# Place an extended hold on an online card payment
Learn how to use extended authorizations to capture online card payments up to 30 days after authorization.
# Stripe-hosted page
> This is a Stripe-hosted page for when platform is web and ui is stripe-hosted. View the full page at https://docs.stripe.com/payments/extended-authorization?platform=web&ui=stripe-hosted.
Extended authorizations have a longer authorization validity period, which allows you to hold customer funds for longer than standard authorization validity windows. For most card networks, the default authorization validity period is 7 days for online payments and 2 days for in-person [Terminal](https://docs.stripe.com/terminal.md) payments, whereas extended validity periods can go up to 30 days depending on the card network. For more information about authorization validity windows, see [place a hold on a payment method](https://docs.stripe.com/payments/place-a-hold-on-a-payment-method.md).
## Availability
When you use extended authorizations, there are no regional restrictions. However, be aware of the following limitations:
- They’re only available with Visa, Mastercard, American Express, and Discover.
- Certain card brands have merchant category restrictions. Refer to the network availability table below.
- This page describes extended authorizations for online card payments. For in-person card payments using extended authorizations, refer to the [Terminal documentation](https://docs.stripe.com/terminal/features/extended-authorizations.md).
- [mode](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-mode) is set to `payment` and [capture_method](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-payment_intent_data-capture_method) is set to `manual` on the [CheckoutSession](https://docs.stripe.com/api/checkout/sessions/.md).
> #### IC+ Feature
>
> We offer extended authorizations to users on *IC+* (A pricing plan where businesses pay the variable network cost for each transaction plus the Stripe fee rather than a flat rate for all transactions. This pricing model provides more visibility into payments costs) pricing. If you’re on blended Stripe pricing and want access to this feature, contact us at [support.stripe.com](https://support.stripe.com).
### Availability by card network and merchant category
Every card network has different rules that determine which payments have extended authorizations available, and how long they’re valid. The following table shows the validity windows and transaction types that extended authorization is available for using Visa, Mastercard, American Express, and Discover. However, we recommend that you rely on the [capture_before field](https://docs.stripe.com/api/charges/object.md#charge_object-payment_method_details-card-capture_before) to confirm the validity window for any given payment because these rules can change without prior notice.
| Card brand | Merchant category | Extended authorization validity window |
| ------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------- |
| **Visa** | Hotel, lodging, vehicle rental, and cruise line
All other merchant categories* | 30 days** |
| **Mastercard** (not including Maestro and Cirrus cards) | All merchant categories | 30 days |
| **American Express** | Lodging and vehicle rental | 30 days*** |
| **Discover** | Airline, bus charter/tour, car rental, cruise line, local/suburban commuter, passenger transportation including ferries, hotel, lodging, and passenger railway | 30 days |
\* For other merchant categories, Stripe charges an additional 0.08% fee per transaction. The extended window only applies to [Customer-Initiated Transactions](https://docs.stripe.com/payments/cits-and-mits.md) and doesn’t apply to transactions with businesses in Japan or transactions related to healthcare, bill payment, or debt repayment. \** The exact extended authorization window for Visa is 29 days and 18 hours, to allow time for clearing processes.\*** Although your validity window is extended to 30 days, you must capture the authorized funds no later than the end of your customer’s stay or rental.
### Networks with limited support (beta)
The following card networks have limited support for extended authorization:
| Card brand | Merchant country | Merchant category | Extended authorization validity window |
| --------------- | -------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------- |
| **Diners Club** | US (through Discover) | All merchant categories | 30 days |
| **UnionPay** | Global, excluding US and Canada | All merchant categories | 27 to 29 days |
| | US and Canada (through Discover) | Airline, bus charter/tour, car rental, cruise line, local/suburban commuter, passenger transportation including ferries, hotel, lodging, and passenger railway | 30 days |
### Recent changes to availability
- **September 2023**: Extended authorizations on Discover are no longer available for the following merchant categories due to information provided by the network: eating and drinking places, boat rental, motor home and RV rental, truck rental, timeshares, taxicabs/limousines, trailer parks/campgrounds, equipment/furniture/appliance rental, amusement parks, circuses, fortune tellers, recreational services.
- **September 2023**: The authorization validity period for Visa was reduced from 31 to 30 days to avoid non-compliance network fees. To make sure we clear transactions within that window, we added a buffer of 6 hours, making the effective authorization window 29 days and 18 hours.
## Best Practices
Customers see their funds held longer when you use extended authorizations. Use clear [statement descriptors](https://docs.stripe.com/get-started/account/statement-descriptors.md) to avoid increased disputes from unrecognized payments.
You can use the [custom_text](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-custom_text) field when creating a new [CheckoutSession](https://docs.stripe.com/api/checkout_sessions.md) to display additional text on the checkout page to help meet compliance requirements.
> #### Compliance
>
> You’re responsible for your compliance with all applicable laws, regulations, and network rules when using extended authorization. Consult the network specifications for the card networks that you plan to accept using this feature with to make sure your sales are compliant with the applicable rules, which vary by network. For instance, for many networks extended validity windows are only for cases where you don’t know the final amount that you’ll capture at the time of authorization.
>
> The information provided on this page relating to your compliance with these requirements is for your general guidance, and is not legal, tax, accounting, or other professional advice. Consult with a professional if you’re unsure about your obligations.
## Create a CheckoutSession
Add a checkout button to your website that calls a server-side endpoint to create a [Checkout Session](https://docs.stripe.com/api/checkout/sessions/create.md).
```html
Buy cool new product
```
A Checkout Session is the programmatic representation of what your customer sees when they’re redirected to the payment form. You can configure it with options such as:
- [Line items](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-line_items) to charge
- Currencies to use
You must populate `success_url` with the URL value of a page on your website that Checkout returns your customer to after they complete the payment.
> Checkout Sessions expire 24 hours after creation by default.
After creating a Checkout Session, redirect your customer to the [URL](https://docs.stripe.com/api/checkout/sessions/object.md#checkout_session_object-url) returned in the response.
To enable the extended authorization feature, set [request_extended_authorization](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-payment_method_options-card-request_extended_authorization) to `if_available`.
#### Ruby
```ruby
# This example sets up an endpoint using the Sinatra framework.
require 'json'
require 'sinatra'
require 'stripe'
# Set your secret key. Remember to switch to your live secret key in production.
# See your keys here: https://dashboard.stripe.com/apikeys
Stripe.api_key = '<>'
post '/create-checkout-session' do
session = Stripe::Checkout::Session.create({
line_items: [{
price_data: {
currency: 'usd',
product_data: {
name: 'T-shirt'
},
unit_amount: 2000
},
quantity: 1
}],payment_method_options: {
card: {
request_extended_authorization: 'if_available'
}
},
mode: 'payment',
# These placeholder URLs will be replaced in a following step.
success_url: 'https://example.com/success'
})
redirect session.url, 303
end
```
#### Python
```python
# This example sets up an endpoint using the Flask framework.
# Watch this video to get started: https://youtu.be/7Ul1vfmsDck.
import os
import stripe
from flask import Flask, redirect
app = Flask(__name__)
stripe.api_key = '<>'
@app.route('/create-checkout-session', methods=['POST'])
def create_checkout_session():
session = stripe.checkout.Session.create(
line_items=[{
'price_data': {
'currency': 'usd',
'product_data': {
'name': 'T-shirt'
},
'unit_amount': 2000
},
'quantity': 1
}],payment_method_options={
'card': {
'request_extended_authorization': 'if_available'
}
},
mode='payment',
success_url='http://localhost:4242/success',
)
return redirect(session.url, code=303)
if __name__== '__main__':
app.run(port=4242)
```
#### PHP
```php
>');
$checkout_session = $stripe->checkout->sessions->create([
'line_items' => [[
'price_data' => [
'currency' => 'usd',
'product_data' => [
'name' => 'T-shirt'
],
'unit_amount' => 2000
],
'quantity' => 1
]],'payment_method_options' => {
'card' => {
'request_extended_authorization' => 'if_available'
}
},
'mode' => 'payment',
'success_url' => 'http://localhost:4242/success'
]);
header("HTTP/1.1 303 See Other");
header("Location: " . $checkout_session->url);
?>
```
#### Java
```java
import java.util.HashMap;
import java.util.Map;
import static spark.Spark.get;
import static spark.Spark.post;
import static spark.Spark.port;
import static spark.Spark.staticFiles;
import com.stripe.Stripe;
import com.stripe.model.checkout.Session;
import com.stripe.param.checkout.SessionCreateParams;
public class Server {
public static void main(String[] args) {
port(4242);
Stripe.apiKey = "<>";
post("/create-checkout-session", (request, response) -> {
SessionCreateParams params =
SessionCreateParams.builder()
.setMode(SessionCreateParams.Mode.PAYMENT)
.setSuccessUrl("http://localhost:4242/success")
.addLineItem(
SessionCreateParams.LineItem.builder()
.setQuantity(1L)
.setPriceData(
SessionCreateParams.LineItem.PriceData.builder()
.setCurrency("usd")
.setUnitAmount(2000L)
.setProductData(
SessionCreateParams.LineItem.PriceData.ProductData.builder()
.setName("T-shirt")
.build())
.build())
.build())
.build().setPaymentMethodOptions(
SessionCreateParams.PaymentMethodOptions.builder()
.setCard(
SessionCreateParams.PaymentMethodOptions.Card.builder()
.setRequestCapture("if_available")
.build())
.build())
.build();
Session session = Session.create(params);
response.redirect(session.getUrl(), 303);
return "";
});
}
}
```
#### Node.js
```javascript
// This example sets up an endpoint using the Express framework.
const express = require('express');
const app = express();
const stripe = require('stripe')('<>')
app.post('/create-checkout-session', async (req, res) => {
const session = await stripe.checkout.sessions.create({
line_items: [
{
price_data: {
currency: 'usd',
product_data: {
name: 'T-shirt'
},
unit_amount: 2000
},
quantity: 1
}
],'payment_method_options': {
'card': {
'request_extended_authorization': 'if_available'
}
},
mode: 'payment',
success_url: 'http://localhost:4242/success'
});
res.redirect(303, session.url);
});
app.listen(4242, () => console.log(`Listening on port ${4242}!`));
```
#### Go
```go
package main
import (
"net/http"
"github.com/labstack/echo"
"github.com/labstack/echo/middleware"
"github.com/stripe/stripe-go/v76.0.0"
"github.com/stripe/stripe-go/v76.0.0/checkout/session"
)
// This example sets up an endpoint using the Echo framework.
// Watch this video to get started: https://youtu.be/ePmEVBu8w6Y.
func main() {
stripe.Key = "<>"
e := echo.New()
e.Use(middleware.Logger())
e.Use(middleware.Recover())
e.POST("/create-checkout-session", createCheckoutSession)
e.Logger.Fatal(e.Start("localhost:4242"))
}
func createCheckoutSession(c echo.Context) (err error) {
params := &stripe.CheckoutSessionParams{
Mode: stripe.String(string(stripe.CheckoutSessionModePayment)),
LineItems: []*stripe.CheckoutSessionLineItemParams{
&stripe.CheckoutSessionLineItemParams{
PriceData: &stripe.CheckoutSessionLineItemPriceDataParams{
Currency: stripe.String("usd"),
ProductData: &stripe.CheckoutSessionLineItemPriceDataProductDataParams{
Name: stripe.String("T-shirt")
},
UnitAmount: stripe.Int64(2000)
},
Quantity: stripe.Int64(1)
}
},PaymentMethodOptions: &stripe.CheckoutSessionPaymentMethodOptionsParams{
Card: &stripe.CheckoutSessionPaymentMethodOptionsCardParams{
RequestExtendedAuthorization: stripe.String("if_available")
},
SuccessURL: stripe.String("http://localhost:4242/success")
}
s, _ := session.New(params)
if err != nil {
return err
}
return c.Redirect(http.StatusSeeOther, s.URL)
}
```
#### .NET
```dotnet
// This example sets up an endpoint using the ASP.NET MVC framework.
// Watch this video to get started: https://youtu.be/2-mMOB8MhmE.
using System.Collections.Generic;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using Stripe;
using Stripe.Checkout;
namespace server.Controllers
{
public class PaymentsController : Controller
{
public PaymentsController()
{
StripeConfiguration.ApiKey = "<>";
}
[HttpPost("create-checkout-session")]
public ActionResult CreateCheckoutSession()
{
var options = new SessionCreateOptions
{
LineItems = new List
{
new SessionLineItemOptions
{
PriceData = new SessionLineItemPriceDataOptions
{
UnitAmount = 2000,
Currency = "usd",
ProductData = new SessionLineItemPriceDataProductDataOptions
{
Name = "T-shirt"
}
},
Quantity = 1
}
},SessionPaymentMethodOptionsOptions = new SessionPaymentMethodOptionsOptions
{
Card = new SessionPaymentMethodOptionsCardOptions
{
RequestExtendedAuthorization = "if_available"
}
},
Mode = "payment",
SuccessUrl = "http://localhost:4242/success",
};
var service = new SessionService();
Session session = service.Create(options);
Response.Headers.Add("Location", session.Url);
return new StatusCodeResult(303);
}
}
}
```
Rely on the [capture_before field](https://docs.stripe.com/api/charges/object.md#charge_object-payment_method_details-card-capture_before) to confirm the validity window for a given payment. The validity window won’t change after the CheckoutSession is complete. To determine if the authorization is extended after the CheckoutSession is complete, look at the [extended_authorization.status field](https://docs.stripe.com/api/charges/object.md#charge_object-payment_method_details-card-extended_authorization-status) on the associated charge.
```json
{
"id": "pi_xxx",
"object": "payment_intent",
"amount": 1000,
"amount_capturable": 1000,
"amount_received": 0,
"status": "requires_capture",
...
// if latest_charge is expanded
"latest_charge": {
"id": "ch_xxx",
"object": "charge",
"payment_method_details": {
"card": {
"amount_authorized": 1000,"capture_before": 1696524701,
"extended_authorization": {
"status": "enabled", // or "disabled"
}
}
}
...
}
...
}
```
## Test your integration
Use the Stripe test cards below with any CVC and future expiration date to request extended authorizations while testing. If extended authorizations are available on payments for a given network while testing, they’re also available for live payments.
| Card brand | Number | Payment method |
| ---------- | ---------------- | -------------------- |
| Visa | 4242424242424242 | `pm_card_visa` |
| Mastercard | 5555555555554444 | `pm_card_mastercard` |
| Amex | 378282246310005 | `pm_card_amex` |
| Discover | 6011111111111117 | `pm_card_discover` |
# Embedded form
> This is a Embedded form for when platform is web and ui is embedded-form. View the full page at https://docs.stripe.com/payments/extended-authorization?platform=web&ui=embedded-form.
Extended authorizations have a longer authorization validity period, which allows you to hold customer funds for longer than standard authorization validity windows. For most card networks, the default authorization validity period is 7 days for online payments and 2 days for in-person [Terminal](https://docs.stripe.com/terminal.md) payments, whereas extended validity periods can go up to 30 days depending on the card network. For more information about authorization validity windows, see [place a hold on a payment method](https://docs.stripe.com/payments/place-a-hold-on-a-payment-method.md).
## Availability
When you use extended authorizations, there are no regional restrictions. However, be aware of the following limitations:
- They’re only available with Visa, Mastercard, American Express, and Discover.
- Certain card brands have merchant category restrictions. Refer to the network availability table below.
- This page describes extended authorizations for online card payments. For in-person card payments using extended authorizations, refer to the [Terminal documentation](https://docs.stripe.com/terminal/features/extended-authorizations.md).
- [mode](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-mode) is set to `payment` and [capture_method](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-payment_intent_data-capture_method) is set to `manual` on the [CheckoutSession](https://docs.stripe.com/api/checkout/sessions/.md).
> #### IC+ Feature
>
> We offer extended authorizations to users on *IC+* (A pricing plan where businesses pay the variable network cost for each transaction plus the Stripe fee rather than a flat rate for all transactions. This pricing model provides more visibility into payments costs) pricing. If you’re on blended Stripe pricing and want access to this feature, contact us at [support.stripe.com](https://support.stripe.com).
### Availability by card network and merchant category
Every card network has different rules that determine which payments have extended authorizations available, and how long they’re valid. The following table shows the validity windows and transaction types that extended authorization is available for using Visa, Mastercard, American Express, and Discover. However, we recommend that you rely on the [capture_before field](https://docs.stripe.com/api/charges/object.md#charge_object-payment_method_details-card-capture_before) to confirm the validity window for any given payment because these rules can change without prior notice.
| Card brand | Merchant category | Extended authorization validity window |
| ------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------- |
| **Visa** | Hotel, lodging, vehicle rental, and cruise line
All other merchant categories* | 30 days** |
| **Mastercard** (not including Maestro and Cirrus cards) | All merchant categories | 30 days |
| **American Express** | Lodging and vehicle rental | 30 days*** |
| **Discover** | Airline, bus charter/tour, car rental, cruise line, local/suburban commuter, passenger transportation including ferries, hotel, lodging, and passenger railway | 30 days |
\* For other merchant categories, Stripe charges an additional 0.08% fee per transaction. The extended window only applies to [Customer-Initiated Transactions](https://docs.stripe.com/payments/cits-and-mits.md) and doesn’t apply to transactions with businesses in Japan or transactions related to healthcare, bill payment, or debt repayment. \** The exact extended authorization window for Visa is 29 days and 18 hours, to allow time for clearing processes.\*** Although your validity window is extended to 30 days, you must capture the authorized funds no later than the end of your customer’s stay or rental.
### Networks with limited support (beta)
The following card networks have limited support for extended authorization:
| Card brand | Merchant country | Merchant category | Extended authorization validity window |
| --------------- | -------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------- |
| **Diners Club** | US (through Discover) | All merchant categories | 30 days |
| **UnionPay** | Global, excluding US and Canada | All merchant categories | 27 to 29 days |
| | US and Canada (through Discover) | Airline, bus charter/tour, car rental, cruise line, local/suburban commuter, passenger transportation including ferries, hotel, lodging, and passenger railway | 30 days |
### Recent changes to availability
- **September 2023**: Extended authorizations on Discover are no longer available for the following merchant categories due to information provided by the network: eating and drinking places, boat rental, motor home and RV rental, truck rental, timeshares, taxicabs/limousines, trailer parks/campgrounds, equipment/furniture/appliance rental, amusement parks, circuses, fortune tellers, recreational services.
- **September 2023**: The authorization validity period for Visa was reduced from 31 to 30 days to avoid non-compliance network fees. To make sure we clear transactions within that window, we added a buffer of 6 hours, making the effective authorization window 29 days and 18 hours.
## Best Practices
Customers see their funds held longer when you use extended authorizations. Use clear [statement descriptors](https://docs.stripe.com/get-started/account/statement-descriptors.md) to avoid increased disputes from unrecognized payments.
You can use the [custom_text](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-custom_text) field when creating a new [CheckoutSession](https://docs.stripe.com/api/checkout_sessions.md) to display additional text on the checkout page to help meet compliance requirements.
> #### Compliance
>
> You’re responsible for your compliance with all applicable laws, regulations, and network rules when using extended authorization. Consult the network specifications for the card networks that you plan to accept using this feature with to make sure your sales are compliant with the applicable rules, which vary by network. For instance, for many networks extended validity windows are only for cases where you don’t know the final amount that you’ll capture at the time of authorization.
>
> The information provided on this page relating to your compliance with these requirements is for your general guidance, and is not legal, tax, accounting, or other professional advice. Consult with a professional if you’re unsure about your obligations.
## Create a CheckoutSession
From your server, create a *Checkout Session* (A Checkout Session represents your customer's session as they pay for one-time purchases or subscriptions through Checkout. After a successful payment, the Checkout Session contains a reference to the Customer, and either the successful PaymentIntent or an active Subscription) and set the [ui_mode](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-ui_mode) to `embedded`. You can configure the [Checkout Session](https://docs.stripe.com/api/checkout/sessions/create.md) with [line items](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-line_items) to include, and options such as [currency](https://docs.stripe.com/api/checkout/sessions/object.md#checkout_session_object-currency).
To return customers to a custom page that you host on your website, specify that page’s URL in the [return_url](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-return_url) parameter. Include the `{CHECKOUT_SESSION_ID}` template variable in the URL to retrieve the session’s status on the return page. Checkout automatically substitutes the variable with the Checkout Session ID before redirecting.
Read more about [configuring the return page](https://docs.stripe.com/payments/accept-a-payment.md?platform=web&ui=embedded-form#return-page) and other options for [customizing redirect behavior](https://docs.stripe.com/payments/checkout/custom-success-page.md?payment-ui=embedded-form).
After you create the Checkout Session, use the `client_secret` returned in the response to [mount Checkout](https://docs.stripe.com/payments/extended-authorization.md#mount-checkout).
To enable the extended authorization feature, set [request_extended_authorization](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-payment_method_options-card-request_extended_authorization) to `if_available`.
#### Ruby
```ruby
# This example sets up an endpoint using the Sinatra framework.
# To learn more about Sinatra, watch this video: https://youtu.be/8aA9Enb8NVc.
require 'json'
require 'sinatra'
require 'stripe'
# Set your secret key. Remember to switch to your live secret key in production.
# See your keys here: https://dashboard.stripe.com/apikeys
Stripe.api_key = '<>'
post '/create-checkout-session' do
session = Stripe::Checkout::Session.create({
line_items: [{
price_data: {
currency: 'usd',
product_data: {
name: 'T-shirt',
},
unit_amount: 2000,
},
quantity: 1,
}],
mode: 'payment',
ui_mode: 'embedded',payment_method_options: {
card: {
request_extended_authorization: 'if_available',
},
},
return_url: 'https://example.com/checkout/return?session_id={CHECKOUT_SESSION_ID}'
})
{clientSecret: session.client_secret}.to_json
end
```
#### Python
```python
# This example sets up an endpoint using the Flask framework.
# To learn more about Flask, watch this video: https://youtu.be/7Ul1vfsmsDck.
import os
import stripe
from flask import Flask, redirect
app = Flask(__name__)
stripe.api_key = '<>'
@app.route('/create-checkout-session', methods=['POST'])
def create_checkout_session():
session = stripe.checkout.Session.create(
line_items = [{
'price_data': {
'currency': 'usd',
'product_data': {
'name': 'T-shirt',
},
'unit_amount': 2000,
},
'quantity': 1,
}],
mode = 'payment',
ui_mode = 'embedded',payment_method_options={
'card': {
'request_extended_authorization': 'if_available',
},
},
return_url = 'https://example.com/checkout/return?session_id={CHECKOUT_SESSION_ID}'
)
return jsonify(clientSecret=session.client_secret)
if __name__ == '__main__':
app.run(port=4242)
```
#### PHP
```php
'<>'
]);
$checkout_session = $stripe->checkout->sessions->create([
'line_items' => [[
'price_data' => [
'currency' => 'usd',
'product_data' => [
'name' => 'T-shirt',
],
'unit_amount' => 2000,
],
'quantity' => 1,
]],
'mode' => 'payment',
'ui_mode' => 'embedded',
'return_url' => 'https://example.com/checkout/return?session_id={CHECKOUT_SESSION_ID}','payment_method_options' => {
'card' => {
'request_extended_authorization' => 'if_available',
},
},
]);
echo json_encode(array('clientSecret' => $checkout_session->client_secret));
?>
```
#### Java
```java
import java.util.HashMap;
import java.util.Map;
import static spark.Spark.get;
import static spark.Spark.post;
import static spark.Spark.port;
import static spark.Spark.staticFiles;
import com.google.gson.Gson;
import com.stripe.Stripe;
import com.stripe.model.checkout.Session;
import com.stripe.param.checkout.SessionCreateParams;
public class Server {
public static void main(String[] args) {
port(4242);
Stripe.apiKey = "<>";
Gson gson = new Gson();
post("/create-checkout-session", (request, response) -> {
SessionCreateParams params =
SessionCreateParams.builder()
.setMode(SessionCreateParams.Mode.PAYMENT)
.setUiMode(SessionCreateParams.UiMode.EMBEDDED)
.setReturnUrl("https://example.com/return?session_id={CHECKOUT_SESSION_ID}")
.addLineItem(
SessionCreateParams.LineItem.builder()
.setQuantity(1L)
.setPriceData(
SessionCreateParams.LineItem.PriceData.builder()
.setCurrency("usd")
.setUnitAmount(2000L)
.setProductData(
SessionCreateParams.LineItem.PriceData.ProductData.builder()
.setName("T-shirt")
.build())
.build())
.build()).setPaymentMethodOptions(
SessionCreateParams.PaymentMethodOptions.builder()
.setCard(
SessionCreateParams.PaymentMethodOptions.Card.builder()
.setRequestCapture("if_available")
.build())
.build())
.build();
Session session = Session.create(params);
Map map = new HashMap();
map.put("clientSecret", session.getRawJsonObject().getAsJsonPrimitive("client_secret").getAsString());
return map;
}, gson::toJson);
}
}
```
#### Node.js
```javascript
// This example sets up an endpoint using the Express framework.
const express = require('express');
const app = express();
const stripe = require('stripe')('<>');
app.post('/create-checkout-session', async (req, res) => {
const session = await stripe.checkout.sessions.create({
line_items: [{
price_data: {
currency: 'usd',
product_data: {
name: 'T-shirt',
},
unit_amount: 2000,
},
quantity: 1,
}],
mode: 'payment',
ui_mode: 'embedded','payment_method_options': {
'card': {
'request_extended_authorization': 'if_available',
},
},
return_url: 'https://example.com/checkout/return?session_id={CHECKOUT_SESSION_ID}'
});
res.send({clientSecret: session.client_secret});
});
app.listen(4242, () => console.log(`Listening on port ${4242}!`));
```
#### Go
```go
package main
import (
"net/http"
"github.com/labstack/echo"
"github.com/labstack/echo/middleware"
"github.com/stripe/stripe-go/v76.0.0"
"github.com/stripe/stripe-go/v76.0.0/checkout/session"
)
// This example sets up an endpoint using the Echo framework.
// To learn more about Echo, watch this video: https://youtu.be/ePmEVBu8w6Y.
func main() {
stripe.Key = "<>"
e := echo.New()
e.Use(middleware.Logger())
e.Use(middleware.Recover())
e.POST("/create-checkout-session", createCheckoutSession)
e.Logger.Fatal(e.Start("localhost:4242"))
}
type CheckoutData struct {
ClientSecret string `json:"clientSecret"`
}
func createCheckoutSession(c echo.Context) (err error) {
params := &stripe.CheckoutSessionParams{
Mode: stripe.String(string(stripe.CheckoutSessionModePayment)),
UIMode: stripe.String("embedded"),
ReturnURL: stripe.String("https://example.com/checkout/return?session_id={CHECKOUT_SESSION_ID}"),PaymentMethodOptions: &stripe.CheckoutSessionPaymentMethodOptionsParams{
Card: &stripe.CheckoutSessionPaymentMethodOptionsCardParams{
RequestExtendedAuthorization: stripe.String("if_available"),
},
LineItems: []*stripe.CheckoutSessionLineItemParams{
&stripe.CheckoutSessionLineItemParams{
PriceData: &stripe.CheckoutSessionLineItemPriceDataParams{
Currency: stripe.String("usd"),
ProductData: &stripe.CheckoutSessionLineItemPriceDataProductDataParams{
Name: stripe.String("T-shirt"),
},
UnitAmount: stripe.Int64(2000),
},
Quantity: stripe.Int64(1),
},
},
}
s, _ := session.New(params)
if err != nil {
return err
}
data := CheckoutData{
ClientSecret: s.ClientSecret,
}
return c.JSON(http.StatusOK, data)
}
```
#### .NET
```dotnet
// This example sets up an endpoint using the ASP.NET MVC framework.
// To learn more about ASP.NET MVC, watch this video: https://youtu.be/2-mMOB8MhmE.
using System.Collections.Generic;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using Stripe;
using Stripe.Checkout;
namespace server.Controllers
{
public class PaymentsController : Controller
{
public PaymentsController()
{
StripeConfiguration.ApiKey = "<>";
}
[HttpPost("create-checkout-session")]
public ActionResult CreateCheckoutSession()
{
var options = new SessionCreateOptions
{
LineItems = new List
{
new SessionLineItemOptions
{
PriceData = new SessionLineItemPriceDataOptions
{
UnitAmount = 2000,
Currency = "usd",
ProductData = new SessionLineItemPriceDataProductDataOptions
{
Name = "T-shirt",
},
},
Quantity = 1,
},
},
Mode = "payment",
UiMode = "embedded",SessionPaymentMethodOptionsOptions = new SessionPaymentMethodOptionsOptions
{
Card = new SessionPaymentMethodOptionsCardOptions
{
RequestExtendedAuthorization = "if_available",
},
},
ReturnUrl = "https://example.com/return?session_id={CHECKOUT_SESSION_ID}",
};
var service = new SessionService();
Session session = service.Create(options);
return Json(new {clientSecret = session.ClientSecret});
}
}
}
```
Rely on the [capture_before field](https://docs.stripe.com/api/charges/object.md#charge_object-payment_method_details-card-capture_before) to confirm the validity window for a given payment. The validity window won’t change after the CheckoutSession is complete. To determine if the authorization is extended after the CheckoutSession is complete, look at the [extended_authorization.status field](https://docs.stripe.com/api/charges/object.md#charge_object-payment_method_details-card-extended_authorization-status) on the associated Charge.
```json
{
"id": "pi_xxx",
"object": "payment_intent",
"amount": 1000,
"amount_capturable": 1000,
"amount_received": 0,
"status": "requires_capture",
...
// if latest_charge is expanded
"latest_charge": {
"id": "ch_xxx",
"object": "charge",
"payment_method_details": {
"card": {
"amount_authorized": 1000,"capture_before": 1696524701,
"extended_authorization": {
"status": "enabled", // or "disabled"
}
}
}
...
}
...
}
```
## Mount Checkout
#### HTML + JS
Checkout is available as part of [Stripe.js](https://docs.stripe.com/js.md). Include the Stripe.js script on your page by adding it to the head of your HTML file. Next, create an empty DOM node (container) to use for mounting.
```html
```
Initialize Stripe.js with your publishable API key.
Create an asynchronous `fetchClientSecret` function that makes a request to your server to create the Checkout Session and retrieve the client secret. Pass this function into `options` when you create the Checkout instance:
```javascript
// Initialize Stripe.js
const stripe = Stripe('<>');
initialize();
// Fetch Checkout Session and retrieve the client secret
async function initialize() {
const fetchClientSecret = async () => {
const response = await fetch("/create-checkout-session", {
method: "POST",
});
const { clientSecret } = await response.json();
return clientSecret;
};
// Initialize Checkout
const checkout = await stripe.initEmbeddedCheckout({
fetchClientSecret,
});
// Mount Checkout
checkout.mount('#checkout');
}
```
#### React
Install [react-stripe-js](https://docs.stripe.com/sdks/stripejs-react.md) and the Stripe.js loader from npm:
```bash
npm install --save @stripe/react-stripe-js @stripe/stripe-js
```
To use the Embedded Checkout component, create an `EmbeddedCheckoutProvider`. Call `loadStripe` with your publishable API key and pass the returned `Promise` to the provider.
Create an asynchronous `fetchClientSecret` function that makes a request to your server to create the Checkout Session and retrieve the client secret. Pass this function into the `options` prop accepted by the provider.
```jsx
import * as React from 'react';
import {loadStripe} from '@stripe/stripe-js';
import {
EmbeddedCheckoutProvider,
EmbeddedCheckout
} from '@stripe/react-stripe-js';
// Make sure to call `loadStripe` outside of a component’s render to avoid
// recreating the `Stripe` object on every render.
const stripePromise = loadStripe('pk_test_123');
const App = () => {
const fetchClientSecret = useCallback(() => {
// Create a Checkout Session
return fetch("/create-checkout-session", {
method: "POST",
})
.then((res) => res.json())
.then((data) => data.clientSecret);
}, []);
const options = {fetchClientSecret};
return (
)
}
```
Checkout renders in an iframe that securely sends payment information to Stripe over an HTTPS connection.
> Avoid placing Checkout within another iframe because some payment methods require redirecting to another page for payment confirmation.
### Customize appearance
Customize Checkout to match the design of your site by setting the background color, button color, border radius, and fonts in your account’s [branding settings](https://dashboard.stripe.com/settings/branding).
By default, Checkout renders with no external padding or margin. We recommend using a container element such as a div to apply your desired margin (for example, 16px on all sides).
## Show a return page
After your customer attempts payment, Stripe redirects them to a return page that you host on your site. When you created the Checkout Session, you specified the URL of the return page in the [return_url](https://docs.stripe.com/api/checkout/sessions/create.md#create_checkout_session-return_url) parameter. Read more about other options for [customizing redirect behavior](https://docs.stripe.com/payments/checkout/custom-success-page.md?payment-ui=embedded-form).
When rendering your return page, retrieve the Checkout Session status using the Checkout Session ID in the URL. Handle the result according to the session status as follows:
- `complete`: The payment succeeded. Use the information from the Checkout Session to render a success page.
- `open`: The payment failed or was canceled. Remount Checkout so that your customer can try again.
#### Ruby
```ruby
get '/session-status' do
session = Stripe::Checkout::Session.retrieve(params[:session_id])
{status: session.status, customer_email: session.customer_details.email}.to_json
end
```
#### Python
```python
@app.route('/session-status', methods=['GET'])
def session_status():
session = stripe.checkout.Session.retrieve(request.args.get('session_id'))
return jsonify(status=session.status, customer_email=session.customer_details.email)
```
#### PHP
```php
try {
// retrieve JSON from POST body
$jsonStr = file_get_contents('php://input');
$jsonObj = json_decode($jsonStr);
$session = $stripe->checkout->sessions->retrieve($jsonObj->session_id);
echo json_encode(['status' => $session->status, 'customer_email' => $session->customer_details->email]);
http_response_code(200);
} catch (Error $e) {
http_response_code(500);
echo json_encode(['error' => $e->getMessage()]);
}
```
#### Java
```java
get("/session-status", (request, response) -> {
Session session = Session.retrieve(request.queryParams("session_id"));
Map map = new HashMap();
map.put("status", session.getRawJsonObject().getAsJsonPrimitive("status").getAsString());
map.put("customer_email", session.getRawJsonObject().getAsJsonObject("customer_details").getAsJsonPrimitive("email").getAsString());
return map;
}, gson::toJson);
```
#### Node.js
```javascript
app.get('/session_status', async (req, res) => {
const session = await stripe.checkout.sessions.retrieve(req.query.session_id);
res.send({
status: session.status,
payment_status: session.payment_status,
customer_email: session.customer_details.email
});
});
```
#### Go
```go
func retrieveCheckoutSession(w http.ResponseWriter, r *http.Request) {
s, _ := session.Get(r.URL.Query().Get("session_id"), nil)
writeJSON(w, struct {
Status string `json:"status"`
CustomerEmail string `json:"customer_email"`
}{
Status: string(s.Status),
CustomerEmail: string(s.CustomerDetails.Email),
})
}
```
#### .NET
```dotnet
[Route("session-status")]
[ApiController]
public class SessionStatusController : Controller
{
[HttpGet]
public ActionResult SessionStatus([FromQuery] string session_id)
{
var sessionService = new SessionService();
Session session = sessionService.Get(session_id);
return Json(new {status = session.Status, customer_email = session.CustomerDetails.Email});
}
}
```
```javascript
const session = await fetch(`/session_status?session_id=${session_id}`)
if (session.status == 'open') {
// Remount embedded Checkout
} else if (session.status == 'complete') {
// Show success page
// Optionally use session.payment_status or session.customer_email
// to customize the success page
}
```
#### Redirect-based payment methods
During payment, some payment methods redirect the customer to an intermediate page, such as a bank authorization page. When they complete that page, Stripe redirects them to your return page.
Learn more about [redirect-based payment methods and redirect behavior](https://docs.stripe.com/payments/checkout/custom-success-page.md?payment-ui=embedded-form#redirect-based-payment-methods).
## Test your integration
Use the Stripe test cards below with any CVC and future expiration date to request extended authorizations while testing. If extended authorizations are available on payments for a given network while testing, they’re also available for live payments.
| Card brand | Number | Payment method |
| ---------- | ---------------- | -------------------- |
| Visa | 4242424242424242 | `pm_card_visa` |
| Mastercard | 5555555555554444 | `pm_card_mastercard` |
| Amex | 378282246310005 | `pm_card_amex` |
| Discover | 6011111111111117 | `pm_card_discover` |
# Advanced integration
> This is a Advanced integration for when platform is web and ui is elements. View the full page at https://docs.stripe.com/payments/extended-authorization?platform=web&ui=elements.
Extended authorizations have a longer authorization validity period, which allows you to hold customer funds for longer than standard authorization validity windows. For most card networks, the default authorization validity period is 7 days for online payments and 2 days for in-person [Terminal](https://docs.stripe.com/terminal.md) payments, whereas extended validity periods can go up to 30 days depending on the card network. For more information about authorization validity windows, see [place a hold on a payment method](https://docs.stripe.com/payments/place-a-hold-on-a-payment-method.md).
## Availability
When you use extended authorizations, there are no regional restrictions. However, be aware of the following limitations:
- They’re only available with Visa, Mastercard, American Express, and Discover.
- Certain card brands have merchant category restrictions. Refer to the network availability table below.
- This page describes extended authorizations for online card payments. For in-person card payments using extended authorizations, refer to the [Terminal documentation](https://docs.stripe.com/terminal/features/extended-authorizations.md).
- [capture_method](https://docs.stripe.com/api/payment_intents/create.md#create_payment_intent-capture_method) is set to `manual` on the [PaymentIntent](https://docs.stripe.com/api/payment_intents/.md).
> #### IC+ Feature
>
> We offer extended authorizations to users on *IC+* (A pricing plan where businesses pay the variable network cost for each transaction plus the Stripe fee rather than a flat rate for all transactions. This pricing model provides more visibility into payments costs) pricing. If you’re on blended Stripe pricing and want access to this feature, contact us at [support.stripe.com](https://support.stripe.com).
### Availability by card network and merchant category
Every card network has different rules that determine which payments have extended authorizations available, and how long they’re valid. The following table shows the validity windows and transaction types that extended authorization is available for using Visa, Mastercard, American Express, and Discover. However, we recommend that you rely on the [capture_before field](https://docs.stripe.com/api/charges/object.md#charge_object-payment_method_details-card-capture_before) to confirm the validity window for any given payment because these rules can change without prior notice.
| Card brand | Merchant category | Extended authorization validity window |
| ------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------- |
| **Visa** | Hotel, lodging, vehicle rental, and cruise line
All other merchant categories* | 30 days** |
| **Mastercard** (not including Maestro and Cirrus cards) | All merchant categories | 30 days |
| **American Express** | Lodging and vehicle rental | 30 days*** |
| **Discover** | Airline, bus charter/tour, car rental, cruise line, local/suburban commuter, passenger transportation including ferries, hotel, lodging, and passenger railway | 30 days |
\* For other merchant categories, Stripe charges an additional 0.08% fee per transaction. The extended window only applies to [Customer-Initiated Transactions](https://docs.stripe.com/payments/cits-and-mits.md) and doesn’t apply to transactions with businesses in Japan or transactions related to healthcare, bill payment, or debt repayment. \** The exact extended authorization window for Visa is 29 days and 18 hours, to allow time for clearing processes.\*** Although your validity window is extended to 30 days, you must capture the authorized funds no later than the end of your customer’s stay or rental.
### Networks with limited support (beta)
The following card networks have limited support for extended authorization:
| Card brand | Merchant country | Merchant category | Extended authorization validity window |
| --------------- | -------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------- |
| **Diners Club** | US (through Discover) | All merchant categories | 30 days |
| **UnionPay** | Global, excluding US and Canada | All merchant categories | 27 to 29 days |
| | US and Canada (through Discover) | Airline, bus charter/tour, car rental, cruise line, local/suburban commuter, passenger transportation including ferries, hotel, lodging, and passenger railway | 30 days |
### Recent changes to availability
- **September 2023**: Extended authorizations on Discover are no longer available for the following merchant categories due to information provided by the network: eating and drinking places, boat rental, motor home and RV rental, truck rental, timeshares, taxicabs/limousines, trailer parks/campgrounds, equipment/furniture/appliance rental, amusement parks, circuses, fortune tellers, recreational services.
- **September 2023**: The authorization validity period for Visa was reduced from 31 to 30 days to avoid non-compliance network fees. To make sure we clear transactions within that window, we added a buffer of 6 hours, making the effective authorization window 29 days and 18 hours.
## Best Practices
Customers see their funds held longer when you use extended authorizations. Use clear [statement descriptors](https://docs.stripe.com/get-started/account/statement-descriptors.md) to avoid increased disputes from unrecognized payments.
> #### Compliance
>
> You’re responsible for your compliance with all applicable laws, regulations, and network rules when using extended authorization. Consult the network specifications for the card networks that you plan to accept using this feature with to make sure your sales are compliant with the applicable rules, which vary by network. For instance, for many networks extended validity windows are only for cases where you don’t know the final amount that you’ll capture at the time of authorization.
>
> The information provided on this page relating to your compliance with these requirements is for your general guidance, and is not legal, tax, accounting, or other professional advice. Consult with a professional if you’re unsure about your obligations.
## Create and confirm an uncaptured PaymentIntent
By default, an authorization for an online card payment is valid for 7 days for most card networks. To increase the validity period, you can request an extended authorization by using `if_available` with the [request_extended_authorization](https://docs.stripe.com/api/payment_intents/confirm.md#confirm_payment_intent-payment_method_options-card-request_extended_authorization) parameter.
```curl
curl https://api.stripe.com/v1/payment_intents \
-u "<>:" \
-d amount=1099 \
-d currency=usd \
-d payment_method=pm_card_visa \
-d confirm=true \
-d capture_method=manual \
-d "expand[]"=latest_charge \
-d "payment_method_options[card][request_extended_authorization]"=if_available
```
```cli
stripe payment_intents create \
--amount=1099 \
--currency=usd \
--payment-method=pm_card_visa \
--confirm=true \
--capture-method=manual \
-d "expand[0]"=latest_charge \
-d "payment_method_options[card][request_extended_authorization]"=if_available
```
```ruby
# Set your secret key. Remember to switch to your live secret key in production.
# See your keys here: https://dashboard.stripe.com/apikeys
client = Stripe::StripeClient.new("<>")
payment_intent = client.v1.payment_intents.create({
amount: 1099,
currency: 'usd',
payment_method: 'pm_card_visa',
confirm: true,
capture_method: 'manual',
expand: ['latest_charge'],
payment_method_options: {card: {request_extended_authorization: 'if_available'}},
})
```
```python
# Set your secret key. Remember to switch to your live secret key in production.
# See your keys here: https://dashboard.stripe.com/apikeys
client = StripeClient("<>")
# For SDK versions 12.4.0 or lower, remove '.v1' from the following line.
payment_intent = client.v1.payment_intents.create({
"amount": 1099,
"currency": "usd",
"payment_method": "pm_card_visa",
"confirm": True,
"capture_method": "manual",
"expand": ["latest_charge"],
"payment_method_options": {"card": {"request_extended_authorization": "if_available"}},
})
```
```php
// Set your secret key. Remember to switch to your live secret key in production.
// See your keys here: https://dashboard.stripe.com/apikeys
$stripe = new \Stripe\StripeClient('<>');
$paymentIntent = $stripe->paymentIntents->create([
'amount' => 1099,
'currency' => 'usd',
'payment_method' => 'pm_card_visa',
'confirm' => true,
'capture_method' => 'manual',
'expand' => ['latest_charge'],
'payment_method_options' => [
'card' => ['request_extended_authorization' => 'if_available'],
],
]);
```
```java
// Set your secret key. Remember to switch to your live secret key in production.
// See your keys here: https://dashboard.stripe.com/apikeys
StripeClient client = new StripeClient("<>");
PaymentIntentCreateParams params =
PaymentIntentCreateParams.builder()
.setAmount(1099L)
.setCurrency("usd")
.setPaymentMethod("pm_card_visa")
.setConfirm(true)
.setCaptureMethod(PaymentIntentCreateParams.CaptureMethod.MANUAL)
.addExpand("latest_charge")
.setPaymentMethodOptions(
PaymentIntentCreateParams.PaymentMethodOptions.builder()
.setCard(
PaymentIntentCreateParams.PaymentMethodOptions.Card.builder()
.setRequestExtendedAuthorization(
PaymentIntentCreateParams.PaymentMethodOptions.Card.RequestExtendedAuthorization.IF_AVAILABLE
)
.build()
)
.build()
)
.build();
// For SDK versions 29.4.0 or lower, remove '.v1()' from the following line.
PaymentIntent paymentIntent = client.v1().paymentIntents().create(params);
```
```node
// Set your secret key. Remember to switch to your live secret key in production.
// See your keys here: https://dashboard.stripe.com/apikeys
const stripe = require('stripe')('<>');
const paymentIntent = await stripe.paymentIntents.create({
amount: 1099,
currency: 'usd',
payment_method: 'pm_card_visa',
confirm: true,
capture_method: 'manual',
expand: ['latest_charge'],
payment_method_options: {
card: {
request_extended_authorization: 'if_available',
},
},
});
```
```go
// Set your secret key. Remember to switch to your live secret key in production.
// See your keys here: https://dashboard.stripe.com/apikeys
sc := stripe.NewClient("<>")
params := &stripe.PaymentIntentCreateParams{
Amount: stripe.Int64(1099),
Currency: stripe.String(stripe.CurrencyUSD),
PaymentMethod: stripe.String("pm_card_visa"),
Confirm: stripe.Bool(true),
CaptureMethod: stripe.String(stripe.PaymentIntentCaptureMethodManual),
PaymentMethodOptions: &stripe.PaymentIntentCreatePaymentMethodOptionsParams{
Card: &stripe.PaymentIntentCreatePaymentMethodOptionsCardParams{
RequestExtendedAuthorization: stripe.String(stripe.PaymentIntentPaymentMethodOptionsCardRequestExtendedAuthorizationIfAvailable),
},
},
}
params.AddExpand("latest_charge")
result, err := sc.V1PaymentIntents.Create(context.TODO(), params)
```
```dotnet
// Set your secret key. Remember to switch to your live secret key in production.
// See your keys here: https://dashboard.stripe.com/apikeys
var options = new PaymentIntentCreateOptions
{
Amount = 1099,
Currency = "usd",
PaymentMethod = "pm_card_visa",
Confirm = true,
CaptureMethod = "manual",
Expand = new List { "latest_charge" },
PaymentMethodOptions = new PaymentIntentPaymentMethodOptionsOptions
{
Card = new PaymentIntentPaymentMethodOptionsCardOptions
{
RequestExtendedAuthorization = "if_available",
},
},
};
var client = new StripeClient("<>");
var service = client.V1.PaymentIntents;
PaymentIntent paymentIntent = service.Create(options);
```
Rely on the [capture_before field](https://docs.stripe.com/api/charges/object.md#charge_object-payment_method_details-card-capture_before) to confirm the validity window for a given payment. The validity window won’t change after the PaymentIntent is confirmed. To determine if the authorization is extended after confirming the PaymentIntent, look at the [extended_authorization.status field](https://docs.stripe.com/api/charges/object.md#charge_object-payment_method_details-card-extended_authorization-status) on the associated Charge.
```json
// PaymentIntent response
{
"id": "pi_xxx",
"object": "payment_intent",
"amount": 1000,
"amount_capturable": 1000,
"amount_received": 0,
"status": "requires_capture",
...
// if latest_charge is expanded
"latest_charge": {
"id": "ch_xxx",
"object": "charge",
"payment_method_details": {
"card": {
"amount_authorized": 1000,"capture_before": 1696524701,
"extended_authorization": {
"status": "enabled", // or "disabled"
}
}
}
...
}
...
}
```
## Test your integration
Use the Stripe test cards below with any CVC and future expiration date to request extended authorizations while testing. If extended authorizations are available on payments for a given network while testing, they’re also available for live payments.
| Card brand | Number | Payment method |
| ---------- | ---------------- | -------------------- |
| Visa | 4242424242424242 | `pm_card_visa` |
| Mastercard | 5555555555554444 | `pm_card_mastercard` |
| Amex | 378282246310005 | `pm_card_amex` |
| Discover | 6011111111111117 | `pm_card_discover` |
## See also
- [Place a hold on a payment method](https://docs.stripe.com/payments/place-a-hold-on-a-payment-method.md)