3

if anyone could give me a clear high level answer that would be great. I want to integrate a payment gateway into my app eg: Strip/Braintree, and I have gotten it all working to the testing part but now I am wondering for me to move it to production do I need to host the back end server for retrieving the tokens myself? Currently I hosted the test server locally to test that it works. But what now? Do I need to host this on a server for all time so my app can get its tokens? Please help.

DJL
  • 61
  • 7
  • Your backend server needs to be running on a URL accessible from wherever your app is running. So generally, yes, you need to host a server somewhere for this. – karllekko Feb 04 '19 at 14:39
  • OK thank you. I read somewhere that AWS Lambda could be used and that way I don't need to manage any server...and the code just runs when its used. Have you heard of this option? – DJL Feb 04 '19 at 16:43
  • You can use Lambdas for it, although you may need to put an API Gateway in front of it so you can access it from your app safely – Máté Feb 08 '19 at 09:39

2 Answers2

1

Yes, you have to. You can start with a Virtual Machine at DigitalOcean or Vultr. Replicate your test environment there, then harden the server, etc. If you're new to that then I recommend you to find someone who has experience setting up servers in production environments.

Adolfo Abegg
  • 765
  • 7
  • 15
  • OK thank you. I read somewhere that AWS Lambda could be used and that way I don't need to manage any server...and the code just runs when its used. Have you heard of this option? – DJL Feb 04 '19 at 16:43
1

Thanks for your help. I spoke with Stripe and below was there response. They confirmed that you do need a server backend all the time.

-- Unfortunately, we don’t provide any hosted solutions when working with app based payment flows—you would need to have a back-end setup in place or use a serverless solution such as Heroku, both for your eventual move to a production environment and also while in development to test your back-end.

Generally speaking, you’ll use our SDKs when building your app to implement our client-side framework enabling you to securely collect and tokenize payment details from customers from within your app. However, the back-end server is where you’ll actually make requests to Stripe when you need to create a charge, refund a payment or take some other API related action.

Additionally, your back-end server will play a critical role as that’s where you’ll need to generate the ephemeral keys that will be used as the client-side session credentials for the app’s user. The use of ephemeral keys will facilitate the retrieval and updating of customer objects in Stripe for a given user (the persistent creation and use of individual customer objects is a default behavior for our mobile SDKs), but will ensure that your Stripe account’s secret API keys remain protected (public API keys are still used in the client).

DJL
  • 61
  • 7