I want stripe to add some unique data about the user. As it's written in the documentation, normal URL link looks like this:
<a href="http://example.dev/stripe?scope=read_write&code={AUTHORIZATION_CODE}">Connect Stripe</a>
And return data will be something like this:
array:2 [
"scope" => "read_write"
"code" => "{TOKEN_CODE}"
]
In my case, because every user owns different domain but redirects back to the same URL I need to know who's who. So can I add data to the redirect link:
<a href="http://example.dev/stripe?scope=read_write&code={AUTHORIZATION_CODE}&data={UNIQUE_DATA}">Connect Stripe</a>
in order to get this from Stripe server?
array:3 [
"scope" => "read_write"
"code" => "{TOKEN_CODE}"
"data" => "{UNIQUE_DATA}"
]
What I usually advise to do here is to use a cookie or a session to "remember" your user. Since they come on your website first before being redirected to Stripe you'd be able to save some info in a cookie so that when Stripe redirects them back to your server you know who they are and where they came from to finalize the redirection.
Otherwise, if that doesn't work for you, you could use the state parameter when you redirect the user to Stripe and that value would be kept all along and sent back in the URL once the user is redirected to your server. This is documented here where the docs say:
To prevent CSRF attacks, add the state parameter, passing along a unique token as the value. We’ll include the state you gave us when we redirect the user back to your site.