Configuration reference

Payments and Integrations

Global keys belong to administrators; manager service credentials are stored separately on each manager account.

Events Plus 0.3.302

Stripe and PayPal

Manager account setup

  1. Open My Events > My Settings.
  2. Open the Stripe or PayPal connection card.
  3. For Stripe, paste a secret key beginning sk_test_ for testing or sk_live_ for live payments.
  4. For PayPal, enter the app Client ID and Secret, then use the matching Sandbox or Live mode on the event.
  5. Save, then configure cost, basis, currency, and provider on the event.

Checkout occurs on the provider’s hosted page. Events Plus stores the resulting transaction summary, not card details.

Test mode and live mode must match. Never test a live checkout casually, and never launch with test credentials.

Airtable

  1. Create an Airtable personal access token with access to the intended base.
  2. Save it under the manager’s My Settings > Airtable.
  3. Edit the event and enable Airtable in the Form tab.
  4. Select the base and table, then map Events Plus fields to Airtable columns.
  5. Use the setup CSV where offered to prepare compatible fields.
  6. Submit a test application and verify the created Airtable record.

A failed Airtable sync should not be treated as proof that the attendee booking failed. Check both the Events Plus attendee list and integration diagnostics.

Mailchimp

  1. Save the manager’s Mailchimp API key in My Settings.
  2. Edit the event and choose the audience/list and tags.
  3. Enable only an explicit attendee opt-in flow.
  4. Make a test opt-in and confirm the member, status, tags, and merge fields in Mailchimp.

Do not automatically subscribe attendees without a valid consent basis.

Firebase Authentication

Administrators configure Firebase under Events > Firebase Auth.

  1. Create or choose a Firebase project.
  2. Enable Email/Password and any intended Google, Facebook, or Twitter providers.
  3. Add the production domain to authorised domains.
  4. Copy the Web API Key, Auth Domain, and Project ID into Events Plus.
  5. Enable only providers configured in Firebase.
  6. Test sign-up, sign-in, sign-out, password reset, and an OAuth account that does not return an email.

Google Maps and reCAPTCHA

Under Events > Event Settings, administrators can add:

  • Maps API key: enable Maps JavaScript API and Places API, restrict it to the site domain, and verify address autocomplete.
  • reCAPTCHA v2 checkbox keys: protect public booking/application and organiser-message forms. Site and secret keys must belong to the correct domain.

Credential handling

  • Use separate test and production credentials.
  • Give tokens the minimum scopes required.
  • Rotate any credential exposed in email, chat, logs, or screenshots.
  • Remove credentials from former manager accounts when no longer needed.
  • Never include secrets in Diagnostics exports or public support posts.