Hello all, I’m helping a customer integrate Apple Pay, and I’m seeing a behavior I can’t fully explain. I hope someone here can help clarify whether this is expected or whether it’s a bug / misconfiguration on my side. Currency: RSD (Serbian Dinar) Amount: 3.45 RSD (two decimals) Result: Apple Pay cancels the payment automatically when the amount includes decimals, without even displaying the paymentsheet. Things I have checked: ISO 4217 defines RSD with 2 minor units, so fractional amounts like 3.45 should be valid. Processors treat RSD as a two-decimal currency. Apple’s documentation does not provide a per-currency decimal rule table. In testing, whole-number RSD amounts succeed, while fractional amounts (e.g. 3.45 RSD) fail. I did not encounter this problem with other currencies like EUR, USD. Has anyone encountered this issue before?

'Company A' is scheduled to merge with its parent company, 'Company B'. Both A and B have Apple accounts. A's account has one domain registered for Apple Pay integration, while Account B has no domain registered. We attempted to register A’s domain under B’s account. However, the notification 'Requested domain name has been verified previously.' appeared, and we could not complete the registration. Please confirm whether it is correct that a domain already registered under Account A cannot be registered again under Account B. If we cannot register same domain in two accounts, we believe that the domain registered under A's account must be deleted first and then registered under B's account. In that case, will payments become unavailable immediately upon deletion of the domain, or will payments still be possible for a certain period of time after deletion? In our testing, we found that payments were not blocked immediately, but we would like to confirm further. We are concerned about the possibility of transaction failures during the short period between deleting the domain from A's Account and registering it under B's Account.

Hi Everyone, My team is working on an online marketplace for FMBs in Saudi Arabia (with a plan to expand to other markets later). We are currently working on integrating multiple payment gateways with embedded Apple Pay support into our platform. We’ve encountered an issue with the apple-developer-merchantid-domain-association file. Based on advice from one of our payment partners, we've ensured that the domain association file is uploaded in the correct format. This works successfully with our first payment gateway. However, for the additional payment gateways we are integrating, we would also like to enable Apple Pay with embedded support. The challenge is that each payment gateway requires its own domain verification, but the verification file uses the same file name. This prevents us from supporting multiple gateways on the same domain. Has anyone in the house been able to implement a similar solution, or know how we can best implement this? Please, I'll appreciate advise on how we can configure Apple Pay domain verification to support multiple payment gateways on the same domain? Any specific guidance or best practices would be greatly appreciated. Best regards,

We are an issuer attempting to implement In-App Provisioning of Payment Cards leveraging Mastercard MDES and have successfully obtained our entitlement from Apple, but have not received the documentation titled "Getting Started with Apple Pay In-App Provisioning, Verification & Security". The latest copy I have found has been via Scribd for a version 3.0 from June 2020. I've tried contacting Apple Support and the In-App Provisioning Entitlements group but have had no luck. Thank you!

We’re attempting to call the Apple Pay Web Merchant Registration API using our Platform Integrator flow and consistently receive 401 Unauthorized, despite successful TLS/mTLS. Details: Endpoint: https://apple-pay-gateway-cert.apple.com/paymentservices/registerMerchant (POST) Payload: { "domainNames": ["breakerfy.com"], "encryptTo": "platformintegrator.ai.packman", "partnerInternalMerchantIdentifier": "merchant.ai.packman.1", "partnerMerchantName": "breakerfy", "merchantUrl": "https://breakerfy.com" } Domain association: URL: https://breakerfy.com/.well-known/apple-developer-merchantid-domain-association What we tried: We created a Payment Platform Integrator ID (platformintegrator.ai.packman) We created a CertificateSigningRequest We used the certificate signing request to create an Apple Pay Platform Integrator Identity Certificate and downloaded the signed certificate. We exported the Private Key from keychain access in PKCS 12 format We converted both the private key and the signed certificate to PEM format We created a merchant id We used the converted keys to send requests to the API We received { "statusMessage": "Payment Services Exception Unauthorized", "statusCode": "401" } we also tried curl with the original p12 file and also had no luck. What could be the issue ?

Hi support, I'm getting the following error when I tried to re-verify my domain: Domain verification failed. Review your TLS Certificate configuration to confirm that the certificate is accessible and a supported TLS Cipher Suite is used. I have uploaded the required apple-developer-merchantid-domain-association.txt file and it is reachable from the Internet in the proper location https://www..com/.well-known/apple-developer-merchantid-domain-association.txt. The SSL certificate has been renewed and it offers at least one of required cipher suites based on the Apple document https://developer.apple.com/documentation/applepayontheweb/setting-up-your-server. The current verification will expire soon. Need your help urgently. Thanks, YaoF

Can i use apple pay integration into my web iframe?In my situation, canMakePayment() returns null when i check browser support apple pay or not in Iframe

When I click to my Apple Pay button, my function below doesn't trigger the completeMerchantValidation method as expected, but the oncancel method (which logs errorCode "unknown" in Safari developer tools) : const processApplePayment = async () => { if (window.ApplePaySession) { const session = new window.ApplePaySession(6, { countryCode: 'FR', currencyCode: 'EUR', merchantCapabilities: ['supports3DS'], supportedNetworks: ['visa', 'masterCard'], total: { label: `Bon d'achat ${partnerName}`, type: 'final', amount: cartTotalValue.toString() } }); session.onvalidatemerchant = async event => { try { const merchantSession = await validateMerchantSession(event.validationURL); console.log('merchant session : ', merchantSession); if (!merchantSession) { console.error('Invalid Apple Pay merchant session'); } session.completeMerchantValidation(merchantSession); } catch (error) { console.error('merchant validation error : ', error); session.abort(); } }; session.onpaymentauthorized = async event => { console.log('payment authorization event : ', event); try { const link = await authorizePayment( event.payment.token, userInfo, partnerId, order.id ); console.log('payment authorized link : ', link); window.location.href = link; } catch (error) { console.error('Apple Payment authoriation error : ', error); const errorUrl = `${PATH.EBON_ERROR_PATH}-${partnerId}?paiement=error&orderId=${order.id}`; window.location.href = errorUrl; } }; session.oncancel = event => console.log('Apple Pay cancel event : ', event); session.begin(); } }; The validateMerchantSession function successfully returns this payment session from Apple server : { "epochTimestamp":1739279973502, "expiresAt":1739283573502, "merchantSessionIdentifier":"SSH108C7ED6746A48E38EA8D253D33CCAA5_916523AAED1343F5BC5815E12BEE9250AFFDC1A17C46B0DE5A943F0F94927C24", "nonce":"150de193", "merchantIdentifier":"11CA4E31493E748848A91A0DAB1685A8417C41B62B9863EF59A618B91239471A", "domainName":"lesnumeriques-bonsdachat.htmal1.com", "displayName":"Les Numériques", "signature":"308006092a86...779cd643c000000000000", // long string "operationalAnalyticsIdentifier":"Les Numériques:11CA4E31493E748848A91A0DAB1685A8417C41B62B9863EF59A618B91239471A", "retries":0, "pspId":"11CA4E31493E748848A91A0DAB1685A8417C41B62B9863EF59A618B91239471A" } What could I do wrong and how could I fix it please ?

We are having trouble trying to renew our Apple Pay Merchant Identity Certificate. We can create the CSR file and add to the developer portal. We then convert this to a .pem and then a .p12. When we test the certificate in Postman however, we see the following error: "statusMessage": "Payment Services Exception pspId=xxxx unauthorized to process transactions on behalf of merchantId=xxxx reason=xxxx is not a registered merchant in WWDR and isn't properly authorized via Mass Enablement, either.", "statusCode": "417" We are sending the following POST request to 'https://apple-pay-gateway.apple.com/paymentservices/paymentSession': {"merchantIdentifier": "merchant.com.xxxx.applepaytest", "domainName": "beta-xxxx.com", "displayName": "beta-xxxx.com"} Anyone got any ideas what the issue may be? In the meantime I will look at completing our domain verification as that is also due soon and we thought it may possibly have something to do with the certificate issues we are seeing.

Hi, I’m encountering an issue in my app’s Wallet Extension, specifically within the Non-UI Extension, where we are unable to retrieve payment passes bound to a user’s account. The same code that successfully retrieves these bound cards in the main app does not work when used in the Non-UI Extension. Case-ID: 8932090 Steps to Reproduce: Set up In-App Provisioning: Ensure that the app has the necessary In-App Provisioning permissions. This functionality works correctly in the main app, confirming that the permissions are properly configured. Configure Wallet Extensions: Follow the Wallet Extensions documentation to configure the app, including all required settings for the Non-UI Extension. Add Code to Retrieve Payment Passes: In the main app’s LoginView, implement the following code in the handleLogin() method to retrieve payment passes: // Get the identifiers of payment passes that already exist in Apple Pay. paymentPassLibrary = self.passLibrary.passes(of: .secureElement) for pass in paymentPassLibrary { if let identifier = pass.secureElementPass?.primaryAccountIdentifier { if pass.isRemotePass && pass.deviceName.localizedCaseInsensitiveContains("Apple Watch") { remotePassIdentifiers.insert(identifier) } else if !pass.isRemotePass { passIdentifiers.insert(identifier) } } } Verify Functionality in Main App: Run the app and verify that the code successfully retrieves the payment passes bound to the user’s account. Implement Code in Non-UI Extension: Add the same code to the Non-UI Extension, specifically in the WNonUIExtHandler class within the override func status(completion: @escaping (PKIssuerProvisioningExtensionStatus) -> Void) method. Test in Wallet Extension: Run the Wallet Extension and observe that the payment passes are not retrieved when the code is executed in the Non-UI Extension. Has anyone encountered a similar issue or can provide insight into why the code might not work in the Non-UI Extension compared to the main app? Support Information: iOS Version: 17.5.1 Development environment: Xcode 15.4 (15F31d), macOS 14.3 (23D56) Any help or suggestions would be greatly appreciated. Thank you!

multiTokenContexts is defined as follows (https://developer.apple.com/documentation/passkit/pkpaymentrequest/multitokencontexts) You can assign a value when initializing PKPaymentRequest (https://developer.apple.com/documentation/passkit/pkpaymentrequest). However, in actual usage scenarios, when the Apple Pay address changes and PKPaymentRequestShippingContactUpdate (https://developer.apple.com/documentation/passkit/pkpaymentrequestshippingcontactupdate) is triggered, how to update multiTokenContexts? The documentation and code do not provide updates for this parameter. In contrast, Apple Pay on the Web provides newMultiTokenContexts as an update when ApplePayShippingContactUpdate (https://developer.apple.com/documentation/apple_pay_on_the_web/applepayshippingcontactupdate) is triggered. Has anyone encountered this problem? Would you happen to have any solutions? Thank you.

We have used the ApplePayRecurringRequest parameter required for Apple Pay subscriptions, but during testing the payment, the Apple Pay payment page shown to the user remains the same as the one-time payment page, without any subscription information. Could you please check if there is an issue with our parameters or if there is an issue with the merchantIdentifier being used? Here is the ApplePayRequestData that we are using. { "supportedMethods": "https://apple.com/apple-pay", "data": { "version": 3, "merchantIdentifier": "***", "merchantCapabilities": [ "supports3DS", "supportsCredit", "supportsDebit" ], "supportedNetworks": [ "visa", "masterCard" ], "countryCode": "US", "recurringPaymentRequest": { "paymentDescription": "A description of the recurring payment to display to the user in the payment sheet.", "regularBilling": { "label": "Recurring", "amount": "4.99", "paymentTiming": "recurring", "recurringPaymentStartDate": "2025-06-02T16:00:00.000Z" }, "trialBilling": { "label": "7 Day Trial", "amount": "0.00", "paymentTiming": "recurring", "recurringPaymentEndDate": "2025-06-02T16:00:00.000Z" }, "billingAgreement": "A localized billing agreement displayed to the user in the payment sheet prior to the payment authorization.", "managementURL": "https://applepaydemo.apple.com", "tokenNotificationURL": "https://applepaydemo.apple.com" }, "additionalLineItems": [ { "label": "7 Day Trial", "amount": "0.00", "paymentTiming": "recurring", "recurringPaymentEndDate": "2025-06-02T16:00:00.000Z" }, { "label": "Recurring", "amount": "4.99", "paymentTiming": "recurring", "recurringPaymentStartDate": "2025-06-02T16:00:00.000Z" } ] }

Hey everyone, I wanted to check if anyone else has faced extreme delays when requesting access to Apple Pay Wallet APIs. It was Oct 11 2024 a year ago since we first applied to enable in-app provisioning for virtual cards in our app and we made 1% progress. For context, we already got access from Google for Google Wallet—it was smooth, professional, and timely. But with Apple… it’s been nothing but an endless cycle of waiting. We followed every step, submitted everything correctly, and even called Apple Developer Support multiple times. Their response? "We've escalated it." Again and again. But there’s no real progress. We’re rerouted, ignored, and left in limbo. At this point, I don’t even know if anyone is actually reviewing these requests. If a business like ours—fully compliant and ready to integrate—can’t even get a response in 150 day, how is this process supposed to work? I’m posting this here because I can’t be the only one. Has anyone else faced this? If you finally got access, how did you do it? Because right now, it feels like Apple Pay in-app provisioning is an impossible goal. Hoping someone from Apple sees this and realizes how broken this process is. We’re just trying to innovate and offer Apple users a great experience—why is it so difficult? Looking forward to hearing from anyone in the community who can help, Thanks! 🙏

Hello, I am looking for some help on how to use the Apple Pay Web Merchant Registration API. Have been approved to use the API and attempted to test on a merchant ID set up for testing. Below are steps taken before the request. Create merchant ID com.test.merchant. Create Apple Pay Merchant Identity Certificate for using it with the request via p12. Create Platform Integrator platformintegrator.com.test With the below request, I am getting a 401. Any input would be much appreciated! curl --cert-type P12 --cert cert.p12:{password} -i -d '{\ "domainNames":["customer.test.com"],\ "partnerMerchantName": "customer.test.com",\ "partnerInternalMerchantIdentifier":"customer.test.com"}'\ "encryptTo":"com.test.merchant",\ https://apple-pay-gateway-cert.apple.com/paymentservices/registerMerchant The response: { "statusMessage": "Payment Services Exception Unauthorized", "statusCode": "401" } Also tried using the platformintegrator.com.test for the encryptTo but resulted in a 401 as well.

Hello we are trying to renew our certificates. We are trying to extend the dates of verified domains following the docs https://developer.apple.com/documentation/applepayontheweb/maintaining-your-environment#Renew-Your-Domain-Verification and configure our server with https://developer.apple.com/documentation/ApplePayontheWeb/setting-up-your-server We've downloaded the apple-developer-merchantid-domain-association.txt and update it on their respective locations, click 'ok' button but we get redirected to the main page of the information of the merchant, and it shows the domains without the extending period of time. No popup showing what has failed or what could be the reason of this error, we only get a redirection to the main page.

We have recently begun testing in our production environment and have been unable to push provision any cards, receiving a 500 error: default 11:15:59.136742-0300 PassbookUIService Response: https://pr-pod9-smp-device.apple.com:443/broker/v4/devices/SEID_NUMBER/cards 500 Time profile: 0.486102 seconds { x-conversation-id = "52463d9f488e428f829633a1518ea72d" Vary = "accept-language" Content-Type = "application/json" x-pod = "pr-pod9" x-keystone-correlationid = "058F11DE-839F-47AC-A623-741BF32CEA80" Date = "Thu, 16 Jan 2025 14:15:58 GMT" x-apay-service-response-details = "via_upstream" Content-Length = "81" x-envoy-upstream-service-time = "172" x-pod-region = "paymentpass.com.apple" } { statusCode = 500; statusMessage = "Broker Service Response exception"; } In 05/2024 we received an e-mail from applepayentitlementsapple.com confirming the granting of in-app provisioning entitlements for our production apps. We've already sent a feedback on Feedback Assistant. Here is the code to track: FB16344669. Also, we sent another e-mail to applepayentitlementsapple.com, Case-ID: 11317916, but we haven't received a reply yet. Can you help us? We are concerned, since our pre-certification starts on January 27th. Thanks in advance.

We received a request directly from /apple/notifications. This subscription is not a renewal, but a first-time purchase. We associate the originalTransactionId with the user's ID to identify the subscribed user. However, since we do not have access to the user's ID on our server through this direct request, we are unable to properly process the subscription. How should we handle this type of subscription request? What is the source of this subscription, and why are some users able to bypass in-app purchases for first-time subscriptions and make the purchase directly?

We’ve integrated in-app card provisioning into our application. All required configurations have been completed, including: Token Service Provider (TSP) setup Certificates uploaded to the Apple Developer portal While the card is successfully added to the Wallet app, our application is currently unable to retrieve or read the added passes.

Hello! We use Apple's "master account" scheme to register new clients trough API due to the fact that the number of merchant IDs in a developer account cannot exceed 100 records. It's been almost a year since we successfully used the master account ( ex. "merchant.com.xxx") and register clients via Postman. At the moment, the certificates for the master merchant ID start to expire on July 11 which will affect all customers which is under Master ID. We know that when updating certificates at the identifier level(our master id), new universal identity certificate files that we use to send to the merchants (merchant_id.pem, privkey.key) will be generated for authentication on the merchant side, as well as a new keystore. Since many of our clients are integrated with current files and keystores and have live traffic, we would like to know—is it possible to update certificates on the master account without changing the keystores and certificate identities? The impossibility of this will entail a large gap when switching to new certificates. Thanks in advance for your answer.

Hi team at Apple, here is a scenario we came across: The order of priority of payment methods in Apple Wallet follows: Credit Debit Apple Cash Our app displays a payment sheet that excludes credit cards. Instead of a debit card, the default payment option shown to the user on the payment sheet is Apple Cash. Is this a known issue or have we configured something wrong in our end?