Create Payment Method Setup Intent
Creates a Stripe SetupIntent and returns its client_secret. Required for Apple Pay and Google Pay wallet flows.
Why this endpoint exists:
When using Stripe's PaymentRequest API, the native wallet sheet (Apple Pay / Google Pay) waits for Stripe to server-confirm the operation. Without calling stripe.confirmCardSetup(client_secret, ...) before event.complete('success'), the sheet stays in processing state and shows "Load failed".
Auth policy — authenticated users only:
Guests and anonymous callers are rejected (401/403). SetupIntents are used to save payment methods for future use; guests have no persistent account to save to, and allowing unauthenticated access would allow unlimited Stripe API calls (DoS vector).
Customer handling:
This endpoint does not auto-create Stripe customers. It performs a best-effort lookup — if the authenticated user already has a Stripe customer, the SetupIntent is attached to it. Customer creation happens in POST /payment-methods after the wallet flow completes.
Frontend contract (step order):
- Call this endpoint → receive
client_secret - User taps wallet button → payment sheet opens
- User authenticates
- In
paymentmethodevent:stripe.confirmCardSetup(client_secret, { payment_method: ev.paymentMethod.id }) ev.complete('success')→ sheet closes- Call
POST /payment-methodsto save the PM to Bridge
Authorizations
Session ID from Flowless authentication
Request Body
Responses
SetupIntent created successfully