Purpose
Explain the design rules behind the PayPress installation UUID.
Overview
The installation UUID is the stable identity PayPress uses to mark outgoing Stripe Checkout objects and validate incoming webhook events.
How It Works
The UUID is generated once when missing or invalid. It is then stored and reused. URL changes create diagnostics but should not replace a valid UUID.
Important Components
- UUID option.
- Stored home URL option.
- Identity getter.
- Persistence verification.
- Diagnostics: identity created, read, missing, persistence failed, stored home URL changed.
Data Flow
Read option -> validate UUID -> reuse if valid -> generate only if missing/invalid -> persist -> attach to Stripe metadata -> compare during webhook processing.
Security Considerations
A stable UUID prevents cross-site payment contamination. A transient UUID that fails to save must not be returned as authoritative identity.
Known Limitations
There is no full clone-management UI yet. Cloned/staging sites need careful operational handling when sharing Stripe credentials.