Looking for Advice on Implementing Patreon API for Being a member Management

1

Hello Everyone :hugs:,

I’m seeking for some direction and counsel from this informed group as I work on a project that requires integrating the Patreon an API with my website.

Just to give you some background, Patreon will be used by me to handle membership payments and unique content for my website. By giving Patreon supporters access to my website’s members-only content, I hope to make their experience with me as smooth as possible.

I have the following in mind to facilitate integration:

Verification and Account Linking:

  • I would like to enable visitors to my website to sign in with their Patreon credentials.
  • Their website account should be connected to their Patreon account once they have checked in.

Verification of Membership:

I must confirm each user’s membership status who logs in through Patreon.
Users on my site should be able to access varying degrees of content based on their status as members tier.

  • My website should instantly update when a person modifies or quits their Patreon subscription, depending on their membership tier.

I’ve read everything in the Patreon API docs and understand the basics, but I’m not sure how to go about putting these capabilities into effect in the best way possible.

I also followed this :point_right: https://www.patreondevelopers.com/t/simple-solutions-oauth-and-membership-data/sap-analytics

I’m specifically seeking guidance on:

  • How to manage Patreon’s OAuth authentication safely? :thinking:
  • Efficiently updating and verifying the state of memberships.
  • Keeping track on webhook events to get updates instantly.
  • Anything typical or dangerous that I should watch out for during the integration procedure.

Thank you :pray: in advance.

2

How to manage Patreon’s OAuth authentication safely?

oAuth itself provides enough safety for its authorization flows as it is designed for that purpose. Your main concern would be how to authenticate users on your side in your local system and link those accounts to Patreon accounts. As you have a website, you already have an auth system probably. If so, check if the Patreon members’ emails are verified before linking them to local accounts, and only do so if the Patreon email is marked as verified.

  • Efficiently updating and verifying the state of memberships.

You can combine webhooks and individual calls (for a user) to the api to get their memberships.

  • Keeping track on webhook events to get updates instantly.

There’s nothing greatly different from any other webhook use case across the internet - just make sure that you are processing each payload only once by hashing the data or the unique signatures of the webhook etc in some way and save it somewhere etc.

  • Anything typical or dangerous that I should watch out for during the integration procedure.

Make sure to check the incoming Patreon user’s email before logging him/her in or creating an account. Avoid creating accounts for Patreon users without verified emails.

You can just read the easy-to-read PHP repo for example code. It should make developing your logic much faster.