Billing & backend tokens

Two related admin areas live in the Admin Dashboard: Billing (Stripe configuration) and Backend (extension tokens). They're documented together because both control how end users experience the upgrade-and-connect path.

Billing tab

The extension surfaces these via the Stripe Account tab; no Stripe API key is ever exposed to the extension.

Plan-to-Stripe mapping

When a payment completes, Stripe fires a webhook to your Teleperson Edge Function (stripe-webhook). The function:

1. Looks up the customer by stripe_customer_id or customer_email.
2. Maps the Stripe price_id to a Teleperson plan (free, pro, enterprise) via the plan_price_map config in the General tab.
3. Updates users.plan and users.plan_changed_at.
4. Audit-logs the change.

If a user upgrades on Stripe but doesn't appear in your tenant within a minute, check the webhook logs in Supabase.

Backend tab

The Backend tab manages extension tokens — the long-lived tle_… strings the extension sends in the X-TLE-Token header to authenticate to your Supabase backend.

Tokens are stored as SHA-256 hashes, never plaintext. If a user loses their token, it can't be recovered — only revoked and replaced.

Plan gating in Edge Functions

Many features are plan-gated. The pattern in every Edge Function:

const user = await getCallingUser(req);   // resolves token → user_id → plan
if (user.plan === 'free' && featureRequiresPro) {
  return new Response('Premium feature', { status: 402 });
}

402 Payment Required is the convention for plan-gated denials. The extension recognizes this status and surfaces an upgrade prompt that points at the configured Pro upgrade link.

Related

• Stripe Account (end-user) → — what the user sees.
• Authentication → — the X-TLE-Token model.