I have installed Braintree on our system for users subscriptions and everything works well, except for one strange behave of Braintree which is storing payment method without my server-side nonce.
My goal is to let the user have a maximum of 3 payment methods stored on his customer account.
Here is what I expect each time user add a payment method:
- server generates and sends the SDK to client-side
- client sends me nonce
- server sends a nonce and customer id to Braintree
- Brain tree store payment method of customer
Here is what I get after storing first payment method:
- server generates and sends the SDK to client-side
- client sends me nonce
- Brain tree already stored the payment method of the customer!
As you see Braintree stores payment_method without asking me for step 3. which is not good because then I can not limit the number of payment_methods which stored in the customer profile.
Full disclosure: I work at Braintree. If you have any further questions, feel free to contact support.
It sounds like you are passing a customer ID into the client token generation. As a result, the Drop-in UI displays a customer's stored payment methods and automatically stores any new payment methods added by the customer in your Braintree Vault upon tokenization.
If you are using Drop-in version 1.18.0 or later, you can pass
vaultCardasfalsein thedropin.createoption. You could then Vault the card server-side using thestore_in_vault_on_successparameter or follow your desired workflow from here.