Possibly. Stripe supports limited scope API keys called "restricted" that aren't... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

fragmede on July 18, 2023 | parent | context | favorite | on: Tiffin Tom: Fish, chips and a side of identity the...

Possibly. Stripe supports limited scope API keys called "restricted" that aren't allowed to eg refund payments, though they're not the default. I have no idea how many people are actually using them.

https://stripe.com/docs/keys

hayd on July 18, 2023 [–]

I didn't know that, thanks, we should probably be using those...

Unsurprisingly, this company isn't as (in screenshot) their key starts with sk_live_.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact