Source: https://datafa.st/docs/api/account/integrations/stripe/connect
Markdown source: https://datafa.st/docs/api/account/integrations/stripe/connect.md
Description: Connect Stripe with a restricted API key.

# Connect Stripe

`POST https://datafa.st/api/v1/admin/websites/{websiteId}/integrations/stripe`

Connect Stripe using a restricted API key (`rk_`). DataFast uses it read-only to import revenue for [attribution](/docs/revenue-attribution-guide).

Publishable (`pk_`) and secret (`sk_`) keys are rejected. Test keys are rejected in production.

## Request

#### Path parameters

| Parameter | Type | Required | Description |
| --- | --- | --- | --- |
| `websiteId` | string | — | Website ObjectId. From [List websites](/docs/api/account/websites/list) (`_id` field). Example: `665f0b3c4d2e1a0012345678`. |

#### Body parameters

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| `stripeRak` | string | Yes | Stripe **restricted** key starting with `rk_`. Not `pk_` or `sk_`. [Stripe restricted keys docs](https://stripe.com/docs/keys#limit-access). |

#### Example request body

```json
{
  "stripeRak": "rk_live_..."
}
```

## Response

Returns a JSON object with `status: "success"` and endpoint-specific fields in `data`.

#### Response fields

| Field | Type | Description |
| --- | --- | --- |
| `data[].message` | string | Human-readable confirmation or status message for the operation. |
| `data[].currency` | string | Currency code for money values, such as `USD` or `EUR`. |

### Authentication

Use a `dft_` account token with `settings:write`.

A `df_` website API key for the same website can also call this route when the path `websiteId` matches the key's website. Write access with a `df_` key is capped at **member** level — owner-only actions such as [team management](/docs/api/account/team) require a `dft_` token and owner role.

### Errors

**400** — Invalid key format (must start with `rk_`).

See [API errors](/docs/api#errors) for the standard error envelope, auth failures, validation errors, permission errors, and rate limits.

## Code examples

### Example request

```bash
curl -X POST "https://datafa.st/api/v1/admin/websites/{websiteId}/integrations/stripe" \
  -H "Authorization: Bearer dft_xxx" \
  -H "Content-Type: application/json" \
  -d '{"stripeRak":"rk_live_..."}'
```

### Success response

```json
{
  "status": "success",
  "data": [{
    "message": "Stripe connected successfully",
    "currency": "USD"
  }]
}
```