Beacon

Stripe & Beacon Connect API

View as Markdown

Stripe & Beacon Connect API

Read-only OAuth for existing Stripe accounts and Beacon Connect endpoints for platforms.

reference • updated 2026-03-18

Objective

Connect existing Stripe accounts through read-only OAuth and accept direct platform push when the linked Stripe account does not expose the full sale.

Stripe OAuth endpoints

EndpointPurposeExpected outcome
POST /api/stripe/oauth/start?org={slug}&mode={test|live}&lang={locale}prepare OAuth connectiontemporary Stripe consent redirectUrl
GET /api/stripe/oauth/start?org={slug}&mode={test|live}&lang={locale}immediate redirect helper302/307 redirect to Stripe
GET /api/stripe/oauth/callback?code=...&state=...internal OAuth callbackdashboard redirect with validated connection

Beacon Connect endpoints

EndpointPurposeExpected outcome
POST /api/platform-connect/verify-mappingvalidate externalOrgRefresolved Beacon organization
POST /api/platform-connect/paymentsingest paymentcreate/enrich Payment and, if sufficient, Sale
POST /api/platform-connect/refundsingest refundcreate PaymentRefund and update status
POST /api/platform-connect/disputesingest disputecreate PaymentDispute and update status
  1. 11) Start OAuth

    Call oauth/start with organization and mode (test|live).
  2. 22) Validate callback

    Beacon validates state, exchanges code for a token, and fails if the returned scope does not include read_only.
  3. 33) Ingest visible Stripe data

    The linked account starts feeding Payment.kind=CHARGE|TRANSFER|PAYOUT, plus financial enrichment from balance_transactions.
  4. 44) Enrich missing sale context

    If the linked account only shows a partial money movement, the platform sends Beacon Connect to complete Sale and fiscal context.

Mandatory validations

  • STRIPE_EXTENSION_ENABLED=true.
  • The OAuth callback must include read_only; Beacon does not treat read_write as a functionally equivalent fallback.
  • providerEventId is required for Beacon Connect.
  • Payment reconciliation priority is: stripeChargeId -> stripePaymentIntentId -> providerEventId -> (platformIntegrationId, externalPaymentId).

OAuth start example

bash
curl -X POST "https://test.beacon.pt/api/stripe/oauth/start?org=acme&mode=test&lang=en" \
  -H "Authorization: Bearer <beacon_session_token>"
json
{
  "ok": true,
  "redirectUrl": "https://connect.stripe.com/oauth/authorize?...",
  "expiresAt": "2026-03-18T11:00:00.000Z"
}

Beacon Connect verify-mapping example

bash
curl -X POST "https://app.beacon.pt/api/platform-connect/verify-mapping" \
  -H "Authorization: Bearer <platform_secret>" \
  -H "Content-Type: application/json" \
  -d '{"externalOrgRef":"seller_org_123"}'

Common failures and mitigation

SignalLikely causeMitigation
OAuth callback failsStripe app is not configured as an Extension or does not return read_onlyfix Stripe configuration and restart the flow
partial payment without Salelimited visibility in the linked accountenrich via Beacon Connect
429 from Beacon Connectintegration quota exceededrespect retryAfterSec and use exponential backoff with jitter