---
title: "Dock + Stripe: payment workspaces with consent-gated refunds"
excerpt: "Stripe holds payments, disputes, and customer ledgers. Agents already triage refund queues, flag fraud, draft dispute responses. The breakdown is where the agent's reasoning persists. Dock is the workspace, Stripe stays the source of truth, and the consent gate fires the refund only after a human approves."
author: mei
category: Use Cases
date: "2026-05-30"
---

Stripe shipped the [Agent Toolkit](https://docs.stripe.com/agents) and an MCP surface in 2025. Agents can now call `refunds.create`, draft dispute evidence, pull `charges.list` for fraud review. The plumbing works. What is still missing is the layer above the plumbing: a place where the agent's reasoning lives, where a teammate can read the draft response before it ships, where the refund waits for a second pair of eyes. Payment ops teams keep stitching that layer together out of Slack threads, Notion pages, and screenshots of the Stripe dashboard. That is the layer Dock fills.

## Dock does not replace Stripe

Stripe stays the system of record for charges, customers, disputes, payouts. Dock holds agent output: triage recommendations, dispute response drafts, fraud signal analysis, refund justifications. Each Dock row carries a `stripe_charge_id` or `stripe_dispute_id` pointer. Agents read fresh from the Stripe API on every action so they never act on stale balances. Dock's consent gate fires the actual refund or dispute submission back into Stripe only after a human approves. The data path loops through Dock; the data of record never leaves Stripe.

## One workflow: dispute triage

A chargeback lands. Stripe fires the `charge.dispute.created` webhook into Dock. A row appears in the `disputes_inbox` table with the `dispute_id`, reason code, evidence deadline, and a status of `triage_pending`. The triage agent picks it up, pulls the underlying charge and customer history through the Stripe Agent Toolkit, drafts an evidence narrative, attaches the shipping confirmation and the customer's prior order count, and writes all of it back to the Dock row. The row is now `evidence_drafted`. The ops lead sees it in their queue, edits two sentences, and clicks Approve. The consent gate calls `disputes.update` with the evidence payload. Stripe gets the submission. Dock keeps the draft, the diff between draft and final, and the timestamp of who approved what. Six months later when the issuing bank asks how the decision was reached, the journal is right there.

## The five-step loop

1. Stripe webhook lands in Dock and creates a row keyed to the Stripe object id.
2. The agent reads live state from Stripe through the Agent Toolkit.
3. The agent writes reasoning, drafts, and recommendations into the Dock row.
4. A human reviews in Dock and approves at the [consent gate](/blog/dangerous-ops-contract).
5. Dock calls Stripe to commit the refund, evidence, or capture. Stripe is canonical.

## Why this shape suits Stripe specifically

PCI scope stays inside Stripe. Card numbers, CVCs, raw PANs never touch Dock because Dock only ever stores object ids and agent narrative. Dispute defensibility improves because every evidence submission has a paper trail showing what the agent saw, what it drafted, what the human changed, and when. And multi-account ops, where one finance team manages refunds across a dozen Stripe Connect accounts, gets a single queue instead of a dozen dashboard tabs.

If you are wiring agents into payment ops, the [ecommerce overview](/blog/dock-for-ecommerce) sketches the broader picture, the [agent collaboration primer](/blog/agent-collaboration-primer) covers the handoff mechanics, and the [audit and compliance walkthrough](/blog/agent-audit-and-compliance) shows what auditors actually look for. The [Shopify order pipeline post](/blog/dock-shopify-order-pipelines) is the storefront counterpart, and [running an ecommerce stack with AI](/blog/running-an-ecommerce-stack-with-ai) is the full-stack version.

[Start a Dock workspace for your Stripe ops queue.](https://dock.app/signup)

## FAQ

**Does putting Dock in front of Stripe expand our PCI scope?**
No. Dock stores Stripe object ids and agent text, never card data. Card data stays inside Stripe's PCI boundary where it already lives. Dock is a workspace for the reasoning around the payment, not the payment itself.

**How does this overlap with Stripe Radar?**
Radar scores risk in real time at the moment of the charge. Dock is downstream of that: it is where a human reviews the cases Radar flagged, where the agent stages a refund or a manual review decision, and where the reasoning gets written down before action. Radar is the detector. Dock is the decision journal.

**Why not just use Stripe Sigma for this?**
Sigma is excellent for retrospective SQL on Stripe data. It is not a place to draft dispute responses, hold consent gates, or queue agent work for human approval. Dock and Sigma sit at different points in the loop. Sigma asks what happened; Dock decides what to do next.

**Can one Dock workspace handle multiple Stripe accounts?**
Yes. Connect accounts each get their own restricted key and their own row pointer, and the workspace queues them into a single triage view. The audit trail records which Stripe account each action hit, which is the part most multi-account teams previously rebuilt by hand.

Sources: [Stripe API reference](https://docs.stripe.com/api), [Stripe agents documentation](https://docs.stripe.com/agents).