[FEATURE] Recipe/Add-on — Stripe Checkout Integration for SEA Payments #633
Description
Summary
Create a community-supported recipe (add-on) that enables Summit Events App (SEA) orgs to accept payments via Stripe Checkout during event registration. SEA should redirect registrants to a Stripe-hosted checkout page and then return them to SEA, capturing only the minimal payment details needed to satisfy SEA fees and record a payment.
Why this is needed
SEA supports paid events and includes the ability to record payments, but it does not ship with a native gateway integration. SEA explicitly anticipates external gateway connections via an Event-level “Payment Gateway” field that points to a Visualforce page used for payment redirection; external code can then receipt the transaction on the SEA payment object and send the registrant back to confirmation.
Salesforce.org Open Source Commons
Most groups running events need to collect fees, and Stripe is a common gateway—a simple, repeatable recipe would reduce custom one-off builds.
Goal
Provide an easy, secure way for orgs using SEA to:
- Configure Stripe (test/prod) once
- Enable Stripe Checkout for an event by setting the SEA “Payment Gateway” field
- Redirect registrants to Stripe Checkout and back to SEA
- Record a successful payment against the correct SEA Registration/Fees
- Avoid handling/storing any card data (PCI handled by Stripe-hosted Checkout)
Non-goals / Out of Scope
- Building a full “payments module” inside the managed package
- Storing or processing card details in Salesforce (no PCI scope expansion)
- Subscriptions, invoicing, refunds automation, or complex ticketing
- Supporting every gateway (focus is Stripe-first recipe)
Proposed Solution (Recipe + Optional Add-on Metadata)
Core flow (Registrant experience)
- Registrant completes SEA registration steps and reaches payment step for event fees.
- SEA redirects to a configured Visualforce “Payment Gateway” page (provided by the add-on/recipe).
Salesforce.org Open Source Commons - VF/Apex creates a Stripe Checkout Session for the calculated outstanding amount(s).
- Registrant pays on Stripe-hosted Checkout.
- Stripe redirects to SEA confirmation (or the configured SEA success page), returning only:
-- Checkout Session ID (or PaymentIntent ID)
-- Status (success/cancel)
-- Registration identifier (or an opaque token that maps to it) - -Salesforce confirms payment (via webhook and/or server-side verification), then:
- Writes a record to the SEA Payment object
- Marks the fee(s) as satisfied so SEA can complete the registration
Reliability note
Redirects alone are not a perfect source of truth. The recipe should include a Stripe webhook handler (e.g., checkout.session.completed) to reliably finalize payment status and avoid edge cases (user closes browser, network issues, etc.).
Data Handling Requirements (Minimal + Aligned to SEA)
Store only what SEA needs to consider fees “paid” and for basic reconciliation:
SEA Registration reference (ID)
Amount paid + currency
Stripe transaction identifier (Checkout Session ID and/or PaymentIntent ID)
Payment status (Succeeded / Failed / Canceled)
Timestamp
Optional: receipt URL (or a link to Stripe dashboard), payer email (if needed)
No card details, no sensitive payment instrument data.
Configuration (Admin experience)
The recipe should document setup steps similar to other SEA “recipes” content.
Salesforce.org Open Source Commons
Suggested configuration items:
Stripe mode: Test vs Live
Stripe Secret Key storage (recommended: Named Credential / protected config)
Webhook signing secret storage (protected config)
Success/Cancel return URLs (SEA-friendly)
Event-level enablement by setting SEA Event “Payment Gateway” = <VF_PAGE_NAME>
Salesforce.org Open Source Commons
Security & Compliance Considerations
Stripe keys and webhook secrets must be stored securely (no hardcoding)
Webhook endpoint must verify Stripe signature
Guest user/Experience Cloud execution context must be considered (permissions to create/read the SEA payment record and related fee/registration records)
Ensure no PII leakage in URL parameters; prefer opaque tokens / state parameter
Acceptance Criteria
Admin can follow the recipe to connect an org to Stripe (test mode) and complete a successful payment
When an event has fees configured and Payment Gateway VF page set, registrants are redirected to Stripe Checkout and returned to SEA
A successful payment results in a record on the SEA Payment object and fees are satisfied so SEA completes registration
Salesforce.org Open Source Commons
A canceled/failed payment returns registrant to SEA in a state that clearly indicates payment is still due (no false positives)
Webhook verification is implemented and documented
Documentation includes troubleshooting steps and a sandbox-first warning (consistent with Recipes guidance)
Salesforce.org Open Source Commons
Suggested Deliverables
Documentation recipe page: “Stripe Checkout Payments” (with setup + metadata deployment steps)
Reference implementation (unmanaged metadata or separate add-on repo):
Visualforce Payment Gateway page + Apex controller
Webhook endpoint (Apex REST) + verification logic
Config (custom metadata/custom setting) + sample permission sets
Test coverage and a basic “how to test” checklist (Stripe test cards, Stripe CLI webhook forwarding)
Context / References
SEA docs explain the intended gateway extension pattern: Event “Payment Gateway” → Visualforce redirect → external code receipts payment on SEA payment object and returns to confirmation.
Salesforce.org Open Source Commons
SEA encourages community “recipes” to extend functionality and requests sandbox testing for recipes.
Salesforce.org Open Source Commons
Summit Events App repo: SFDO-Community/Summit-Events-App.
GitHub