Skip to main content

Source: ocean/docs/STRIPE_WEBHOOK_SETUP.md | ✏️ Edit on GitHub

Stripe Webhook Setup Guide

This guide explains how to set up the Cloudflare Worker that syncs new Supabase users to Stripe.

Overview

When a new user signs up:

  1. Supabase creates the user and organization
  2. Supabase webhook triggers the Cloudflare Worker
  3. Worker creates a Stripe customer with all metadata
  4. Worker updates the organization with the Stripe customer ID

Setup Steps

1. Configure GitHub Secrets

Set these secrets in your GitHub repository for CI/CD deployment:

# Staging secrets
gh secret set STRIPE_SECRET_KEY_STAGING
gh secret set STRIPE_WEBHOOK_SECRET_STAGING
gh secret set WEBHOOK_SECRET_STAGING
gh secret set SUPABASE_SERVICE_ROLE_KEY

# Production secrets (when ready)
gh secret set STRIPE_SECRET_KEY_PRODUCTION
gh secret set STRIPE_WEBHOOK_SECRET_PRODUCTION
gh secret set WEBHOOK_SECRET_PRODUCTION

2. Deploy the Cloudflare Worker

The worker deploys automatically via GitHub Actions when:

  • Changes are pushed to cloudflare/worker/**
  • Manually triggered via GitHub Actions

To trigger manual deployment:

gh workflow run deploy-cloudflare-worker.yml

3. Configure Supabase Webhook

  1. Run the migration to create the webhook function:

    supabase db push

  2. Go to your Supabase Dashboard

  3. Create a new webhook:

    • Name: new-user-stripe-sync

    • Table: auth.users

    • Events: INSERT

    • Type: HTTP Request

    • URL: https://ocean-stripe-webhook-staging.{your-cf-account}.workers.dev

    • HTTP Headers:

      Authorization: Bearer {your-webhook-secret}
      Content-Type: application/json

    • Enable: Yes

4. Test the Integration

  1. Create a test user through your signup form
  2. Check Cloudflare Worker logs: wrangler tail --env staging
  3. Verify in Stripe Dashboard that customer was created
  4. Check Supabase organizations table for stripe_customer_id

Environment Configuration

Staging Environment (Configured)

  • Cloudflare Account: 8fa97474778c8a894925c148ca829739
  • Worker URL: https://ocean-stripe-webhook.staging.goldfish.io
  • Stripe Test Key: Set via environment variable or deploy script
  • Stripe Webhook Secret: Set via environment variable or deploy script
  • Log Level: warn

Production Environment

  • Worker URL: https://ocean-stripe-webhook.goldfish.io
  • Uses Stripe live keys (sk_live_...)
  • Log Level: error

Switching Between Environments

To switch from staging to production:

  1. Deploy to production:

    pnpm run deploy:production

  2. Update Supabase webhook URL to production worker URL

  3. Ensure production secrets are set (especially STRIPE_SECRET_KEY)

Monitoring

  • Cloudflare Logs: wrangler tail --env staging
  • Supabase Webhook Logs: Dashboard > Database > Webhooks > View logs
  • Stripe Logs: Stripe Dashboard > Developers > Logs

Data Synced to Stripe

Each Stripe customer is created with:

  • Email
  • Full name (from first_name + last_name)
  • Metadata:
    • supabase_user_id: User ID from Supabase
    • organization: Organization name
    • industry: Selected industry
    • hosting_region: Selected region
    • organization_id: Organization ID from Supabase

Troubleshooting

  1. Webhook not triggering: Check Supabase webhook is enabled and URL is correct
  2. 401 Unauthorized: Verify WEBHOOK_SECRET matches in both Worker and Supabase
  3. Stripe errors: Check Stripe API key is valid and has correct permissions
  4. Worker errors: Use wrangler tail to see detailed logs