Skip to main content
PUT
/
api
/
v1
/
payments
/
stripe
/
projects
/
{project_id}
/
config
Update Stripe Configuration
curl --request PUT \
  --url https://api.devkit4ai.com/api/v1/payments/stripe/projects/{project_id}/config \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "test_secret_key": "<string>",
  "test_publishable_key": "<string>",
  "test_webhook_secret": "<string>",
  "live_secret_key": "<string>",
  "live_publishable_key": "<string>",
  "live_webhook_secret": "<string>"
}
'
{
  "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "project_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "is_active": true,
  "has_test_credentials": true,
  "has_live_credentials": true,
  "created_at": "2023-11-07T05:31:56Z",
  "test_secret_key_masked": "<string>",
  "test_publishable_key_masked": "<string>",
  "test_webhook_secret_masked": "<string>",
  "live_secret_key_masked": "<string>",
  "live_publishable_key_masked": "<string>",
  "live_webhook_secret_masked": "<string>",
  "test_configured_at": "2023-11-07T05:31:56Z",
  "live_configured_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z"
}

Documentation Index

Fetch the complete documentation index at: https://devkit4ai.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

Create or update the Stripe payment configuration for a project. Supports both test and live credentials. This endpoint creates a new configuration if none exists, or updates the existing one.

Authentication

This endpoint requires developer authentication via OAuth2 Bearer Token. You must own the project.

Path Parameters

project_id
string (UUID)
required
The unique identifier of the project

Request Body

All fields are optional. Only provide the credentials you want to configure or update.
test_secret_key
string
Stripe test mode secret key (starts with sk_test_)
test_publishable_key
string
Stripe test mode publishable key (starts with pk_test_)
test_webhook_secret
string
Stripe test mode webhook signing secret (starts with whsec_)
live_secret_key
string
Stripe live mode secret key (starts with sk_live_)
live_publishable_key
string
Stripe live mode publishable key (starts with pk_live_)
live_webhook_secret
string
Stripe live mode webhook signing secret (starts with whsec_)

Example Request

Configure test mode credentials: 
curl -X PUT "https://api.devkit4ai.com/api/v1/payments/stripe/projects/550e8400-e29b-41d4-a716-446655440000/config" \
  -H "Authorization: Bearer {developer_jwt}" \
  -H "Content-Type: application/json" \
  -d '{
    "test_secret_key": "sk_test_51ABC...",
    "test_publishable_key": "pk_test_51ABC...",
    "test_webhook_secret": "whsec_ABC..."
  }'

Example Response

{
  "id": "770e8400-e29b-41d4-a716-446655440000",
  "project_id": "550e8400-e29b-41d4-a716-446655440000",
  "is_active": true,
  "has_test_credentials": true,
  "has_live_credentials": false,
  "test_secret_key_masked": "sk_test_...aBcD",
  "test_publishable_key_masked": "pk_test_...eFgH",
  "test_webhook_secret_masked": "whsec_...iJkL",
  "live_secret_key_masked": null,
  "live_publishable_key_masked": null,
  "live_webhook_secret_masked": null,
  "test_configured_at": "2026-01-24T10:00:00Z",
  "live_configured_at": null,
  "created_at": "2026-01-24T10:00:00Z",
  "updated_at": "2026-01-24T10:00:00Z"
}

Configuration Flow

Getting Stripe Credentials

1

Create Stripe Account

Sign up at stripe.com if you haven’t already.
2

Get API Keys

Navigate to Developers > API keys in the Stripe Dashboard.(((REPLACE_THIS_WITH_IMAGE: stripe-dashboard-api-keys.png: Stripe Dashboard showing API keys section with publishable and secret keys)))
3

Create Webhook Endpoint

Navigate to Developers > Webhooks and create an endpoint using the URL from Get Webhook URLs.
4

Get Webhook Secret

After creating the webhook, reveal and copy the signing secret.

Credential Validation

Before saving, validate your credentials using the Validate Credentials endpoint to ensure they work correctly.

Partial Updates

You can update credentials incrementally. For example, to add live credentials to an existing test configuration: 
curl -X PUT "https://api.devkit4ai.com/api/v1/payments/stripe/projects/{project_id}/config" \
  -H "Authorization: Bearer {developer_jwt}" \
  -H "Content-Type: application/json" \
  -d '{
    "live_secret_key": "sk_live_51ABC...",
    "live_publishable_key": "pk_live_51ABC...",
    "live_webhook_secret": "whsec_XYZ..."
  }'

Error Responses

StatusDescription
401Unauthorized - Invalid or missing authentication
403Forbidden - You don’t own this project
404Project not found
422Validation error - Invalid key format

Security

  • Never commit Stripe secret keys to version control
  • Use environment variables in your application
  • Rotate keys immediately if they are exposed
  • Use test mode keys for development and testing

Get Stripe Config

View current configuration

Validate Credentials

Test credentials before saving

Get Webhook URLs

Get webhook endpoint URLs

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Path Parameters

project_id
string<uuid>
required

Body

application/json

Request to create/update Stripe configuration.

test_secret_key
string | null
test_publishable_key
string | null
test_webhook_secret
string | null
live_secret_key
string | null
live_publishable_key
string | null
live_webhook_secret
string | null

Response

Successful Response

Stripe configuration response with masked credentials.

id
string<uuid>
required
project_id
string<uuid>
required
is_active
boolean
required
has_test_credentials
boolean
required
has_live_credentials
boolean
required
created_at
string<date-time>
required
test_secret_key_masked
string | null
test_publishable_key_masked
string | null
test_webhook_secret_masked
string | null
live_secret_key_masked
string | null
live_publishable_key_masked
string | null
live_webhook_secret_masked
string | null
test_configured_at
string<date-time> | null
live_configured_at
string<date-time> | null
updated_at
string<date-time> | null