⌘K
Stripe Permissions Explained
Understand what permissions Revshare needs and why Stripe shows certain messages during connection.
Written by Emil Klitmose
Updated recently
TL;DR: We use read-only permissions. We only receive webhook notifications when sales happen — we don't browse or store your payment history.
What We Need
For affiliate tracking to work, Revshare needs only two things:
- Webhook notifications — When a sale happens, Stripe sends us the payment details
- Account ID — To match webhooks to your program
Why Stripe Shows That Message
Stripe displays “Revshare will be able to see your account data” because the minimum OAuth scope is “read-only” — there's no “webhooks only” option.
We specifically use scope=read_only, which means we cannot create payments or modify your account.
What We DON'T Do
- • We don't browse your payment history
- • We don't store your customer data
- • We don't create charges or payments
- • We don't modify your Stripe account
Note: You can disconnect Revshare from your Stripe account at any time from your Stripe Dashboard under Connected Apps.