How do you authorize a credit card in Stripe, WITHOUT creating a customer or a card?

3
votes

I want to make sure the card the customer has entered is actually a valid card. Stripe.js only validates its format, it doesn't ask for an authorization from the card issuer. But it seems Stripe requires you to create the customer to authorize the card, but this is a bit silly since the logical flow should be this:

  1. Validate form input via stripe.js, and obtain token if format is valid
  2. Authorize token via backend API (PHP/Ruby etc)
  3. If authorized, create card + customer using token, add subscription/charge customer
  4. If NOT authorized, return to form with appropriate error, and do not create the customer/charge.

How do you actually achieve this in Stripe? Is there a dedicated Stripe\Card::authorize($token) method or something similar that can be used?

2
stripe-payments

2 Answers

11
votes

When you save a card to a customer Stripe does a $0/$1 authorization on the card. You can pass the card when you create the customer, and the customer would only get created if the authorization succeeds. In addition, you can specify the plan and card when creating the customer, the customer and subscription would only get created if the card is valid AND the charge for the first period of the subscription goes through.

0
votes

the scenario you describe is covered here: https://stripe.com/docs/charges#auth-and-capture

api is here (also available in php/java/go/node/curl) https://stripe.com/docs/api/ruby#create_charge