stripe-apps icon indicating copy to clipboard operation
stripe-apps copied to clipboard
verified publisher icon stripe

API to retrieve list of granted permissions

Open clement911 opened this issue 2 years ago • 6 comments

My understanding is that different accounts can have different versions of our app installed, because upgrading to the latest version requires approving the permissions.

As a result, would it be possible to add an API to retrieve the list of granted permissions for a given connected account?

Also, what happens if new permissions were added but the user opening the app is not an admin? Do they have to ask an admin to upgrade the app?

clement911 avatar May 01 '23 06:05 clement911

Hi, thanks for the feature request! An API to retrieve the list of granted permissions is on our roadmap so watch this space for improvements in this area.

Approving an app's new permissions requires admin privileges on the account, so a non-admin will need to ask an admin to approve the new permissions.

To clarify app behavior with respect to permissions - accounts always use the latest published version of an app. However, you're correct that if an app changes the permissions it requests, an admin must approve the new permissions before the app will be able to make requests that require the new permissions. An app backend is restricted to the permissions the account has most recently approved. In the Stripe dashboard, an app UI extension is restricted to the permissions the account has most recently approved as well as the permissions the logged-in user has on the account.

fkuo-stripe avatar May 01 '23 17:05 fkuo-stripe

hey @clement911 ! The latest release of the UI Extension SDK exposes a new appContext field which contains a list of granted app permissions. While this is not accessible by backend-only apps, accounts with the app installed now also get a notification when a developer updates the list of required app permissions.

kafrifa-stripe avatar Aug 01 '23 00:08 kafrifa-stripe

Hi @kafrifa-stripe , can you please elaborate on the following:

accounts with the app installed now also get a notification when a developer updates the list of required app permissions.

Are they getting an email or an in-app notification?

We have just updated our app to request additional permissions. In our testing from another account, there was no email received and no notification shown to users when opening the app. The only prompt to grant new permissions is displayed when we go to the app settings (which many users would hardly ever go to). Am I missing something?

clement911 avatar Aug 09 '23 00:08 clement911

Hi @kafrifa-stripe , can you please elaborate on the following:

accounts with the app installed now also get a notification when a developer updates the list of required app permissions.

Are they getting an email or an in-app notification?

We have just updated our app to request additional permissions. In our testing from another account, there was no email received and no notification shown to users when opening the app. The only prompt to grant new permissions is displayed when we go to the app settings (which many users would hardly ever go to). Am I missing something?

Thanks for the response, @clement911! We temporarily disabled that feature to resolve some minor issues -- they have been fixed and accounts with the app installed should get both emails and dashboard notifications.

kafrifa-stripe avatar Aug 09 '23 17:08 kafrifa-stripe

Is the dashboard notification only shown when the user goes to the app's settings page (unlikely) or whenever they open the app?

clement911 avatar Aug 09 '23 22:08 clement911

It pops up in the "Notifications" drawer, which is visible throughout the Dashboard.

kafrifa-stripe avatar Aug 10 '23 16:08 kafrifa-stripe