Stripe integration

Edit: this has now been resolved in the latest version of F&E (dated April 2024) that now uses Stripe client-side tokenization.  We have it working as expected in a test environment. 

Hi all

We are in the process of linking F&E to Stripe (test mode for now) to take credit card transactions.  In the Payment Processor I have set the Stripe Service Key field to the Stripe Publishable Key value. The API Key field has been set to the Stripe Secret Key value.  This is not well documented, but @chrisw_tes advised this was working correctly for them in another post in this forum.  These API credentials have been transferred into Azure as per the documentation.  When I add a Stripe test credit card to a transaction (stage 1), it completes successfully and I can see a token has been returned in the Stripe logging.  When I process the transaction (stage 2), if fails with "Unsuccessful response from Stripe - secret_key_required".  I can see a similar error in the Stripe logging - suggesting a publishable API key has been used instead of a secret key, incorrectly.  But the POST did include the token created in stage 1.  

So I tried setting both values in the Payment Processor to the secret key - but then the addition of the credit card (stage 1) fails, suggesting that "sending credit card numbers directly to the Stripe API is generally unsafe".  Please can anyone offer some advice here - is F&E using the wrong key in stage 2 and this is a bug?  Or have I made a mistake in the config somewhere? 

Many Thanks!

Added a couple of members who have commented on Stripe in this forum:  BobKanzler jjbh_ as they might well have some further insight!  Thanks!