Hidetaka Okamoto

This article focuses on how to process Stripe's data in your AWS account with minimal code. You'll learn how to query your business and customer data using SQL, assisted by an LLM (Large Language Model) for query generation. Additionally, it demonstrates how to enhance the security of your data integration by using the native Stripe-AWS integration, specifically the Stripe Event Destination to Amazon EventBridge feature.

Importing sales data from Stripe into AWS

In this article, we will guide you on how to set up usage threshold alerts based on consumption for customers with pay-as-you-go plans. By integrating AWS's serverless tools with Stripe, you can create a streamlined and easy-to-manage notification system with minimal coding.

Building serverless usage notification with AWS

This article highlights development tips for efficiently developing and operating Stripe at a lower cost, as presented by the Japanese Stripe user community JP_Stripes. We'll focus on content from two events held in September 2024 in Aizuwakamatsu, Fukushima Prefecture, and Sapporo, Hokkaido.

Japan community highlights: Effective testing and security

This article shows you how to use Stripe's sandbox to simplify your development process. You'll learn to create isolated test environments, simulate real-world scenarios, and debug your subscription logic efficiently. 

Developing and investigating subscription data flow

This post introduces how to manage SaaS feature entitlements efficiently using the Stripe API. It explains why it's important to provide multiple plans to your customers and how to differentiate each plan through entitlement management. With the Stripe API, managing entitlements can become more straightforward, allowing you to focus on building and improving your core services.

Managing SaaS access control with Stripe’s Entitlements API

This post explores how to leverage Stripe's A/B testing, its benefits, and how you can use it to boost online sales. You can learn how to improve the conversion rate by optimizing payment options without adding further code.

Optimize payment flow while reducing code complexity with Stripe's A/B Testing

Stripe CLI

A guide to types of payment methods

Stripe Checkout Guide

Workbench Guide

Subscribe to Stripe Developers on YouTube.

Follow us at @Stripedev on twitter for updates and answers to your developer questions.

Sign up for the Developer Digest.

Join the Stripe Discord server to chat live with other developers.

Join Stripe Insiders to try the latest features and provide direct feedback to the teams that build them.


A variety of processes and services are executed behind the scenes from the moment a customer submits their credit card information to when the store receives the payment. These processes include fraud risk assessment by [Radar](https://stripe.com/radar), additional authentication like [3DS](https://docs.stripe.com/payments/3d-secure), securing credit limits with card issuers, and currency exchange processes.

Normally, developers don't need to worry about these operations until errors occur. Then, you need to know how to investigate what went wrong in your payment flow and how to fix it.

Consider a scenario where you're tasked with examining the specifics of the 3DS authentication process. The current 3DS authentication flow, known as EMV 3DS, allows for the possibility of authentication occurring without presenting an authentication UI to the user. In such cases, the user may complete the payment without being aware that 3DS authentication happened in the background. This requires investigating not only if the authentication happened, but also determining whether it was done through risk-based assessment or with the identity verification UI.

Such investigations can be easily carried out in the [Stripe dashboard](https://dashboard.stripe.com/), using our newly released [Workbench](https://docs.stripe.com/workbench).

## How to test 3DS with Workbench

Workbench allows you to perform development, testing, and debugging all within the browser without installing any software or browser extensions. Workbench offers capabilities including checking API error history and summaries, viewing logs of API requests and webhook events, testing API requests, and generating SDK code. It also makes testing for fraud and authentication errors much easier.

![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image13.png)
[https://docs.stripe.com/workbench](https://docs.stripe.com/workbench)

To use Workbench, access it through the Stripe dashboard by clicking on the **Developers** link and then selecting **Workbench**. You can also launch it by pressing the `~` key on your keyboard when in the Stripe Dashboard. If you can not see the Workbench link, you need to enable it by [the setting page](https://dashboard.stripe.com/settings/developers).

![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image3.png) 

To understand the process of investigation and debugging, let's check if 3DS authentication is performed correctly. You can view debug information including raw JSON data, API history, and Webhook event data using the **Inspector** tab in Workbench on each Payment Intent detail page.

![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image5.png)

The 3DS authentication process can be completed in two ways: either the authentication UI is displayed to the user or it is not displayed. You can use Workbench to investigate whether 3DS authentication is executed and if the authentication UI is shown to the user.

If the payment has been completed, you can see the [Charge object](https://docs.stripe.com/api/charges/object) on the **Inspector** tab. If you cannot see the Charge object, the payment process is not completed. Customers should complete the payment process before you debug the 3DS auth flow.

![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image10.png)

When examining the Charge object, the `three_d_secure` property can be found on the `payment_method_details.card` object. The 3DS authentication flow type is indicated by the [`authentication_flow` field](https://docs.stripe.com/api/charges/object#charge_object-payment_method_details-card-three_d_secure-authentication_flow) within this object. In the provided screenshot, this field has a value of `challenge`, indicating that the 3DS authentication UI is presented to the customer during the payment flow. Furthermore, examining the [`result` property](https://docs.stripe.com/api/charges/object#charge_object-payment_method_details-card-three_d_secure-result) reveals a value of `authenticated`. This indicates that the 3DS authentication UI completed successfully. And if the `payment_method_details.card` object was empty, the payment might be preceded by the non-card payment method.

![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image9.png)

For instance, while supporting a customer whose transaction was declined by the card network, you can investigate why the transaction was rejected using Workbench. Stripe shows the reason why the 3DS flow failed in the [`payment_method_details.card.three_d_secure.result_reason`](https://docs.stripe.com/api/charges/object#charge_object-payment_method_details-card-three_d_secure-result_reason) property. If you see card_not_enrolled, it means the credit card the customer used for the transaction does not support 3D Secure or has not been set up for 3D Secure. In this case, you can guide them on the next steps to complete their transaction.

Moreover, we can investigate the API request and Webhook event history on the **Inspector** tab. By clicking the **Events** tab on the Charge object, you can see what types of events Stripe sends and when the webhook events are delivered.  


![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image12.png)

For a more detailed investigation of the payment flow, select the **Events** tab on the Payment Intent object. There, you can see the following events that occur during the payment process:

* `payment_intent.created`
* `payment_intent.requires_action`
* `charge.succeeded`
* `payment_intent.succeeded`
* `checkout.session.completed`


  
![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image2.png)

You can observe the `payment_intent.requires_action` event occurring before the `charge.succeeded` event. This indicates that the payment flow requires 3DS authentication, as determined by Stripe Radar or the card issuer. Upon further examination of this event, you see that next_action.type is set to "use_stripe_sdk". This signifies that the application processes this payment using either the stripe.js [JavaScript SDK](https://docs.stripe.com/libraries/stripejs-esmodule), [iOS SDK](https://docs.stripe.com/libraries/ios), and [Android SDK](https://docs.stripe.com/libraries/android), or the redirect-type payment flow. For more detailed information about these authentication flows, please refer to [this document](https://docs.stripe.com/payments/3d-secure/authentication-flow?platform=web#when-to-use-3d-secure).

## Investigate past payment events in the Events tab

While the Inspector tab is useful for debugging flows like 3DS authentication for individual payments, let's explore how to investigate historical 3DS authentication events.

The Events tab in the Workbench provides a comprehensive list of past events. You can filter these events based on type and occurrence time, allowing you to analyze event frequency during specific periods. Let's focus on examining the frequency of 3DS authentication events.

![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image7.png)

To do this, set the `Event type` to `payment_intent.requires_action`. Then, adjust the `Date` filter to `Last 30 days`. This configuration displays the number of 3DS authentications over the past 30 days, along with detailed data for each associated payment.  

![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image1.png)

Once you've identified a payment of interest, locate the payment intent ID (starting with `pi_`) in the 'Event data' section on the right-hand panel. Click on this ID to reveal a dropdown menu. Within this menu, click the 'Show in dashboard' link to view the detailed page for that specific payment intent.

![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image11.png)

## Simulating the 3DS authentication flow in the dashboard

To simulate or test your application triggered by webhook events from Stripe, you can easily do so using the workbench. Navigate to the 'Shell' tab to open a command line interface. This allows you to execute [Stripe CLI](https://docs.stripe.com/stripe-cli/overview) commands without installing additional tools on your machine.

![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image8.png)

Now let's simulate the 3DS authentication flow. At the bottom of the UI, enter the following in the command input area: `stripe trigger payment_intent.requires_action`. This command simulates the payment flow, including 3DS authentication. Once you run the command, you see both the request and response data in the CLI interface.

![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image4.png)

Now let's return to the Events tab to check the simulated event. You should find a new `payment_intent.requires_action` event listed. This way, you can easily obtain new payment intent data and event information without running the payment flow in your test application environment. If you don't see this event, click the 'Refresh events' link on the right side of the panel.

![](/images/easily-debug-your-3ds-authentication-with-stripe-workbench/image6.png)

You can learn about the types of events simulated by referring to [the CLI documentation](https://docs.stripe.com/cli/trigger). Additionally, the CLI interface in the workbench features input completion for Stripe CLI commands. This means you can easily complete the necessary commands by pressing the tab key while typing. There's no need to memorize and manually type out entire commands.

## Summary

Stripe's Workbench is a powerful tool that allows you to easily investigate what's happening behind the scenes of the payment process. 

Workbench allows you to:

* Check the Charge object in the Inspector tab to understand the 3DS authentication flow and results  
* Track the sequence of events that occurred during the payment process in the Events tab  
* Filter and analyze past payment events  
* Use CLI commands to simulate the 3DS authentication flow and generate test data

These features enable developers to efficiently address various challenges, such as responding to customer inquiries, testing subscription auto-renewals, and handling 3DS authentication results. By using Workbench, debugging and optimizing complex payment processes becomes significantly simplified.

This tool provides a user-friendly interface for developers to gather necessary information with just a few clicks, obtain event data for testing code related to subscription renewals, and learn how to handle 3DS authentication flows and results effectively. Ultimately, Workbench streamlines the development and troubleshooting process for Stripe integrations, saving time and reducing potential errors.

Next time you debug a tricky payment issue, remember to use these powerful tools.

To learn more about developing applications with Stripe, visit our [YouTube Channel](https://www.youtube.com/stripedevelopers).

[![](/images/YouTube.png)](https://www.youtube.com/stripedevelopers)

In this article, you'll learn how to investigate the payment process with just a few clicks on the Stripe dashboard. You'll also see how to obtain event data for testing code related to the 3DS authentication flow.

Easily debug your 3DS authentication with Stripe Workbench

Hidetaka Okamoto