> ## Documentation Index
> Fetch the complete documentation index at: https://help.dsalta.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Stripe

> How DSALTA integrates with Stripe — data collected, setup guide, and automated compliance checks.

## Overview

DSALTA connects to Stripe using read-only API access to collect compliance evidence automatically. Data syncs every 24 hours and feeds into your Data Library modules.

<Info>
  **Read-only access.** DSALTA never modifies, creates, or deletes resources in your Stripe account.
</Info>

<Note>
  **What you'll see.** Stripe exposes no API that lists dashboard members, so DSALTA's Access page shows the **connected account owner** as a single row (the account that authorized the connection) rather than a list of individual people. It auto-upgrades to a full roster only if your Stripe account later uses SSO/SCIM. Because of this, the access checks below — which match Stripe users to your People page by email — may not resolve automatically. Treat the Access list as the connected account and confirm its owner manually. DSALTA also syncs your **Products** and **Webhook endpoints** to the Inventory page.
</Note>

## How to Connect

Stripe connects with a **restricted API key** — there's no app to install.

<Steps>
  <Step title="Create a restricted Stripe API key">
    In the Stripe Dashboard, go to **Developers → API keys** and select **Create restricted key**. A test-mode key (`rk_test...`) works; no paid or enterprise plan is required.
  </Step>

  <Step title="Grant read permissions on the key">
    Grant the key **Read** access on these resources:

    * **Account → Basic Business Contact Information** (Read) — required to show the connected account owner on the **Access** page. Without this exact permission, the Access page will be empty.
    * **Products** and **Webhook endpoints** — populate the **Inventory** page.
  </Step>

  <Step title="Connect">
    In the DSALTA sidebar, go to **Integrations**, find **Stripe**, and click **Connect**. Paste the restricted key in the secure window and submit.
  </Step>

  <Step title="Finish">
    DSALTA runs an initial sync — usually a few minutes — after which the compliance checks below activate.
  </Step>
</Steps>

## Automated Compliance Checks

Each check below runs automatically every 24 hours. Click any check for step-by-step remediation guidance.

| Check                                                                                                                 | Description                                                                       |
| --------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- |
| [User access to Critical System should be valid](/integrations/stripe/user-access-to-critical-system-should-be-valid) | Checks that everyone with Stripe access is an active employee on the People page. |
| [Offboarded users should not have active access](/integrations/stripe/offboarded-users-should-not-have-active-access) | Checks that offboarded employees no longer have active Stripe access.             |

## Troubleshooting

<AccordionGroup>
  <Accordion title="Integration shows Disconnected">
    Re-authenticate from **Integrations → Stripe → Reconnect**. This can happen if the restricted API key was rolled or revoked in the Stripe Dashboard.
  </Accordion>

  <Accordion title="Data is not syncing">
    Confirm the restricted key is still active and carries **Read** access on Account (Basic Business Contact Information), Products, and Webhook endpoints, then trigger a manual sync from the integration settings.
  </Accordion>

  <Accordion title="The Access page is empty">
    The restricted key is missing the **Account → Basic Business Contact Information** (Read) permission. Edit the key in the Stripe Dashboard to grant it, then reconnect.
  </Accordion>
</AccordionGroup>
