ring buoy grey question Stripe subscription states and Desc People Against Passwords #ask-a-descoper

:ring_buoy::grey_question:Stripe subscription stat...

thousands-alarm-31103

06/06/2023, 8:07 PM

🛟❔Stripe subscription states and Descope user creation and state management Edge case of concern: User cancels subscription to our club, then buys a new subscription. See sub thread…

thousands-alarm-31103

06/06/2023, 8:08 PM

message has been deleted

thousands-alarm-31103

06/06/2023, 8:08 PM

We are setting up the webhooks between our stripe instance and Descope for user creation and management.

thousands-alarm-31103

06/06/2023, 8:09 PM

We use phone number for our OTP. Phone number is the id

Copy code

[
	{
		"identifier": "+19015799974",
		"displayName": "Thor Von Priestly",
		"phonenumber": "+19015799974",
		"verifiedPhone": true,
		"status": "enabled"
	  }
	]

thousands-alarm-31103

06/06/2023, 8:10 PM

Question: Given that we are setting canceled users to inactive rather than deleting them, are we headed for an issue if a user cancels a membership, then buys a new one on the same phone number where we have an inactive user already using that phone number as their id?

breezy-evening-56597

06/06/2023, 9:18 PM

Yes Laura. LoginID is unique, so that will create a problem. Best would be to re-enable them and then activate their subscription. Otherwise you'll need to delete them, which i guess is not ideal.

thousands-alarm-31103

06/06/2023, 9:19 PM

Depends on our position about what cancelation means.

thousands-alarm-31103

06/06/2023, 9:21 PM

Given that stripe has a paused state which can be triggered by: • Payment processing failure • CC information exp • User choice • Merchant choice We are in the position to support a temp condition where the user has access revoked but then programmatically reinstated.

thousands-alarm-31103

06/06/2023, 9:22 PM

If a customer is in a canceled state the following has happened: • Voluntary cancelation of membership • We canceled them for: ◦ Non Payment ◦ Violations of our TOS or Member Code of Conduct

thousands-alarm-31103

06/06/2023, 9:23 PM

My leaning presently is to treat canceled as a delete of the user in Descope.

thousands-alarm-31103

06/06/2023, 9:23 PM

The log of the user will exist for auditing, and the ID will get freed.

thousands-alarm-31103

06/06/2023, 9:25 PM

Thank you for your answer — That will help me with policy creation for membership

breezy-evening-56597

06/06/2023, 9:26 PM

Sure thing! Do you have any estimation of scale of such scenarios?

breezy-evening-56597

06/06/2023, 9:26 PM

remember that the new user will be generated with a new user ID as well.

thousands-alarm-31103

06/06/2023, 9:27 PM

None at this point

👍 1

thousands-alarm-31103

06/06/2023, 9:27 PM

Currently user ID and phone number match

thousands-alarm-31103

06/06/2023, 9:27 PM

The json payload we are using currently injects the phone number as the userID rather than a random ID

thousands-alarm-31103

06/06/2023, 9:28 PM

Are we making a poor life choice?

thousands-alarm-31103

06/06/2023, 9:29 PM

Our Auth use case is OTP via SMS

breezy-evening-56597

06/06/2023, 9:31 PM

think you mean LoginID. which can be phone or email. In that case - that's a good life choice. I was talking about the Descope User ID

thousands-alarm-31103

06/06/2023, 10:03 PM

birthday party parrotYey for good life choices.

😂 3

Open in Slack

Previous Next