Security, permissions, and access levels when connecting your Stripe account to a third-party platform

Platforms can request two different levels of permission when connecting with Stripe accounts: read only or read and write.

Read only

This level is often used by services like Baremetrics or Intercom to provide you with deeper views and insights into your Stripe data. They cannot create charges on your behalf.

Read and write

This level is used by platforms like Squarespace or Moonclerk to help their users accept payments online. They will be able to create subscriptions, customers, charges, refunds, and more. They cannot view credit card numbers or copy them off of Stripe.

If a seller needs help with a payment or transaction, the platform’s account owner can look up the details either using the API or by getting a limited view of the user’s Dashboard. This limited view can help the platform troubleshoot with their users if there are any problems. (Note that platforms have always had the ability to create and access data on connected accounts via the API; this new capability allows them to manage the same data via the Dashboard.)

Checking the permission levels of your connected platforms

If you would like to see which platforms you have connected your Stripe account to and what permissions they have, go to the Connect tab in your Dashboard.

Security and revoking access

These platforms connect to Stripe accounts using the industry-standard OAuth 2 protocol, which ensures that you can control what permissions the platform receives and that they access your data securely, and you can revoke access at any time from the Dashboard.