Portal Community

When to Use

Three webhook endpoints registered automatically. The node registers three Stripe webhook paths: /webhooks/payment/success, /webhooks/payment/failure, and /webhooks/refund. Register all three in your Stripe Dashboard under Developers → Webhooks and point them at the appropriate BizFirstAI endpoint URLs for your deployment.
Timestamp replay protection. The node rejects Stripe webhook requests where the timestamp embedded in the stripe-signature header is more than 5 minutes old. Ensure your BizFirstAI server clock is synchronised via NTP. Clock skew greater than 5 minutes will cause legitimate events to be rejected.

Configuration

Security

FieldRequiredDescription
webhookSecret Required Stripe webhook endpoint signing secret in whsec_… format. Found in the Stripe Dashboard under Developers → Webhooks → [your endpoint] → Signing secret. Store in BizFirst Credentials Manager and reference as {{ $credentials.stripe-webhook-secret }}. Never store the raw value in node configuration. Falls back to Stripe:WebhookSecret in appsettings.json if omitted.
enableIdempotencyCheck Optional Default false. When true, uses the Stripe event ID (event_id) as a deduplication key to prevent the same event from starting two workflow runs if Stripe retries the delivery.
includeFullEventObject Optional Default false. When true, the complete raw Stripe event JSON is written into the output under _raw_event. Useful when downstream nodes need Stripe fields not extracted by default. Increases payload size.

Event Filtering

FieldRequiredDescription
allowedEventTypes Optional Comma-separated list of Stripe event types to process. Other event types are silently ignored. Valid values: charge.succeeded, charge.failed, charge.refunded, payment_intent.succeeded, payment_intent.payment_failed, charge.dispute.created, charge.dispute.closed. Supports wildcard suffix (e.g. charge.*). Leave empty to process all event types.
minimumAmount Optional Minimum payment amount in the smallest currency unit (cents for USD). Events with an amount below this threshold are ignored. Default 0 (no minimum). Example: 1000 = only process payments of $10.00 USD or more.
maximumAmount Optional Maximum payment amount in the smallest currency unit. Events above this threshold are ignored. Default 0 (no maximum). minimumAmount must be less than or equal to maximumAmount when both are set.
allowedCurrencies Optional Comma-separated ISO 4217 currency codes (case-insensitive). Events in other currencies are ignored. Example: USD,EUR,GBP. Leave empty to process all currencies. Each code must be exactly 3 letters.
requireKnownCustomer Optional Default false. When true, only processes events that include a non-null Stripe customer ID (customer_id). Useful in B2B scenarios where anonymous or guest checkout events should be excluded.

Sample Configuration JSON

{
  "webhookSecret": "{{ $credentials.stripe-webhook-secret }}",
  "allowedEventTypes": "charge.succeeded,charge.refunded,payment_intent.payment_failed",
  "minimumAmount": 100,
  "allowedCurrencies": "USD,EUR",
  "enableIdempotencyCheck": true,
  "requireKnownCustomer": true
}

Validation Errors

ErrorCause
Unknown event type: <value>An entry in allowedEventTypes is not in the valid set and does not end with .*.
MinimumAmount cannot be negativeminimumAmount is set to a negative number.
MaximumAmount cannot be negativemaximumAmount is set to a negative number.
MinimumAmount cannot be greater than MaximumAmountBoth amounts are set and minimumAmount exceeds maximumAmount.
Invalid currency code: <value>An entry in allowedCurrencies is not a 3-letter ISO alphabetic code.
Missing 'stripe-signature' headerThe inbound request has no stripe-signature header. The request did not originate from Stripe or was tampered with.
Invalid signature header formatThe stripe-signature header does not match the expected t=timestamp,v1=signature format.
Webhook timestamp outside acceptable windowThe timestamp in the signature header is more than 5 minutes old. Possible replay attack or server clock skew.
Invalid Stripe signatureThe computed HMAC-SHA256 does not match the provided signature. Likely a misconfigured webhookSecret.
Webhook secret not configuredwebhookSecret is empty and no fallback exists under Stripe:WebhookSecret in appsettings.json.

Output

Success Port

FieldTypeDescription
event_idstringUnique Stripe event identifier (e.g. evt_1234567890abcdef). Use as an idempotency key for downstream writes.
event_typestringStripe event type string (e.g. charge.succeeded, charge.refunded).
payment_intentstringStripe charge or payment intent ID from data.object.id (e.g. ch_… or pi_…).
amountnumberPayment amount in the smallest currency unit (e.g. cents). $10.00 USD = 1000.
currencystringISO 4217 currency code in uppercase (e.g. USD, EUR).
customer_idstringStripe customer ID (e.g. cus_…). Absent when the payment was made without a customer object.
statusstringPayment or charge status from the event object (e.g. succeeded, failed, refunded).
descriptionstringOptional description field from the charge or payment intent object.
metadataobjectKey-value metadata attached to the Stripe charge or payment intent. Only present when metadata is non-empty.
timestampstringISO 8601 UTC timestamp derived from the Stripe event's Unix created field.

Error Port

Fires when signature verification fails, the timestamp window is exceeded, the event type is filtered out, or the request body cannot be parsed as valid JSON. The output contains errorCode and message fields. All verification failures are logged for security audit trail purposes.

Sample Output JSON — charge.succeeded

{
  "event_id": "evt_1QaB2cD3eF4gH5iJ6kL7mN8",
  "event_type": "charge.succeeded",
  "payment_intent": "ch_3QaB2cRKJHMJBpXx1Y2Z3A4B",
  "amount": 4999,
  "currency": "USD",
  "customer_id": "cus_QaB2cD3eF4gH5iJ",
  "status": "succeeded",
  "description": "Subscription — Pro Plan — May 2026",
  "metadata": {
    "order_id": "ORD-2026-05-1234",
    "plan": "pro"
  },
  "timestamp": "2026-05-26T08:30:00Z",
  "_webhook_method": "POST",
  "_webhook_path": "/webhooks/payment/success",
  "_webhook_received_at": "2026-05-26T08:30:00.812Z"
}

Expression Reference

ExpressionValue returned
{{ $output.stripe.event_type }}Stripe event type string.
{{ $output.stripe.event_id }}Unique event ID for idempotency checks.
{{ $output.stripe.amount }}Amount in smallest currency unit (cents).
{{ $output.stripe.currency }}ISO 4217 currency code in uppercase.
{{ $output.stripe.customer_id }}Stripe customer ID.
{{ $output.stripe.status }}Charge or payment status.
{{ $output.stripe.payment_intent }}Charge or payment intent ID.
{{ $output.stripe.metadata.order_id }}Custom metadata value by key.
{{ $output.stripe.timestamp }}ISO 8601 event timestamp.

Node Policies & GuardRails

Examples

Post-Payment Fulfillment — Provision Subscription Access

{
  "webhookSecret": "{{ $credentials.stripe-webhook-secret }}",
  "allowedEventTypes": "charge.succeeded",
  "allowedCurrencies": "USD,EUR,GBP",
  "minimumAmount": 1,
  "enableIdempotencyCheck": true,
  "requireKnownCustomer": true
}

Fires only for successful charges linked to a known Stripe customer. The downstream workflow uses {{ $output.stripe.customer_id }} to look up the internal account record, activates the subscribed plan, and sends a purchase confirmation email. The idempotency check prevents double-provisioning if Stripe retries the event.

Failed Payment Dunning — Retry and Notify

{
  "webhookSecret": "{{ $credentials.stripe-webhook-secret }}",
  "allowedEventTypes": "charge.failed,payment_intent.payment_failed",
  "enableIdempotencyCheck": true,
  "requireKnownCustomer": true
}

Triggers a dunning workflow whenever a charge fails. The workflow sends a payment failure email to the customer using {{ $output.stripe.customer_id }} and {{ $output.stripe.amount }} to personalise the message, then schedules an automatic retry after 48 hours using a Delay node. If a second attempt fails, an account manager notification is dispatched.

High-Value Payment Alert — Fraud Review Routing

{
  "webhookSecret": "{{ $credentials.stripe-webhook-secret }}",
  "allowedEventTypes": "charge.succeeded",
  "minimumAmount": 100000,
  "allowedCurrencies": "USD",
  "enableIdempotencyCheck": true,
  "includeFullEventObject": false
}

Only processes charges of $1,000 USD or more. Each qualifying payment routes to a fraud-review workflow that posts the payment details — {{ $output.stripe.amount }}, {{ $output.stripe.customer_id }}, and {{ $output.stripe.metadata }} — to an internal Slack channel and creates a review task in Jira. Normal payments below the threshold are handled by a separate workflow with a lower minimumAmount setting.