Stripe Checkout integration and webhook-driven payment reconciliation for Decabill invoices.
Decabill uses a payment processor abstraction with Stripe as the built-in implementation. Customers initiate payment from the billing console; the backend creates a Stripe Checkout Session and records the attempt. Stripe webhooks mark invoices paid idempotently.
Additional processors can be registered via Dynamic Provider Plugins.
Set the active processor type:
BILLING_DEFAULT_PAYMENT_PROCESSOR=stripeThe PaymentProcessorFactory resolves processors by type string at runtime.
| Variable | Purpose |
|---|---|
STRIPE_SECRET_KEY |
Stripe API secret key |
STRIPE_WEBHOOK_SECRET |
Webhook signing secret |
STRIPE_CHECKOUT_SUCCESS_URL |
Legacy full URL or path used with tenant frontend base |
STRIPE_CHECKOUT_CANCEL_URL |
Cancel redirect path |
Per-tenant redirect bases come from Multi-tenancy:
BILLING_FRONTEND_URLfordefaultTENANT_FRONTEND_URLSfor other tenants
Checkout success and cancel URLs are built from the tenant frontend base plus configured path segments.
sequenceDiagram
participant User
participant API as Billing Manager
participant Stripe
participant DB as PostgreSQL
User->>API: POST /invoices/ref/{invoiceRefId}/pay
API->>DB: Load invoice + customer profile
API->>Stripe: Create Checkout Session
Stripe-->>API: checkoutUrl
API->>DB: Record payment attempt
API-->>User: InitiatePaymentResponse with URL
User->>Stripe: Complete checkout
Stripe->>API: POST /webhooks/payments/stripe
API->>DB: Idempotent event + mark paid
API-->>Stripe: 200
POST /invoices/ref/{invoiceRefId}/pay (and subscription-scoped variant) returns a checkout URL. The user is redirected to Stripe Hosted Checkout.
Session metadata includes tenant id so webhooks apply payment to the correct tenant's invoice.
POST /webhooks/payments/stripe is a public endpoint secured by Stripe signature verification.
Behavior:
- Verify webhook signature with
STRIPE_WEBHOOK_SECRET - Process events idempotently (duplicate deliveries safe)
- Update invoice payment status to
paidon successful checkout - Store Stripe customer id on Customer Profile when created
Admins can override payment state without Stripe:
POST /admin/billing/invoices/{invoiceRefId}/mark-paidPOST /admin/billing/invoices/{invoiceRefId}/mark-unpaid
Use for offline payments or reconciliation corrections. Audit logs record admin actions.
Built-in and dynamic processors implement:
- Checkout session creation with amount, currency, and metadata
- Webhook route registration (Stripe uses fixed path)
- Customer create or update helpers
Stripe implementation: StripePaymentProcessor in the billing manager feature module.
- Never expose
STRIPE_SECRET_KEYorSTRIPE_WEBHOOK_SECRETto the frontend - Webhook endpoint validates Stripe signatures before state changes
- Checkout sessions include tenant and invoice references for scoped updates
- Use HTTPS for production webhook URLs
- Invoices - Invoice statuses and pay endpoints
- Multi-tenancy - Tenant-aware redirect URLs
- Dynamic Provider Plugins -
DYNAMIC_PAYMENT_PROCESSORS - Customer Profiles - Stripe customer id storage
- Stripe Documentation - External Stripe reference
- Billing Manager OpenAPI - Pay and webhook paths
Configure Stripe keys in the billing manager environment before enabling customer checkout.