Forum Academy Marketplace Showcase Pricing Features

Stripe Webhook Authentication

Stripe’s webhook documentation says they support basic authentication. If I generate an API token in Bubble, how do I set this up in Stripe?

Does it just need to go in the URL?

I know I could run the API endpoint without authentication, but I’d rather not.

@csblack Did you ever figure out the best way to authenticate on Stripe?

No, I don’t think I ever got an answer to this one.

@emmanuel Hi Emmanuel, should we be authenticating endpoints with Stripe? If there is no authentication, is it possible for someone to send data to an endpoint that is not Stripe? It looks like in your example you do not use authentication…

Yes, because what we use is the event id, that uses the Stripe plugin and our key. So if someone malicious wants to hit our API wf, the wf won’t run because the event id won’t be valid. Look at the workflow.