Setup

Stripe Integration

Connect StayPaid to Stripe in minutes. We listen for failed payment events and show them in your dashboard.

How It Works

StayPaid uses Stripe webhooks to detect when a subscription payment fails. When Stripe sends a failed payment event, StayPaid creates a recovery attempt in your dashboard and schedules the first email.

The integration is read-only for failed payments. StayPaid doesn't modify your Stripe account, charge customers, or change subscriptions. It only reads failed payment events and sends emails.

What You Need

  • A Stripe account with active subscriptions.
  • Your Stripe secret key (starts with sk_).
  • A few minutes to complete the onboarding wizard.

Step-by-Step Setup

Step 1: Get Your Stripe Secret Key

  1. Log in to your Stripe Dashboard.
  2. Go to Developers → API keys.
  3. Click Reveal next to Secret key.
  4. Copy the key (it starts with sk_).

⚠️ Never share your secret key. StayPaid encrypts it at rest and only uses it to read failed payment events.

Step 2: Enter the Key in StayPaid

During onboarding, you'll reach the Stripe step. Paste your secret key and click Validate. StayPaid will test the connection and confirm it can read your account.

If validation fails, double-check that you're using a secret key (not a publishable key) and that it hasn't expired.

Step 3: Configure Webhooks (Optional but Recommended)

For real-time failed payment detection, set up a webhook in Stripe:

  1. In Stripe, go to Developers → Webhooks.
  2. Click Add endpoint.
  3. Enter your webhook URL: https://staypaid.io/api/webhooks/stripe
  4. Select the event: invoice.payment_failed
  5. Click Add endpoint.

Without webhooks, StayPaid checks for failed payments daily via the cron job. With webhooks, you get instant notifications.

What Events StayPaid Listens For

StayPaid processes the following Stripe events:

  • invoice.payment_failed — A subscription payment failed. StayPaid creates a recovery attempt.
  • invoice.payment_succeeded — A previously failed payment succeeded. StayPaid marks it as recovered.

What StayPaid Does NOT Do

For security and transparency, here's what StayPaid never does with your Stripe account:

  • Charge customers or process payments.
  • Modify subscriptions, plans, or prices.
  • Access customer payment methods or card details.
  • Share your Stripe data with third parties.

Security

Your Stripe secret key is encrypted at rest using AES-256. It is never logged, never exposed in the UI, and never sent to the client-side. StayPaid only uses it to read failed payment events and check payment status.

If you ever want to revoke access, simply delete the webhook in Stripe or rotate your API key. StayPaid will immediately lose access.

Troubleshooting

"Invalid API key"

Make sure you're using a secret key (starts with sk_), not a publishable key (starts with pk_). Also check that the key hasn't been revoked in Stripe.

"No failed payments found"

This is normal if you haven't had any failed payments recently. The webhook will catch future failures automatically.

Webhook not working

Check that the webhook URL is correct and that the invoice.payment_failed event is selected. Also verify that your StayPaid instance is publicly accessible (not localhost).

Ready to connect Stripe?

Start Free — First 3 recoveries