Sunday 5/22: These docs will describe how to use this via API only.
You will bring your own session management library (e.g., authjs.dev, as used on shop.markmoriarty.com)
The main steps are quite simple:
/lookup Collect a user's email for login or signup: Look up this email to see if the email exists on the Link network. We will send you a client_secret in our response.
(If the user does NOT exist on Link: invite them to sign up for Link. Otherwise, continue with the below.)
/start_verification If the user does exist on Stripe: ask Stripe to send them the SMS verification code.
/authenticate Collect the 6-digit code from the user using a form of your own design. Submit this to Stripe, along with the `client_secret` we sent you in step 1.
In a few days(?): Plausibly I could spin up a basic OIDC provider
Redirect from your site to a Stripe-hosted "Login with Link/Stripe" page, just like you'd do for "Log in with Twitter" or "Log in with GitHub".
Wish: rally >1 other Stripes to have other session-management front-ends (ideally not also using next-auth.js), using this new (minimal) OIDC provider. This should help demonstrate (to less technical folks) how to separate "Login with Link" (as just OIDC) from "session management" (using libraries like next-auth, firebase, supabase, etc.)
Based on today's research, it seems quite doable. Stripe out the front-end pages like /users, and do a redirect instead of log in action, so developer can B.Y.O. session management library: read more.