Stripe create-checkout-session -method returns http 400 (bad request) in production not in localhost

Question

I have been struggling with Stripe http 400 error in production server. The node.js (Express) code below works perfectly with localhost: it connects stripe-service and gets the payment session-id. But the same code in production server (iisnode.exe) returns all the time just http 400 error. My frontend cart-code (Angular) is in different domain than the backend-api where the endpoint below locates. Can anyone figure out what is wrong? Stripe docs for errors (https://stripe.com/docs/api/errors) mention that http 400 often is due to a missing required parameter. But I cannot see that in my case.

app.post('/create-checkout-session', async (req, res) => {

  const cartData = req.body
  try {
    const session = await stripe.checkout.sessions.create({
      payment_method_types: ['card', 'sepa_debit'],
      shipping_rates: ['shr_1Jmh85AuqIBxGbL5Z7JbTJaV'],
      shipping_address_collection: {
        allowed_countries: ['FI'],
      },
      line_items: [{
        "price_data": {
          "currency": "eur",
          "product_data": {
            "name": "Product 1",
            "description": "Further info here"
          },
          "unit_amount": 6800
        },
        "quantity": 2
      }],
      phone_number_collection: {
        enabled: true,
      },
      mode: 'payment',
      success_url: `${stripeUrl}/myynti/success?true&session_id={CHECKOUT_SESSION_ID}`,
      cancel_url: `${stripeUrl}/myynti/cancel`
    });

    res.json({ id: session.id });

  } catch (e) {
    res.status(400);
    return res.send({
      error: {
        message: e.message,
      }
    });
  }

}));

(ADDED after comment by alex) Here is what I have in Stripe Dashboard behind the url alex provided:

POST /v1/checkout/sessions Status 400 ERR ID req_so02k9kRthmCZ7 Time 10/21/21, 5:20:23 PM IP address ******** API version 2020-08-27 Latest Source Stripe/v1 NodeBindings/8.178.0 Idempotency Key — 461bb3f4-e2e1-421d-b177-9713176448af

ACTUAL ERROR MESSAGE: invalid_request_error The line_items parameter is required in payment mode.

{
  "payment_method_types": {
    "0": "card",
    "1": "sepa_debit"
  },
  "shipping_rates": {
    "0": "shr_1Jmh85AuqIBxGbL5Z7JbTJaV"
  },
  "shipping_address_collection": {
    "allowed_countries": {
      "0": "FI"
    }
  },
  "phone_number_collection": {
    "enabled": "true"
  },
  "mode": "payment",
  "success_url": "http://localhost:4200/myynti/success?true&session_id={CHECKOUT_SESSION_ID}",
  "cancel_url": "http://localhost:4200/myynti/cancel"
}

The error message says that the "line_items parameter" is lacking but that should not be the case? - any ideas why see also my original code where there is line_items parameter included.

Please share the error message. You can check details about the original request, whether it succeeded or failed, the response from Stripe, and a reference to any related API resources in the Stripe Dashboard : https://dashboard.stripe.com/test/logs?success=false — alex, Oct 23 '21 at 02:56
I did not know the log checking possibility in Stripe dashboard - so thanks a lot for informing this alex! - However, like I say in my post update, I cannot still figure out why to line_items paramter is not there. — M.Y., Oct 23 '21 at 11:53
Now I also noticed that those (error) logs in Stripe Dashboard do not include log-data from the requests in production server at all - irrespective of the "bad request" what I receive in response. Stripe Dashboard logs are created only from local post requests (from development environment) to stripe.checkout.sessions.create -method. Could there be something in the IIS remote server which blocks requests to external apis? — M.Y., Oct 23 '21 at 12:19
SOLVED: there was a silly mistake by me, a typo in environment variable and therefore the connection to Stripe could not take place from my backend. After correcting the typo, Stripe is capapble of receiving a correct secret-key value - and, now the stripe.checkout.sessions.create -method works as expected. Sorry for taking anyone's time for this! — M.Y., Oct 23 '21 at 13:15
I had a very similar problem, it turns out that what I was doing wrong was that my stripeURL variable only included my domain (e.g. staging.example.com) when what I actually needed was https://staging.example.com. — Zach Bellay, Jul 09 '22 at 06:59
I had a very similar problem, it turns out that what I was doing wrong was that my stripeURL variable only included my domain (e.g. `staging.example.com`) when what I actually needed was `https://staging.example.com`. — Zach Bellay, Jul 09 '22 at 17:03
Yes, this kind of mistakes typically come when we are new to some system and we have not yet have our heads properly wrapped around the requirements and the necessary details. Then our minds easily skip something or we assume something which is not yet understood correctly. — M.Y., Jul 10 '22 at 14:17
I was using 'live' public key for creating CheckoutForm on front-end, while was using 'test' secret key for generating clientSecret in the backend :facepalm: — D S, Jul 26 '23 at 05:03

Stripe create-checkout-session -method returns http 400 (bad request) in production not in localhost

0 Answers0