The Payment Intents API
Learn more about the Payment Intents API that powers Stripe payments.
Overview
Use the Payment Intents API to build a payments integration that can handle complexity. This API tracks a payment, from initial creation through the entire checkout process, and triggers additional authentication steps when required.
As global payments evolve, we expect to see an increase in dynamic payments. Regulatory mandates, custom Radar fraud rules, or redirect-based payment methods are just some examples that could trigger extra steps in a single payment process. Start accepting payments now.
Our Payment Intents API prepares your business for growth:
- Automatic authentication handling
- No double charges
- No idempotency key issues
- Support for Strong Customer AuthenticationStrong Customer Authentication (SCA) is a regulatory requirement in effect as of September 14, 2019, that impacts many European online payments. It requires customers to use two-factor authentication like 3D Secure to verify their purchase. (SCA) and similar regulatory changes
The Charges API is available for standing up basic payments—without handling additional authentication—in the U.S. and Canada. We strongly recommend updating your integration to make scaling your business simpler in a world of evolving payments regulations.
A complete set of APIs
Use the Payment Intents API together with the Setup Intents and Payment Methods APIs.
These new APIs help you handle dynamic payments (e.g., additional authentication like 3D Secure3D Secure provides an additional layer of authentication for credit card transactions that protects merchants from liability for fraudulent card payments.) and prepare you for expansion to other countries. As new regulations and regional payment methods come with different requirements, these APIs help you support them.
Add payment methods with the Payment Methods API, set them up for future payments with the Setup Intents API, and drive the payment process with the Payment Intents API.
Building an integration with the Payment Intents API involves two actions: creating and confirmingConfirming a PaymentIntent indicates that the customer intends to pay with the current or provided payment method. Upon confirmation, the PaymentIntent attempts to initiate a payment. a PaymentIntent. Each PaymentIntent typically correlates with a single shopping cart or customer session in your application. The PaymentIntent encapsulates details about the transaction, such as the supported payment methods, the amount to collect, and the desired currency.
Creating a PaymentIntent
To get started, accept a payment.
In the guide, you’ll create a PaymentIntent on the server and pass its client secretThe client secret is a unique key returned from Stripe as part of a PaymentIntent. This string lets the client access important fields from the PaymentIntent (e.g., status) while hiding sensitive ones (e.g., amount). to the client instead of passing the entire PaymentIntent object. The payment is confirmed on the client, and your server monitors webhooks to detect when the payment completes successfully or fails.
When you create the PaymentIntent, you can specify options like the amount and currency:
curl https://api.stripe.com/v1/payment_intents \ -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \ -d amount=1099 \ -d currency=usd \ -d "payment_method_types[]"=card
# Set your secret key: remember to switch to your live secret key in production # See your keys here: https://dashboard.stripe.com/account/apikeys Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc' intent = Stripe::PaymentIntent.create({ amount: 1099, currency: 'usd', payment_method_types: ['card'], })
# Set your secret key: remember to switch to your live secret key in production # See your keys here: https://dashboard.stripe.com/account/apikeys stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc' stripe.PaymentIntent.create( amount=1099, currency='usd', payment_method_types=['card'], )
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys \Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc'); \Stripe\PaymentIntent::create([ 'amount' => 1099, 'currency' => 'usd', 'payment_method_types' => ['card'], ]);
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"; Map<String, Object> params = new HashMap<String, Object>(); params.put("amount", 1099); params.put("currency", "usd"); params.put("payment_method_types", Arrays.asList("card")); PaymentIntent.create(params);
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc'); (async () => { const paymentIntent = await stripe.paymentIntents.create({ amount: 1099, currency: 'usd', payment_method_types: ['card'], }); })();
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc" params := &stripe.PaymentIntentParams{ Amount: stripe.Int64(1099), Currency: stripe.String(string(stripe.CurrencyUSD)), PaymentMethodTypes: stripe.StringSlice([]string{ "card", }), } paymentintent.New(params)
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"; var service = new PaymentIntentService(); var options = new PaymentIntentCreateOptions { Amount = 1099, Currency = "usd", PaymentMethodTypes = new List<string> { "card" }, }; var intent = service.Create(options);
Best practices
We recommend creating a PaymentIntent as soon as the amount is known, such as when the customer begins the checkout process, to help track your sales funnel. If the amount changes, you can update its amount. For example, if your customer backs out of the checkout process and adds new items to their cart, you may need to update the amount accordingly when they start the checkout process again.
If the checkout process is interrupted and resumes later, you should attempt to reuse the same PaymentIntent instead of creating a new one. Each PaymentIntent has a unique ID that you can use to retrieve it if you need it again. In your application’s data model, you can store the PaymentIntent’s ID on the customer’s shopping cart or session in order to facilitate retrieval. The benefit of reusing the PaymentIntent is that the object helps track any failed payment attempts for a given cart or session.
You should also provide an idempotency key—typically based on the ID that you associate with the cart or customer session in your application—when creating the PaymentIntent to avoid erroneously creating duplicate PaymentIntents for the same purchase.
Passing the client secret to the client side
The PaymentIntent contains a client secret, a key that is unique to the individual PaymentIntent. On the client side of your application, the client secret is used as a parameter when invoking Stripe.js functions (such as stripe.confirmCardPayment or stripe.handleCardAction) to complete the payment.
To use the client secret, you must obtain it from the PaymentIntent on your server and pass it to the client side. There are different approaches that you can use to get the client secret to the client side. Choose the approach that best suits the architecture of your application.
Server-side rendering
If your application uses server-side rendering, you may wish to use your template framework to embed the client secret in the HTML output of your checkout page during rendering. You can embed it in a data attribute or hidden HTML element and then extract it with JavaScript in order to use it to complete payment.
<input id="card-name" type="text"> <!-- placeholder for Elements --> <div id="card-element"></div> <button id="card-button" data-secret="<%= @intent.client_secret %>">Submit Payment</button>
get '/checkout' do @intent = # ... Fetch or create the PaymentIntent erb :checkout end
<input id="card-name" type="text"> <!-- placeholder for Elements --> <div id="card-element"></div> <button id="card-button" data-secret="{{ client_secret }}"> Submit Payment </button>
@app.route('/checkout') def checkout(): intent = # ... Fetch or create the PaymentIntent return render_template('checkout.html', client_secret=intent.client_secret)
<?php $intent = # ... Fetch or create the PaymentIntent; ?> ... <input id="card-name" type="text"> <!-- placeholder for Elements --> <div id="card-element"></div> <button id="card-button" data-secret="<?= $intent->client_secret ?>"> Submit Payment </button> ...
<input id="card-name" type="text"> <!-- placeholder for Elements --> <div id="card-element"></div> <button id="card-button" data-secret="{{ client_secret }}"> Submit Payment </button>
import java.util.HashMap; import java.util.Map; import com.stripe.model.PaymentIntent; import spark.ModelAndView; import static spark.Spark.get; public class StripeJavaQuickStart { public static void main(String[] args) { get("/checkout", (request, response) -> { PaymentIntent intent = // ... Fetch or create the PaymentIntent Map map = new HashMap(); map.put("client_secret", intent.getClientSecret()); return new ModelAndView(map, "checkout.hbs"); }, new HandlebarsTemplateEngine()); } }
<input id="card-name" type="text"> <!-- placeholder for Elements --> <div id="card-element"></div> <button id="card-button" data-secret="{{ client_secret }}"> Submit Payment </button>
const express = require('express'); const expressHandlebars = require('express-handlebars'); const app = express(); app.engine('.hbs', expressHandlebars({ extname: '.hbs' })); app.set('view engine', '.hbs'); app.set('views', './views'); app.get('/checkout', async (req, res) => { const intent = // ... Fetch or create the PaymentIntent res.render('checkout', { client_secret: intent.client_secret }); }); app.listen(3000, () => { console.log('Running on port 3000'); });
<input id="card-name" type="text"> <!-- placeholder for Elements --> <div id="card-element"></div> <button id="card-button" data-secret="{{ .ClientSecret }}"> Submit Payment </button>
package main import ( "html/template" "net/http" stripe "github.com/stripe/stripe-go" ) type CheckoutData struct { ClientSecret string } func main() { checkoutTmpl := template.Must(template.ParseFiles("views/checkout.html")) http.HandleFunc("/checkout", func(w http.ResponseWriter, r *http.Request) { intent := // ... Fetch or create the PaymentIntent data := CheckoutData{ ClientSecret: intent.ClientSecret, } checkoutTmpl.Execute(w, data) }) http.ListenAndServe(":3000", nil) }
<input id="card-name" type="text"> <!-- placeholder for Elements --> <div id="card-element"></div> <button id="card-button" data-secret="@ViewData["ClientSecret"]"> Submit Payment </button>
using System; using Microsoft.AspNetCore.Mvc; using Stripe; namespace StripeExampleApi.Controllers { [Route("/[controller]")] public class CheckoutController : Controller { public IActionResult Index() { var intent = // ... Fetch or create the PaymentIntent ViewData["ClientSecret"] = intent.ClientSecret; return View(); } } }
Single-page application
Alternately, you can retrieve the client secret from an endpoint on your server using the browser’s fetch function on the client side. This approach is generally most suitable when your client side is a single-page application, particularly one built with a modern frontend framework such as React or Vue. This example shows how to create the server endpoint that serves the client secret:
get '/secret' do intent = # ... Create or retrieve the PaymentIntent {client_secret: intent.client_secret}.to_json end
from flask import jsonify @app.route('/secret') def secret(): intent = # ... Create or retrieve the PaymentIntent return jsonify(client_secret=intent.client_secret)
<?php $intent = # ... Create or retrieve the PaymentIntent echo json_encode(array('client_secret' => $intent->client_secret)); ?>
import java.util.HashMap; import java.util.Map; import com.stripe.model.PaymentIntent; import com.google.gson.Gson; import static spark.Spark.get; public class StripeJavaQuickStart { public static void main(String[] args) { Gson gson = new Gson(); get("/secret", (request, response) -> { PaymentIntent intent = // ... Fetch or create the PaymentIntent Map<String, String> map = new HashMap(); map.put("client_secret", intent.getClientSecret()); return map; }, gson::toJson); } }
const express = require('express'); const app = express(); app.get('/secret', async (req, res) => { const intent = // ... Fetch or create the PaymentIntent res.json({client_secret: intent.client_secret}); }); app.listen(3000, () => { console.log('Running on port 3000'); });
package main import ( "encoding/json" "net/http" stripe "github.com/stripe/stripe-go" ) type CheckoutData struct { ClientSecret string `json:"client_secret"` } func main() { http.HandleFunc("/secret", func(w http.ResponseWriter, r *http.Request) { intent := // ... Fetch or create the PaymentIntent data := CheckoutData{ ClientSecret: intent.ClientSecret, } w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusOK) json.NewEncoder(w).Encode(data) }) http.ListenAndServe(":3000", nil) }
using System; using Microsoft.AspNetCore.Mvc; using Stripe; namespace StripeExampleApi.Controllers { [Route("secret")] [ApiController] public class CheckoutApiController : Controller { [HttpGet] public ActionResult Get() { var intent = // ... Fetch or create the PaymentIntent return Json(new {client_secret = intent.ClientSecret}); } } }
This example demonstrates how to fetch the client secret with JavaScript on the client side:
var response = fetch('/secret').then(function(response) { return response.json(); }).then(function(responseJson) { var clientSecret = responseJson.client_secret; // Call stripe.confirmCardPayment() with the client secret. });
(async () => { const response = await fetch('/secret'); const {client_secret: clientSecret} = await response.json(); // Call stripe.confirmCardPayment() with the client secret. })();
Similarly for iOS and Android applications, you can fetch the client secret from the server.
Optimizing cards for future payments
When you save a payment method to use again in the future, use the setup_future_usage parameter to optimize authorization rates. To determine which value to use, consider how you want to use this card in the future.
| How you intend to use the card | setup_future_usage enum value to use |
|---|---|
| On-sessionA payment is described as on-session if it occurs while the customer is actively in your checkout flow and able to authenticate the payment method. payments only | on_session |
| Off-sessionA payment is described as off-session if it occurs without the direct involvement of the customer, using previously-collected payment information. payments only | off_session |
| Both on and off-session payments | off_session |
A card set up for on-session payments can still be used to make off-sessionA payment is described as off-session if it occurs without the direct involvement of the customer, using previously-collected payment information. payments, but the bank is more likely to reject the off-session payment and require authentication from the cardholder.
The following example shows how to create a PaymentIntent and specify setup_future_usage:
curl https://api.stripe.com/v1/payment_intents \ -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \ -d amount=1099 \ -d currency=usd \ -d setup_future_usage=off_session
# Set your secret key: remember to switch to your live secret key in production # See your keys here: https://dashboard.stripe.com/account/apikeys Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc' Stripe::PaymentIntent.create({ amount: 1099, currency: 'usd', setup_future_usage: 'off_session', })
# Set your secret key: remember to switch to your live secret key in production # See your keys here: https://dashboard.stripe.com/account/apikeys stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc' stripe.PaymentIntent.create( amount=1099, currency='usd', setup_future_usage='off_session', )
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys \Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc'); $intent = \Stripe\PaymentIntent::create([ 'amount' => 1099, 'currency' => 'usd', 'setup_future_usage' => 'off_session', ])
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"; Map<String, Object> params = new HashMap<>(); params.put("amount", 1099); params.put("currency", "eur"); params.put("setup_future_usage", "off_session"); PaymentIntent paymentIntent = PaymentIntent.create(params);
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc'); (async () => { const intent = await stripe.paymentIntents.create({ amount: 1099, currency: 'usd', setup_future_usage: 'off_session', }); })();
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc" params := &stripe.PaymentIntentParams{ Amount: stripe.Int64(1099), Currency: stripe.String(string(stripe.CurrencyUSD)), SetupFutureUsage: stripe.String(string(stripe.PaymentIntentSetupFutureUsageOffSession)), } pi, _ := paymentintent.New(params)
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"; var service = new PaymentIntentService(); var options = new PaymentIntentCreateOptions { Amount = 1099, Currency = "usd", SetupFutureUsage = "off_session", }; var paymentIntent = service.Create(options);
Dynamic statement descriptor
By default, your Stripe account’s statement descriptor appears on customer statements whenever you charge their card. To provide a different description on a per-payment basis, include the statement_descriptor parameter.
curl https://api.stripe.com/v1/payment_intents \ -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \ -d amount=1099 \ -d currency=usd \ -d "payment_method_types[]"=card \ -d statement_descriptor="Custom descriptor"
# Set your secret key: remember to switch to your live secret key in production # See your keys here: https://dashboard.stripe.com/account/apikeys Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc' intent = Stripe::PaymentIntent.create({ amount: 1099, currency: 'usd', payment_method_types: ['card'], statement_descriptor: 'Custom descriptor', })
# Set your secret key: remember to switch to your live secret key in production # See your keys here: https://dashboard.stripe.com/account/apikeys stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc' stripe.PaymentIntent.create( amount=1099, currency='usd', payment_method_types=['card'], statement_descriptor='Custom descriptor', )
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys \Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc'); \Stripe\PaymentIntent::create([ 'amount' => 1099, 'currency' => 'usd', 'payment_method_types' => ['card'], 'statement_descriptor' => 'Custom descriptor', ]);
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"; Map<String, Object> params = new HashMap<String, Object>(); params.put("amount", 1099); params.put("currency", "usd"); params.put("payment_method_types", Arrays.asList("card")); params.put("statement_descriptor", "Custom descriptor"); PaymentIntent.create(params);
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc'); (async () => { const paymentIntent = await stripe.paymentIntents.create({ amount: 1099, currency: 'usd', payment_method_types: ['card'], statement_descriptor: 'Custom descriptor', }); })();
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc" params := &stripe.PaymentIntentParams{ Amount: stripe.Int64(1099), Currency: stripe.String(string(stripe.CurrencyUSD)), PaymentMethodTypes: stripe.StringSlice([]string{ "card", }), StatementDescriptor: stripe.String("Custom descriptor"), } paymentintent.New(params)
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"; var service = new PaymentIntentService(); var options = new PaymentIntentCreateOptions { Amount = 1099, Currency = "usd", PaymentMethodTypes = new List<string> { "card" }, StatementDescriptor = "Custom descriptor", }; var intent = service.Create(options);
Statement descriptors are limited to 22 characters, cannot use the special characters <, >, ', ", or *, and must not consist solely of numbers. When using dynamic statement descriptors, the dynamic text is appended to the statement descriptor prefix set in the Stripe Dashboard. An * and an empty space are also added to separate the default statement descriptor from the dynamic portion. These two characters count towards the 22 character limit.
Storing information in metadata
Stripe supports adding metadata to the most common requests you make, such as processing payments. Metadata isn’t shown to customers or factored into whether or not a payment is declined or blocked by our fraud prevention system.
Through metadata, you can associate other information—meaningful to you—with Stripe activity. Any metadata you include is viewable in the Dashboard (e.g., when looking at the page for an individual payment), and is also available in common reports. As an example, your store’s order ID can be attached to the PaymentIntent used to pay for that order. Doing so allows you, your accountant, or your finance team to easily reconcile payments in Stripe to orders in your system.
If you are using Radar, consider passing any additional customer information and order information as metadata. By doing so, you can write Radar rules using metadata attributes and have more information about the payment available within the Dashboard which can expedite your review process.
When a PaymentIntent creates a charge, the PaymentIntent copies its metadata to the charge. Subsequent updates to the PaymentIntent’s metadata will not modify the metadata of charges previously created by the PaymentIntent.
curl https://api.stripe.com/v1/payment_intents \ -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \ -d amount=1099 \ -d currency=usd \ -d "payment_method_types[]"=card \ -d "metadata[order_id]"=6735
# Set your secret key: remember to switch to your live secret key in production # See your keys here: https://dashboard.stripe.com/account/apikeys Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc' intent = Stripe::PaymentIntent.create({ amount: 1099, currency: 'usd', payment_method_types: ['card'], metadata: { order_id: 6735, }, })
# Set your secret key: remember to switch to your live secret key in production # See your keys here: https://dashboard.stripe.com/account/apikeys stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc' stripe.PaymentIntent.create( amount=1099, currency='usd', payment_method_types=['card'], metadata={ 'order_id': 6735, }, )
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys \Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc'); \Stripe\PaymentIntent::create([ 'amount' => 1099, 'currency' => 'usd', 'payment_method_types' => ['card'], 'metadata' => [ 'order_id' => 6735, ], ]);
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"; Map<String, Object> params = new HashMap<String, Object>(); params.put("amount", 1099); params.put("currency", "usd"); params.put("payment_method_types", Arrays.asList("card")); Map<String, String> metadata = new HashMap<>(); metadata.put("order_id", 6735); params.put("metadata", metadata); PaymentIntent.create(params);
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc'); (async () => { const paymentIntent = await stripe.paymentIntents.create({ amount: 1099, currency: 'usd', payment_method_types: ['card'], metadata: { order_id: 6735, }, }); })();
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc" params := &stripe.PaymentIntentParams{ Amount: stripe.Int64(1099), Currency: stripe.String(string(stripe.CurrencyUSD)), PaymentMethodTypes: stripe.StringSlice([]string{ "card", }), } params.AddMetadata("order_id", 6735) paymentintent.New(params)
// Set your secret key: remember to switch to your live secret key in production // See your keys here: https://dashboard.stripe.com/account/apikeys StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"; var service = new PaymentIntentService(); var options = new PaymentIntentCreateOptions { Amount = 1099, Currency = "usd", PaymentMethodTypes = new List<string> { "card" }, Metadata = new Dictionary<String, String>() {{"OrderId", "6735"}}, }; var intent = service.Create(options);