I'm using Rails with Devise and the omniauth-stripe-connect gem.
Devise.rb
config.omniauth :stripe_connect,
                  ENV['STRIPE_CONNECT_CLIENT_ID'],
                  ENV['STRIPE_SECRET_KEY'],
                  :scope => 'read_write',
                  :stripe_landing => 'register'
Omniauth Callbacks Controller
class OmniauthCallbacksController < Devise::OmniauthCallbacksController
  def stripe_connect
    @user = current_user
    if @user.update_attributes({
       provider: request.env["omniauth.auth"].provider,
       uid: request.env["omniauth.auth"].uid,
       access_code: request.env["omniauth.auth"].credentials.token,
       publishable_key: request.env["omniauth.auth"].info.stripe_publishable_key
                               })
      # anything else you need to do in response..
      sign_in_and_redirect @user, :event => :authentication
      set_flash_message(:notice, :success, :kind => "Stripe") if is_navigational_format?
    else
      session["devise.stripe_connect_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end
end
In development this works fine and adds the information i need to the user for stripe connect, but in production i'm getting this error.
{
2017-11-07T02:05:05.255495+00:00 app[web.1]:   "error": "invalid_grant",
2017-11-07T02:05:05.255496+00:00 app[web.1]:   "error_description": "Authorization code provided does not belong to you"
I set up the live stripe api keys in production. I'm thinking maybe it has something to do with devise, but i'm really not sure.
In our case, we were inadvertently using a client ID with a secret key from a different account that was causing a similar error.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With