diff --git a/Civi/Api4/StripePaymentintent.php b/Civi/Api4/StripePaymentintent.php
index 7705b5f5aaa19e77e5050b08012eb35770406d60..4b49e834011866b4dc63e7dbd1473d5fbcfa4570 100644
--- a/Civi/Api4/StripePaymentintent.php
+++ b/Civi/Api4/StripePaymentintent.php
@@ -13,7 +13,10 @@ class StripePaymentintent extends Generic\DAOEntity {
   public static function permissions() {
     $permissions = parent::permissions();
     $permissions['processMOTO'] = ['allow stripe moto payments'];
-    $permissions['processPublic'] = [\CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION];
+    // The "minimum" permission for an API4 call is "access CiviCRM"|"access AJAX API".
+    // We can't remove the requirement for one of those permissions here.
+    // So we specify only 'make online contributions' using alterAPIRoutePermissions hook.
+    // $permissions['processPublic'] = ['make online contributions'];
     return $permissions;
   }
 
diff --git a/docs/faqs.md b/docs/faqs.md
index aed2b6576ad455be087d6fde419bc61c811322f2..f6a53022aace36eab276de4b101193e78a1d2d93 100644
--- a/docs/faqs.md
+++ b/docs/faqs.md
@@ -1,3 +1,10 @@
+# FAQ
+
+## Permissions
+
+To accept payments using Stripe you must have "make online contributions" permission enabled.
+No other permissions are required.
+
 ## Terminology
 
 #### CiviCRM <=> Stripe
diff --git a/stripe.php b/stripe.php
index 2c5ecda01c3f4f5d33326e96008d10d6ecef00a0..d2f91bbfa69418674f4503beab4dd8823fb3a58f 100644
--- a/stripe.php
+++ b/stripe.php
@@ -255,3 +255,18 @@ function stripe_civicrm_permission(&$permissions) {
     $permissions['allow stripe moto payments'] = E::ts('CiviCRM Stripe: Process MOTO transactions');
   }
 }
+
+/**
+ * Implements hook_civicrm_alterApiRoutePermissions().
+ *
+ * @see CRM_Utils_Hook::alterApiRoutePermissions
+ */
+function stripe_civicrm_alterApiRoutePermissions(&$permissions, $entity, $action) {
+  if ($entity == 'StripePaymentintent') {
+    // These actions should be accessible to anonymous users; permissions are checked internally
+    $allowedActions = ['ProcessPublic'];
+    if (in_array($action, $allowedActions, TRUE)) {
+      $permissions = 'make online contributions';
+    }
+  }
+}