        if (stripeEvent.Type == Events.PaymentIntentSucceeded) {
          var paymentIntent = stripeEvent.Data.Object as PaymentIntent;
          HandleSuccessfulPaymentIntent(paymentIntent);
        }

        return Ok();
      }
      catch (Exception e)
      {
        logger.LogInformation(e.ToString());
        return BadRequest();
      }
    }

      // Fulfill the purchase.
    private void HandleSuccessfulPaymentIntent(PaymentIntent paymentIntent) {
      logger.LogInformation($"{paymentIntent}");
    }
  }
}

Learn more in our fulfillment guide for payments.

Testing webhooks locally

Testing webhooks locally is easy with the Stripe CLI.

  1. First, install the Stripe CLI on your machine if you haven’t already.

  2. Then, to log in run stripe login in the command line, and follow the instructions.

  3. Finally, to allow your local host to receive a simulated event on your connected account run stripe listen --forward-to localhost:{PORT}/webhook in one terminal window, and run stripe trigger payment_intent.succeeded (or trigger any other supported event) in another.

Step 3.6: Disputes

As the settlement merchant on charges, your platform is responsible for disputes. Make sure you understand the best practices for responding to disputes.

4 Complete and customize your integration

You now have a working integration. From your account dashboard, you can view an account and its balance.

You can review other Connect features that you might want to consider adding to the integration.

Payouts

By default, any charge that you transfer to a connected account accumulates in the connected account’s Stripe balance and is paid out on a daily rolling basis. But, you can change the payout schedule if needed.

Testing

The Connect-specific testing resource provides tokens to help simulate flows for accounts and onboarding, payouts, and top-ups. To test your payments and disputes flow, we provide a number of test cards to simulate payment outcomes.

Next steps

Manage connected accounts

Customize payments

Was this page helpful?
Questions? Contact us.
Developer tutorials on YouTube.
You can unsubscribe at any time. Read our privacy policy.
On this page
Prerequisites
Set up Stripe
Create a connected account
Accept a payment
Complete and customize your integration