0
votes

I'm using Laravel with Stripe (directly stripe/stripe-php, not Cashier). In the config there is this content:

'stripe' => [
    'model' => App\User::class,
    'key' => env('STRIPE_KEY'),
    'secret' => env('STRIPE_SECRET'),
    'webhook' => [
        'secret' => env('STRIPE_WEBHOOK_SECRET'),
        'tolerance' => env('STRIPE_WEBHOOK_TOLERANCE', 300),
    ],
], 

What is the point of having only one webhook secret available there?

'secret' => env('STRIPE_WEBHOOK_SECRET'),

Most apps will have multiple webhook listeners. In my case I added in the env file several different webhook secrets, one for each, actually, but I left the config/service with the first one:

.env
STRIPE_WHS_CHECKOUT_OK=whsec_Z***Rp
STRIPE_WHS_PAYMENT_FAIL=whsec_M***g7

config/services.php
'secret' => env('STRIPE_WHS_CHECKOUT_OK'),

I tried to do some research on Laravel docs, but not much info about this, anyone can shed some light? Not that the app is broken, it works as explained, but just curious

1
What do mean by Most apps will have multiple webhook listeners - You should only need 1 webhook that listens to different eventsChristophe Hubert

1 Answers

0
votes

In your case, you should only use one endpoint that receives several events. You can control what type of event you want to see from your dashboard:

https://stripe.com/docs/webhooks/best-practices#event-types