Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

Stripe

Authentication & Authorization

Credentials

  • Stripe connects via Basic Authentication using a special API Key as credentials.
  • API Key is set with the HTTP Authorization request header.
  • Your API Key can be created in the Stripe Dashboard Developers menu (see Stripe Connection Instructions).
  • Publicly exposing your API credentials can allow unauthorized access to the Stripe API endpoints, and your Stripe data by a third party. DataGrail stores your API credentials encrypted and protected.

Permissions

When creating an API key, the user must be granted the following permissions:

  1. All core resources:
    • Charges: Read
    • Disputes: Read
    • Customers: Write
    • Events: Read
    • PaymentIntents: Read
    • PaymentMethods: Read
    • Sources: Write
  2. All Billing resources:
    • Invoices: Read
    • Subscriptions: Read
  3. All Orders resources:
    • Orders: Read
  4. All Issuing resources:
    • Authorizations: Read
    • Cardholders: Read
    • Cards: Read
    • Transactions: Read

Optionally, if the Data Discovery capability is required and the additional objects need to be sampled: Disputes, Events, Refunds, Accounts, Checkout Sessions, Identity Verification Reports, Payment Links, Payouts, Reviews, Setup Intents, Tax Settings, Top-ups, External Accounts, Persons, the following permissions must also be granted:

  1. All Connect resources: Read
  2. All Checkout resources
    • Checkout Sessions: Read
  3. Identity
    • Identity Verification Sessions and Reports: Read
  4. All Payment Links resources
    • Payment Links: Read
  5. Radar
    • Reviews: Read
  6. Tax
    • Tax Settings and Registrations: Read

Endpoints Utilized

DataGrail uses the following endpoint to validate that credentials are good based on a successful response:

  • GET https:​//api.stripe.com/v1/customers
  • GET https:​//api.stripe.com/v1/invoices
  • GET https:​//api.stripe.com/v1/orders
  • DELETE https:​//api.stripe.com/v1/customers/{customer_id} (only if customer_id is configured)

Version

Stripe integration currently supports version 1 (v1).

Limits

DataGrail uses default throttling rules to avoid rates faster than 50 requests per minute and 10000 requests per day.

Access

For an access request, DataGrail will take the following actions:

Endpoints Utilized

  • GET https:​//api.stripe.com/v1/customers

  • GET https:​//api.stripe.com/v1/customers/{{customer_id}}/sources

  • GET https:​//api.stripe.com/v1/customers/{{customer_id}}/tax_ids

  • GET https:​//api.stripe.com/v1/charges

  • GET https:​//api.stripe.com/v1/payment_methods

  • GET https:​//api.stripe.com/v1/payment_intents

  • GET https:​//api.stripe.com/v1/invoices

  • GET https:​//api.stripe.com/v1/subscriptions

  • GET https:​//api.stripe.com/v1/orders

  • GET https:​//api.stripe.com/v1/issuing/cardholders

  • GET https:​//api.stripe.com/v1/issuing/authorizations

  • GET https:​//api.stripe.com/v1/issuing/cards

  • GET https:​//api.stripe.com/v1/issuing/transactions

Deletion

For a deletion request, DataGrail will take the following actions:

  • Request a customer be permanently deleted. It cannot be undone and also immediately cancels any active subscriptions on the customer.

  • Deletes bank accounts from a customer.

  • Deletes cards from a customer.

Endpoints Utilized

  • DELETE https:​//api.stripe.com/v1/customers/{{customer_id}}

  • DELETE https:​//api.stripe.com/v1/customers/{{customer_id}}/sources/{{item_id}}

Responsible Data Discovery

Data discovery is based on the principle of finding any and all personal data that's stored in a data system.

Currently, DataGrail integration discovers the following Stripe objects:

  • Customers
  • Payment Methods
  • Charges
  • Payment Intents
  • Invoices
  • Subscriptions
  • Orders
  • Customer Bank Accounts (related to the customer)
  • Cards (related to the customer)
  • Tax IDs (related to the customer)

Optionally, if the appropriate permissions were granted when creating the API key (see the connection instructions):

  • Disputes
  • Events
  • Refunds
  • Accounts
  • Checkout Sessions
  • Identity Verification Reports
  • Payment Links
  • Payouts
  • Reviews
  • Setup Intents
  • Tax Settings
  • Top-ups
  • External Accounts (related to owner's account)
  • Persons (related to owner's account)

For accounts for which Issuing is set up:

  • Cardholders
  • Authorizations
  • Cards
  • Transactions

For accounts onboarded to Treasury:

  • Treasury Financial Accounts

For discovery requests, DataGrail will take the following actions:

  • Count number of all records for each of supported objects.
  • Fetch records examples for each of the supported object.
  • Sampling data for the next analysis and classification.

Endpoints Utilized

  • GET https:​//api.stripe.com/v1/customers

  • GET https:​//api.stripe.com/v1/payment_methods

  • GET https:​//api.stripe.com/v1/charges

  • GET https:​//api.stripe.com/v1/payment_intents

  • GET https:​//api.stripe.com/v1/invoices

  • GET https:​//api.stripe.com/v1/subscriptions

  • GET https:​//api.stripe.com/v1/orders

  • GET https:​//api.stripe.com/v1/disputes

  • GET https:​//api.stripe.com/v1/events

  • GET https:​//api.stripe.com/v1/refunds

  • GET https:​//api.stripe.com/v1/issuing/cardholders

  • GET https:​//api.stripe.com/v1/issuing/authorizations

  • GET https:​//api.stripe.com/v1/issuing/cards

  • GET https:​//api.stripe.com/v1/issuing/transactions

  • GET https:​//api.stripe.com/v1/treasury/financial_accounts

  • GET https:​//api.stripe.com/v1/accounts

  • GET https:​//api.stripe.com/v1/account

  • GET https:​//api.stripe.com/v1/checkout/sessions

  • GET https:​//api.stripe.com/v1/identity/verification_reports

  • GET https:​//api.stripe.com/v1/payment_links

  • GET https:​//api.stripe.com/v1/payouts

  • GET https:​//api.stripe.com/v1/reviews

  • GET https:​//api.stripe.com/v1/setup_intents

  • GET https:​//api.stripe.com/v1/tax/settings

  • GET https:​//api.stripe.com/v1/topups

  • GET https:​//api.stripe.com/v1/customers/{customer_id}/bank_accounts

  • GET https:​//api.stripe.com/v1/customers/{customer_id}/cards

  • GET https:​//api.stripe.com/v1/customers/{customer_id}/tax_ids

  • GET https:​//api.stripe.com/v1/accounts/{account_id}/external_accounts

  • GET https:​//api.stripe.com/v1/accounts/{account_id}/persons

 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.