Stripe
Stripe integration via PaymentIntents — direct charges and 3D Secure.
Stripe is integrated through the PaymentIntents API. Authentication uses your sk_live_… / sk_test_… secret key as a Bearer token. 3D Secure is delivered as a redirect URL wrapped in HTML, matching payfyio's threeDSHtmlContent contract.
⚠ PCI scope. Sending raw PAN to
payment_intentsrequires merchant-side PCI eligibility and Stripe's "raw card data" entitlement. Production merchants without that entitlement should layer Stripe Elements on top and pass the resultingpayment_methodid, not raw card fields.
Configuration
stripe: {
enabled: true,
config: {
secretKey: process.env.STRIPE_SECRET_KEY!,
apiVersion: '2024-06-20', // optional override
},
}baseUrl defaults to https://api.stripe.com for both modes.
Direct Payment
const result = await payment.stripe.createPayment({
price: '99.00',
paidPrice: '99.00',
currency: 'USD',
basketId: 'order-1',
paymentCard: { cardHolderName, cardNumber, expireMonth, expireYear, cvc },
buyer: { id, name, surname, email, ip, /* … */ },
shippingAddress: { /* … */ },
billingAddress: { /* … */ },
basketItems: [{ id, name, category1, itemType: 'PHYSICAL', price: '99.00' }],
});If Stripe returns requires_action, switch to initThreeDSPayment instead.
3D Secure
const init = await payment.stripe.initThreeDSPayment({
...sameRequest,
callbackUrl: 'https://yoursite.com/stripe/callback',
});
if (init.status === PaymentStatus.PENDING && init.threeDSHtmlContent) {
// Render init.threeDSHtmlContent (auto-redirects to Stripe's challenge page).
}After Stripe redirects back to your callbackUrl it appends payment_intent (and payment_intent_client_secret) to the URL. Pass the query object back into payfyio:
const final = await payment.stripe.completeThreeDSPayment(req.query);
// final.status === 'success' on a confirmed PaymentIntentRefund / Cancel / Get
await payment.stripe.refund({ paymentId, price: '99.00', currency: 'USD', ip: '…' });
await payment.stripe.cancel({ paymentId, ip: '…' });
await payment.stripe.getPayment(paymentId);