I have installed Braintree on our system for users subscriptions and everything works well, except for one strange behave of Braintree which is storing payment method without my server-side nonce.
My goal is to let the user have a maximum of 3 payment methods stored on his customer account.
Here is what I expect each time user add a payment method:
Here is what I get after storing first payment method:
As you see Braintree stores payment_method without asking me for step 3. which is not good because then I can not limit the number of payment_methods which stored in the customer profile.
Full disclosure: I work at Braintree. If you have any further questions, feel free to contact support.
It sounds like you are passing a customer ID into the client token generation. As a result, the Drop-in UI displays a customer's stored payment methods and automatically stores any new payment methods added by the customer in your Braintree Vault upon tokenization.
If you are using Drop-in version 1.18.0 or later, you can pass vaultCard as false in the dropin.create option. You could then Vault the card server-side using the store_in_vault_on_success parameter or follow your desired workflow from here.