Stripe API Restricted keys vs Standard keys

Hi, I just bought the Stripe Checkout plug-in and it's all working well, thank you. However, Stripe discourages using the all-powerful unrestricted "Standard Keys" with full API access for obvious reasons:  docs.stripe.com/keys#api-keys

Is it possible to configure the Stripe Checkout plugin to use a Restricted Key (RAK), and if so which permissions exactly should we grant?

Thanks!

Honestly, for this question, I would suggest you to ask Stripe because they know their system better. Just tell them that we are using Stripe Checkout API and also uses webhook and hopefully, they can give you the needed permissions

Regards,

Tuan

Thanks for the reply - I know I can make restricted API keys that can work with plugins (Paid Memberships Pro on WP does exactly this www.paidmembershipspro.com/gateway/strip...h-legacy-to-connect/ ).

The problem is that these new keys don't require a secret, so it seems membership-pro can't use them yet. Also, we'd need to know exactly which permissions the plugin needs to configure the minimum necessary permissions for the key, unlike the "Standard" keys which have blanket permissions.

Stripe are going to say "ask the developer to add support for Restricted Access Keys"!

OK. I will try to look at it. However, I must be honest that it does not take high priority for me

Regards,

Tuan

Thanks! The good news is that it seems we should be able to just use a restricted key instead of the standard key. I'm working on getting a full list of the permissions actually used by the plugin, and if that works in my tests, associated with IP restriction that should be enough.

I understand it's not a priority, but storing an API key with unrestricted access to a Stripe account in a DB instead for a plugin that just needs to submit orders and validate them seems unnecessarily risky.

I'll let you know if I get to work, and if it does you'd only need to update the docs for this plugin

That would be great, thanks !

Using the default Stripe API Restricted Key seems to work fine with the default permissions (I haven't tested every scenario yet...), which are much safer than the Standard Key's permissions. There are probably more that could be disabled, but the restricted key removes lots of very sensitive permissions that aren't required.

So you just keep the same Public Key pk_live... and replace the sk_live... with the default rk_live... and preferably restrict by IP address too, just to be safe.