Migrate or build a plugin using Stripe Apps
Previously, Stripe allowed third-party plugins to request the standard API keys of a user to integrate with their products. Since January 2024, Stripe requires plugins to leverage Stripe Apps. All new and existing plugins must use a Stripe App to authenticate users for their service using OAuth 2.0 or a restricted API key.
If you have an existing plugin, migrate to the standard Stripe Apps integration path for security and compliance purposes. Migrating an existing plugin to a Stripe App integration only requires you to change your plugin’s authentication method.
Note
Reasons to migrate
Authentication through a Stripe App is the new default and standard integration path for all new plugins, extensions, and partner connectors. The following are the benefits of the new integration path:
- More efficient onboarding: Your users don’t have to manually create API keys.
- Improved security: Restricted API keys protect users if their keys are exposed.
- Analytics: Get visibility on your app’s adoption and performance.
- Discoverability: Stripe Apps give broad visibility to your product through the Stripe Dashboard, Stripe App Marketplace, and our partner programme.
- Verified Partner: Join the Apps track in Stripe Partner Ecosystem to get co-sell, marketing, and technical benefits.
What happens if you don’t migrate
If you choose not to migrate your authentication to a Stripe App, it will continue to work as it does today, without impact to the user experience until 2024. We’ll continue to support plugins on our backend until the end of 2024.
Impact on your users after you migrate
If you choose to migrate, your users must re-onboard and re-authenticate their plugin. To migrate or build a plugin, choose either OAuth 2.0 (recommended) or Restricted API Key (RAK) authentication. OAuth is the least complex way for users to securely authenticate a plugin. RAK doesn’t require any additional back-end setup from you. However, users must still copy and paste generated Stripe API keys to your third-party plugin. This method increases the complexity of the authentication process for your users.
Before you begin
- Review and complete the Before you begin section of Getting started with Stripe Apps. Ensure you’ve installed the latest version of the Stripe CLI.
- Choose your authentication type (OAuth or RAK). After you upload your app, you can’t change the authentication method. For more information about authentication, see API authentication.
- If you use Stripe Connect and want to migrate an existing plugin through Stripe Apps, you must create a new Stripe account. Currently, a Stripe account with Connect enabled can’t publish an app.
- You can only create one public app per account. If your account already has a public app and you want to publish another one, you must create a new Stripe account. You can still create multiple private apps in tandem with the public app on the same account.
Choose an authentication method to migrate or build your plugin:
Develop your app
Create your Stripe App by running
stripe apps create <app-name>
in the CLI.Edit the following fields in the app manifest:
- Set
stripe_api_access_type
tooauth
. - Set
distribution_type
topublic
. - Set your
allowed_redirect_uris
. These are the URLs that users are redirected to after installing your app using OAuth. The first one in the list is used as the default redirect.
Your app manifest should look like this:
stripe-app.json{ "id": "com.example.my-app", "version": "0.0.1", "name": "Your Stripe App", "icon": "./[YOUR_APP]_icon_32.png", "permissions": [ // Your app permissions here ], "stripe_api_access_type": "oauth", "distribution_type": "public", "allowed_redirect_uris": [ // Your redirect URIs here ] }
- Set
Add all the permissions that your app requires.
(Optional) Add UI extensions to your app. We recommend adding a settings view to allow your users to configure settings or to link to your app’s documentation.
Upload your app to Stripe.
Command Linestripe apps upload
Test your app
- Navigate to your app’s details page.
- Open the External test tab and click Get started to set up an external test.
- Access the authorise links in the Test OAuth section. You can use this link to test with your own account.
Configure OAuth 2.0
Make sure you’ve configured OAuth 2.0 correctly. To learn how to save and refresh access tokens, see OAuth setup.
Publish and distribute your app
When you’re ready to distribute your app to users:
- Submit your app for review.
- After your app is approved, publish your app to Stripe App Marketplace.
- From the app details page, click the Settings tab.
- Copy the Install link. Users can use this link to install your app.