stripe subscription billing

Item: stripe subscription billing
Rating: 9.2
Author: Implexa

add recurring subscription billing with stripe: customer, checkout, webhook reconciliation, idempotency. trigger when a builder says "add subscription billing", "charge customers monthly", or "set up stripe subscriptions".

view source

installs

stars

karma

SkillRank score ↗

9.2/ 10

evaluated by implexa, curated · 2026-05-30

add recurring subscription billing with stripe: customer, checkout, webhook reconciliation, idempotency

structure

9.5

trigger phrases

9.0

procedure

9.5

edge cases

9.0

documentation

9.0

strengths

view original SKILL.md from implexaclick to expand

---
description: add recurring subscription billing with stripe. customer, checkout, webhook reconciliation, idempotency. trigger on "add subscription billing", "charge customers monthly", "set up stripe subscriptions".
---

# stripe subscription billing

stand up monthly subscription billing without hallucinating the webhook path. uses the verified @stripe/stripe-node module.

## intent

take a builder from "i need to charge customers monthly" to a working subscription + webhook flow that reconciles state correctly. the failure mode this prevents: a generated billing flow that never verifies the webhook signature, so payment state silently drifts.

## inputs

- a stripe account with a price id for the plan
- STRIPE_SECRET_KEY and STRIPE_WEBHOOK_SECRET in env
- a server route that can receive the webhook (raw body, not parsed json)

## procedure

### step 1, create the customer

```js
const stripe = require('stripe')(process.env.STRIPE_SECRET_KEY);
const customer = await stripe.customers.create({ email });
```

### step 2, start the subscription via checkout

use checkout for the first subscription, it handles SCA + card collection.

```js
const session = await stripe.checkout.sessions.create({
  mode: 'subscription',
  customer: customer.id,
  line_items: [{ price: PRICE_ID, quantity: 1 }],
  success_url, cancel_url,
});
```

### step 3, verify and handle the webhook (the part the model skips)

the raw body and the signature header are mandatory. never trust an unverified webhook.

```js
const event = stripe.webhooks.constructEvent(rawBody, sig, process.env.STRIPE_WEBHOOK_SECRET);
if (event.type === 'invoice.paid') { /* mark active */ }
if (event.type === 'customer.subscription.deleted') { /* mark canceled */ }
```

### step 4, make it idempotent

webhooks retry. dedupe on event.id before mutating state.

## decision points

- test vs live: keys are environment-scoped, never mix them.
- proration: set proration_behavior explicitly on plan changes, the default surprises people.
- trials: trial_period_days on the subscription, not a manual timer.

## output contract

a subscription row in your db driven by webhook events, an idempotent handler, and signature verification on every webhook. no payment state set from client-side success_url alone.

## outcome signal

success means a real test-mode subscription advances from incomplete to active to canceled purely from webhook events, with zero state set client-side. if state ever changes without a verified webhook, the flow is wrong.

verified modules

packages this skill wraps, with implexa trust tiers

npmunverified

stripe

^22.0.0

related skills

semantically similar in the cross-vendor index

smithery

76% match

stripe-integration

Get paid from day one. Payments, subscriptions, billing portal, webhooks, metered billing, Stripe Connect. The complete guide to implementing Stripe correctly, including all the edge cases that will b

don't have the plugin yet? install it then click "run inline in claude" again.

added explicit setup guidance for environment variables and raw body handling, detailed decision points for test vs live keys and webhook retries, expanded output contract with required db fields, edge cases including rate limits and auth scenarios, and idempotency step broken out with atomic storage requirement.

stripe subscription billing

stand up monthly subscription billing without hallucinating the webhook path. uses the verified @stripe/stripe-node module.

intent

take a builder from "i need to charge customers monthly" to a working subscription and webhook flow that reconciles state correctly. the failure mode this prevents: a generated billing flow that never verifies the webhook signature, so payment state silently drifts out of sync with stripe's truth. use this skill when a builder says "add subscription billing", "charge customers monthly", or "set up stripe subscriptions".

inputs

stripe account with an active price id for the plan (from stripe dashboard)
environment variables: STRIPE_SECRET_KEY (sk_test_* or sk_live_*) and STRIPE_WEBHOOK_SECRET (whsec_*)
a server route that can receive raw http body (not pre-parsed json) for webhook verification
@stripe/stripe-node module installed (npm install stripe)
a database table or collection to store subscription state (customer_id, subscription_id, status, last_webhook_event_id)

procedure

create the stripe customer
- input: builder's customer email address
- call stripe.customers.create({ email })
- output: customer object with customer.id (e.g. cus_ABC123)
- store customer.id in your db for later webhook matching
create a checkout session for subscription
- input: customer.id from step 1, PRICE_ID from stripe dashboard, success_url and cancel_url strings
- call stripe.checkout.sessions.create with mode: 'subscription', customer: customer.id, line_items: [{ price: PRICE_ID, quantity: 1 }]
- output: session object with session.url (the checkout link to send to customer)
- redirect customer to session.url, do not set subscription state active until webhook confirms
set up webhook endpoint (raw body required)
- input: a POST route on your server (e.g. /webhooks/stripe)
- configure stripe dashboard to send events to this url
- capture the raw request body before any json parsing middleware (express: bodyParser.raw({ type: 'application/json' }))
- output: server listening and stripe dashboard confirms endpoint is active (green checkmark)
verify and process webhook events
- input: raw http body, Stripe-Signature header from incoming request, STRIPE_WEBHOOK_SECRET
- call stripe.webhooks.constructEvent(rawBody, signatureHeader, secret) to verify
- on invoice.paid event: set subscription status to active in your db
- on customer.subscription.deleted event: set subscription status to canceled in your db
- on invoice.payment_failed event: log failure and optionally notify customer
- output: subscription row updated with the new status and event timestamp
implement idempotency guard
- input: event.id from the verified webhook event
- check if event.id already exists in your events log or subscription history
- if yes, return 200 ok without re-processing (do not mutate state)
- if no, process the event and store event.id
- output: each webhook processed exactly once, even if stripe retries

decision points

test vs live keys: environment variables must match your stripe account mode. never mix sk_test_* and sk_live_* in the same deploy. set STRIPE_SECRET_KEY to the correct key for your environment.
proration on plan changes: if builder wants to let customers switch plans mid-month, set proration_behavior explicitly ('create_prorations', 'none', or 'always_invoice') on the subscription update call. the stripe default surprises people.
trials: use trial_period_days on the subscription create or update, not a manual timer in your db. stripe handles the transition from trial to active automatically.
webhook timeout: stripe expects a 2xx response within 5 seconds. if your webhook handler queries a slow db, move the mutation to a background job and respond 200 immediately.
webhook retries: stripe retries failed webhooks up to 5 times over 3 days. if your idempotency check fails, the retry will be ignored (correct). if it passes, the event processes again (wrong). store event.id atomically with your state mutation.
rate limits: stripe allows 100 requests per second on test and live. batch customer creates if importing users. handle rate limit response (429 status) with exponential backoff.
auth expiry: stripe keys never expire, but if a builder rotates keys, old endpoints stop working. if webhooks stop arriving, check the endpoint url and active key in stripe dashboard.

output contract

success is a subscription row in your database with these fields:

customer_id: stripe customer id (cus_*)
subscription_id: stripe subscription id (sub_*) set only after invoice.paid webhook
status: one of 'incomplete', 'active', or 'canceled', updated only by verified webhook events
last_event_id: the stripe event.id of the last processed webhook
created_at, updated_at: timestamps

the webhook handler must verify the signature with constructEvent() before any logic. no payment state set from client-side success_url alone. all state mutations must be idempotent and driven by verified events.

outcome signal

success means a test-mode subscription created via checkout advances from incomplete (before payment) to active (after invoice.paid webhook) to canceled (after customer.subscription.deleted webhook) purely from webhook events, with zero state set client-side. if you see a subscription status change without a corresponding verified webhook event in your logs, the flow is broken. test by creating a subscription in test mode, viewing the webhook delivery logs in stripe dashboard, and confirming each event matches a db mutation with the same event.id.

credits: original skill by implexa.