Customer Session 

A Customer Session allows you to grant Stripe’s frontend SDKs (like Stripe.js) client-side access control over a Customer.

Related guides: Customer Session with the Payment Element, Customer Session with the Pricing Table, Customer Session with the Buy Button.

The Customer Session object 

Attributes

  • client_secretstring

    The client secret of this Customer Session. Used on the client to set up secure access to the given customer.

    The client secret can be used to provide access to customer from your frontend. It should not be stored, logged, or exposed to anyone other than the relevant customer. Make sure that you have TLS enabled on any page that includes the client secret.

  • componentsobject

    This hash defines which component is enabled and the features it supports.

  • customerstringExpandable

    The Customer the Customer Session was created for.

  • expires_attimestamp

    The timestamp at which this Customer Session will expire.

More attributes

  • objectstring

  • createdtimestamp

  • livemodeboolean

The Customer Session object
{
"object": "customer_session",
"client_secret": "_POpxYpmkXdtttYtZQYhrsOJZ2RCQ9kCqqXRU6qrP5c4Jgje",
"components": {
"buy_button": {
"enabled": false
},
"pricing_table": {
"enabled": true
}
},
"customer": "cus_PO34b57IOUb83c",
"expires_at": 1684790027,
"livemode": false
}

Create a Customer Session 

Creates a Customer Session object that includes a single-use client secret that you can use on your front-end to grant client-side API access for certain customer resources.

Parameters

  • componentsobjectRequired

    Configuration for each component. Exactly 1 component must be enabled.

  • customerstringRequired

    The ID of an existing customer for which to create the Customer Session.

Returns

Returns a Customer Session object.

POST /v1/customer_sessions
curl https://api.stripe.com/v1/customer_sessions \
-u "sk_test_BQokikJ...2HlWgH4olfQ2sk_test_BQokikJOvBiI2HlWgH4olfQ2:" \
-d customer=cus_PO34b57IOUb83c \
-d "components[pricing_table][enabled]"=true
Response
{
"object": "customer_session",
"client_secret": "_POpxYpmkXdtttYtZQYhrsOJZ2RCQ9kCqqXRU6qrP5c4Jgje",
"components": {
"buy_button": {
"enabled": false
},
"pricing_table": {
"enabled": true
}
},
"customer": "cus_PO34b57IOUb83c",
"expires_at": 1684790027,
"livemode": false
}

Disputes 

A dispute occurs when a customer questions your charge with their card issuer. When this happens, you have the opportunity to respond to the dispute with evidence that shows that the charge is legitimate.

Related guide: Disputes and fraud

Events 

Events are our way of letting you know when something interesting happens in your account. When an interesting event occurs, we create a new Event object. For example, when a charge succeeds, we create a charge.succeeded event, and when an invoice payment attempt fails, we create an invoice.payment_failed event. Certain API requests might create multiple events. For example, if you create a new subscription for a customer, you receive both a customer.subscription.created event and a charge.succeeded event.

Events occur when the state of another API resource changes. The event’s data field embeds the resource’s state at the time of the change. For example, a charge.succeeded event contains a charge, and an invoice.payment_failed event contains an invoice.

As with other API resources, you can use endpoints to retrieve an individual event or a list of events from the API. We also have a separate webhooks system for sending the Event objects directly to an endpoint on your server. You can manage webhooks in your account settings. Learn how to listen for events so that your integration can automatically trigger reactions.

When using Connect, you can also receive event notifications that occur in connected accounts. For these events, there’s an additional account attribute in the received Event object.

We only guarantee access to events through the Retrieve Event API for 30 days.