What should I test as I integrate Stripe?
When using Stripe.js, you should ensure the following:
- The card number, expiration, CVC and amount are set correctly in
createToken. - In the response handler for
createToken, card errors are handled and displayed properly. - Only a valid token is passed to your server as part of payment form submission.
- Sensitive card details (number, expiration and CVC) are not included in form data submitted to your server.
In server-side code, you can test the following:
- All values submitted from the payment form are valid and expected.
- All API errors are handled properly.
- Relevant Stripe webhooks are handled correctly (more on how to test webhooks below).
Before you go live, verify your publishable and secret keys. You can see all your keys on your account page.
Account Settings
You can configure your decline settings in https://dashboard.stripe.com/account.
These allow you to decide whether a failing cvc_check
or failing address_zip_check should cause the charge to
be rejected. Perhaps surprisingly, even if these details are wrong,
the charge can succeed; it's up to you decide what to do in that
case.
Note that we don't have a setting
for address_line1_check failures to cause a decline, as
the data for this particular check tends to be pretty noisy.
We recommend leaving these settings at their defaults unless you have special requirements.
Logs
As you integrate and test Stripe, you may find it useful to view logs of your requests.
How do I debug JavaScript?
There are many tools for tracking down problems in your client side code. We recommend reading about the Chrome Web Inspector. Should you need it, you can also load a debug version of Stripe.js at https://js.stripe.com/v2/stripe-debug.js.
How do I test Stripe webhooks?
The Stripe dashboard has a test feature built in. Navigate to your webhook settings and click Test Webhooks. You can select a type of webhook, and one of your test webhook URLs. If you don't have any test webhook URLs defined, you'll have to define one first.
If you don't have a server set up to receive webhooks but want to see example webhook requests, we suggest using a service like RequestBin to inspect the requests we send.
If you'd like to test subscription webhooks with live data, a useful trick is setting the subscription's trial_end attribute to a short time in the future. This ensures you don't have to wait a month to receive an invoice webhook.
Which card numbers should I use for testing?
In test mode, you can use these test cards to simulate a successful transaction:
| Number | Card type |
|---|---|
4242424242424242 | Visa |
4012888888881881 | Visa |
4000056655665556 | Visa (debit) |
5555555555554444 | MasterCard |
5200828282828210 | MasterCard (debit) |
5105105105105100 | MasterCard (prepaid) |
378282246310005 | American Express |
371449635398431 | American Express |
6011111111111117 | Discover |
6011000990139424 | Discover |
30569309025904 | Diners Club |
38520000023237 | Diners Club |
3530111333300000 | JCB |
3566002020360505 | JCB |
In addition, these cards will produce specific responses that are useful for testing different scenarios:
| Number | Description |
|---|---|
4000000000000077 | Charge will succeed and funds will be added directly to your available balance (bypassing your pending balance). |
4000000000000010 | With default account settings, charge will succeed but address_line1_check and address_zip_check will both fail. |
4000000000000028 | With default account settings, charge will succeed but address_line1_check will fail. |
4000000000000036 | With default account settings, charge will succeed but address_zip_check will fail. |
4000000000000044 | With default account settings, charge will succeed but address_zip_check and address_line1_check will both be unavailable. |
4000000000000101 | With default account settings, charge will succeed but cvc_check will fail if a CVC is entered. |
4000000000000341 | Attaching this card to a Customer object will succeed, but attempts to charge the customer will fail. |
4000000000000002 | Charge will be declined with a card_declined code. |
4000000000000127 | Charge will be declined with an incorrect_cvc code. |
4000000000000069 | Charge will be declined with an expired_card code. |
4000000000000119 | Charge will be declined with a processing_error code. |
Additional test mode validation: By default, passing address or CVC data with the card number will cause the address and CVC checks to succeed. If not specified, the value of the checks will be null. Any expiration date in the future will be considered valid.
How do I test specific error codes?
Some suggestions:
card_declined: Use this special card number -4000000000000002.incorrect_number: Use a number that fails the Luhn check, e.g.4242424242424241.invalid_expiry_month: Use an invalid month e.g.13.invalid_expiry_year: Use a year in the past e.g.1970.invalid_cvc: Use a two digit number e.g.99.
The full list of API error codes is available here.
How do I test accepting Bitcoin?
In test mode, you can use the following test emails (set on BitcoinReceiver objects) to test different edge cases. By default, a receiver will always be paid 3 seconds after creation.
| Description | |
|---|---|
{any_prefix}+fill_never@{any_domain} | Bitcoin are never sent to the receiver address. |
{any_prefix}+fill_now@{any_domain} | The next time that the receiver is retrieved after creation, it has been filled by bitcoin. |
How do I test disputes?
In test mode, you can use the test card below to simulate a disputed transaction:
| Number | Description |
|---|---|
4000000000000259 | With default account settings, charge will succeed, only to be disputed. |
The following evidence, when submitted, will produce specific actions that are useful for testing the dispute flow:
| Evidence | Description |
|---|---|
winning_evidence | The dispute will be closed and marked as won. Your account will be credited the amount of the charge and related fees. |
losing_evidence | The dispute will be closed and marked as lost. Your account will not be credited. |
How do I test sending transfers?
When sending third-party transfers in test mode, you can use these test bank accounts, tax IDs, and debit card numbers.
Test tax IDs
Pass in any name and one of these tax IDs (they work as both SSNs and EINs) for the desired recipient verification behavior.
| Number | Type |
|---|---|
000000000 | Successful verification |
111111111 | Unsuccessful verification (identity mismatch) |
Test debit card numbers
You can attach these test debit card numbers to your recipient to test transferring to a debit card. These can only be used with test secret keys.
| Number | Type |
|---|---|
5200828282828210 | MasterCard debit. Transfer will succeed. |
4000056655665556 | Visa debit. Transfer will succeed. |
4000056655665564 | Visa debit. Transfer will fail with a could_not_process code. |
Test bank account numbers
There are various test routing and account numbers you can use to trigger certain events. These can only be used with test secret keys. When creating test transfers, you must use a test account number but you can use any valid US routing number.
Routing numbers
| Number | Type |
|---|---|
110000000 | STRIPE TEST BANK US routing number |
Account numbers
| Number | Type |
|---|---|
000123456789 | Transfer will succeed. |
000111111116 | Transfer will fail with a no_account code. |
000111111113 | Transfer will fail with an account_closed code. |
000222222227 | Transfer will fail with an insufficient_funds code. |
000333333335 | Transfer will fail with a not_authorized code. |
000444444440 | Transfer will fail with an invalid_currency code. |
United States
