Connect platforms can use Stripe.js, the API, or mobile client libraries to securely collect account details from their users.
Before charges and payouts are enabled for connected accounts, Know Your Customer (KYC) requirements must be fulfilled. You can complete this step by providing Stripe with identity verification information about your users, which we then verify. Account Tokens and Person Tokens provide a secure and reliable way to perform this task. Tokens ensure that personally identifiable information (PII) doesn’t touch your servers, so your integration can operate in a PCI-compliant way. These tokens also allow Stripe to more accurately strip tokens detect potential fraud.
ACCOUNT TYPES
Connect platforms can work with three different account types.
The content on this page applies only to Custom accounts.
Tokens can be used only for:
- Legal entity details (information about the business or individual)
- Person details
- Indicating acceptance of the Stripe Connected Account Agreement
Tokens cannot be used for any other account information, including:
- Configuration settings on the account (for example, payout schedules)
- Non-sensitive info on the account (for example, support url, support phone number)
- The country of the connected account
Tokens are created using Stripe.js, the API, or one of the mobile client libraries. The process is effectively the same as tokenizing payment details or external accounts. Your user’s information is sent directly to Stripe and exchanged for a token that can be used in create and update API calls.
Note
French platforms must use account tokens, which are an alternative to the agent model for platform PSD2 compliance. The key benefit of tokens for French platforms is that information is transferred from the user directly to Stripe. Not having to store PII data is still a benefit, but not necessarily a requirement. For platforms in other countries, account tokens are optional but recommended.
Creating and using tokens
Tokens require both client-side and server-side code:
- Create the HTML form that takes the user’s input.
- Add JavaScript that sends the form data to Stripe, receives a token in return, and submits that token to your server.
- Use the token in a server-side Stripe API call.
The example on this page shows how to use account tokens and person tokens. Both types are required when providing legal entity and person details for companies. If you onboard only individuals, you do not need person tokens. Instead, create account tokens and pass the individual hash on the Account object to provide the required information.
The first step is to create an HTML form that collects the required information for the account and the person. This includes acceptance of the Stripe Connected Account Agreement.
Collecting account and person details
Create form elements to collect the required information, such as name, address, and anything else that’s required in the user’s country.