Is there a best practice of storing metadata in 3rd party systems?
When we create a payment we use stripe metadata to reference a record in our system like so:
StripePaymentIntent::create([
'amount' => 200,
'metadata' => [
'our_app' => '{'invoice_id': 'invoice_123'}'
]
]);
Because we use stripe connect this will be visible and editable in the user's platform. I feel like this is too open.
The only other way I could think to do this was base64 encoding which would give us something like:
StripePaymentIntent::create([
'amount' => 200,
'metadata' => [
'our_app' => 'eydpbnZvaWNlX2lkJzogJ2ludm9pY2VfMTIzJ30='
]
]);
Has anyone else run into this challenge and how did you/would you solve it.
All input is appreciated.
Many Thanks