Hello, we are trying to extend the dates of verified domains following the docs of https://developer.apple.com/documentation/applepayontheweb/maintaining-your-environment#Renew-Your-Domain-Verification and configured the server following https://developer.apple.com/documentation/ApplePayontheWeb/setting-up-your-server we've download the apple-developer-merchantid-domain-association.txt and update them on their respective locations, click 'ok' button and we get redirected to the main page of the merchant certificate, but the expiration dates have not been extended, we can see on our web crawler that Apple Requested the file and it return a 200. No popup errors are shown, no console developer error we only get redirected to the merchant certificate information page.

We are seeking assistance with an issue encountered during the integration of Apple Pay into our web application using the third-party payment gateway Heartland. Our application uses JavaScript on the client side and PHP on the server side. Despite following all the guidelines provided by Heartland, we are unable to validate the merchant at the backend. The validation consistently returns false. We request your guidance or a step-by-step solution to help resolve this issue. Steps Followed: Registered a merchant identifier in our Apple Developer account. Enabled the Apple Pay Processing Certificate for the merchant. Logged into the Heartland account, accessed the Apple Pay setup page from the "Keys and Credentials" section, and created a Certificate Signing Request (CSR). Uploaded the CSR from Heartland to the Apple Pay Processing Certificate in the Apple Developer account. Downloaded the signed certificate from the Apple Developer account and uploaded it to Heartland. For the web application: Registered the merchant identifier and validated our domain in the Apple Developer account. Created a Merchant Identity Certificate linked to the same merchant identifier. Followed the same steps 2–5 from the in-app implementation. Code Implementation: Client-Side (React): import React from 'react'; const Button = () => { const initializeApplePay = () => { if (window.ApplePaySession && window.ApplePaySession.canMakePayments()) { const paymentRequest = { countryCode: 'US', currencyCode: 'USD', supportedNetworks: ['visa', 'masterCard', 'amex'], merchantCapabilities: ['supports3DS'], total: { label: 'Your Store', amount: '1.00' }, }; const session = new window.ApplePaySession(3, paymentRequest); // Merchant Validation session.onvalidatemerchant = (event) => { fetch('https://staging-api.parkengage.com/apple-pay-session', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ initiative: 'web', initiativeContext: 'parkengage.com', validationURL: event.validationURL, }), }) .then((response) => response.json()) .then((data) => { if (data.error) { console.error('Merchant validation failed:', data.error); } else { session.completeMerchantValidation(data); } }) .catch((error) => console.error('Validation error:', error)); }; session.onpaymentauthorized = (event) => { const paymentToken = event.payment.token; fetch('/process-payment', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ token: paymentToken }), }) .then((response) => response.json()) .then((data) => { if (data.success) { session.completePayment(window.ApplePaySession.STATUS_SUCCESS); } else { session.completePayment(window.ApplePaySession.STATUS_FAILURE); } }) .catch((error) => console.error('Payment error:', error)); }; session.begin(); } else { console.log('Apple Pay is not supported on this device.'); } }; return ( Buy with Apple Pay ); }; export default Button; Server-Side (PHP cURL): curl 'https://staging-api.parkengage.com/apple-pay-session' -X 'POST' -H 'Content-Type: application/json' --data-binary '{ "initiative": "web", "initiativeContext": "https://parkengage.com", "validationURL": "https://apple-pay-gateway-cert.apple.com/paymentservices/startSession" }' Issue: The merchant validation fails and returns false. Please guide us on troubleshooting this issue or provide insights on missing configurations.

We are looking for sample payload for merchant registration API. We have tried to test the api and getting an error. Request: curl --location 'https://apple-pay-gateway-cert.apple.com/paymentservices/registerMerchant' --header 'Content-Type: application/json' --data '{ "domainNames": "https://checkout.dev.sandbox-netvalve.com", "encryptTo": "platformintegrator.com.netvalve.uat", "partnerInternalMerchantIdentifier": "merchant.test.netvalve", "partnerMerchantName": "Test" }' Response: { "statusMessage": "Payment Services Exception invalid or Malformed Json Received", "statusCode": "400" }

I am working on implementing merchant token notifications. When calling this endpoint https://developer.apple.com/documentation/merchanttokennotificationservices/merchant-token-event-retrieval, the result contains a CardMetadata object with an expirationDate field (see https://developer.apple.com/documentation/merchanttokennotificationservices/cardmetadata). What is the format of this field? The spec only mentions that it has a maximum length of 8 characters.

We are trying to develop a coupon/offer code module where our app users can avail a free trail offer for 2 months period after applying the code. We already had a subscription module with monthly & yearly subscriptions with 7 day free trial period. Now, we want to implement a offer/coupon module, where, a user can either select monthly or yearly subscription, and upon entering the offer/coupon code, they will get 2 months free trial (or) a discount on the chosen subscription. (this will overwrite the existing 7 day free trial). We are confused on choosing the type of “offer/coupon” from AppStore connect. In App Store connect, we have introductory offers, promotional offer & Offer codes. Based on our requirements, we have done research and found that we cannot implement the offer code & promotional codes in the develop environment as there is no possibility to test in Sandbox environment. We observed that we need to push the app to App store and upon approval, we need to implement “offer/coupon” module. Can some one please suggest or guide us on choosing the best solution for our requirement? Thanks in advance.

Apple pay working as except with in a domain, when we tried to access in cross domain works with simulations wallet cards . when i try to using in real cards it fails. did anyone encounter this issue? Thanks in advance for your help!

你好，我们6月1日收到比较多的韩国用户反馈购买我们的内购以后，系统会在稍后的几分钟再次多次从用户的卡里扣出相应的款项，但是我们没有办法第一时间反馈给你们，导致很多用户流失，请问我们怎么才能第一时间联系到你们，还有我们怎么才能第一时间知道是你们的系统是否某个功能出了问题，是否也有相应的论坛我们可以第一时间看到你们相关问题的报道，这样我们排查问题就没那么辛苦，感谢

Hello Apple Developer Team/Community, I am working on developing an Apple Wallet pass with NFC functionality for our electric vehicle (EV) charging stations. The goal is to enable a "tap-to-start charging" feature, providing a seamless and efficient experience for users. However, my request for an NFC certificate to enable this functionality has been rejected. Here is a summary of my use case and actions taken so far: 1. Use Case: The Wallet pass will allow users to initiate charging sessions by tapping their iPhones or Apple Watches on the EV charger. This feature aims to simplify the process by eliminating the need for additional apps, physical cards, or manual inputs. It enhances accessibility and aligns with Apple’s goals of providing users with secure and convenient solutions. 2. Steps Taken: Submitted the NFC certificate request with a detailed explanation of the functionality. Included diagrams and supporting documents demonstrating the workflow and system readiness. Received a rejection without clear guidance on how to address the issue. 3. Technical Readiness: Our backend is fully prepared to support NFC passes, including secure processing of tap events and payload encryption. The Wallet pass has been configured to include the nfc field with the required encryptionPublicKey. Request for Assistance: Could you provide guidance on improving my application to meet Apple’s criteria for NFC certificates? Are there specific requirements or examples of successful NFC-enabled Wallet pass applications that I can use as a reference? If anyone has faced a similar rejection, what steps did you take to get approval? Additional Information: Use case: EV charging stations NFC functionality: Tap-to-start charging session Current implementation: Pass is functional without NFC but requires NFC for seamless operation. Any advice or resources to help resolve this issue would be greatly appreciated. Thank you for your time and support. Best regards, DeveloperSquillion

我是一个银行app开发人员，请问怎么将银行名称显示在苹果钱包“选取银行”列表中，实现用户点击跳转银行app进行免输卡号签约绑定，是否有详细接入步骤和文档？

Hi to everyone looking for more information about recurring payments I wonder if there is any way to test (maybe by using some default event id) the merchant token event token detail endpoint, it would be very helpful for merchants if there was some configuration or event id that always returned some particular event, that way we could do a better testing process instead of doing all this with a production environment. If there is any way to use some tool or sandbox to test this part of the process please tell us about it.

Does anyone else have this issue? We have been having this issue for years since we start using Apple Pay on the Web. I have checked TN3173 Your domain does not automatically re-verify section, we should meet all requirements. I have emailed applepaymerchantsupport at apple.com several times (Case-ID: 7663879), either saying "still checking", or no response at all. Our certificate for the Merchant Domains is maintained in Cloudflare, signed with Google Trust Service, rotate every 3 months.

调用 API 时，返回以下错误：Apple Pay 处理证书、Apple Pay 商家身份证书和商家域均已设置 { “statusMessage”： “支付服务异常 merchantId=1A9569E9792DB13B9BEE22EDB30515DE75D512B91A2C86C54D4065AD1ECC712E 未经授权代表 merchantId=4D08091EACD9C0D2E25CB94895D1B0DAE73970D6A517EF2988D6D929D1336DA1 reason=4D08091EACD9C0D2E25CB94895D1B0DAE73970D6A517EF2988D6D929D1336DA1 不是 WWDR 的注册商家，也没有通过 Mass Enabling 获得适当授权。 “状态代码”： “417” 连接到主机的 #0 apple-pay-gateway.apple.com 完好无损 }

We have used the ApplePayRecurringRequest parameter required for Apple Pay subscriptions, but during testing the payment, the Apple Pay payment page shown to the user remains the same as the one-time payment page, without any subscription information. Could you please check if there is an issue with our parameters or if there is an issue with the merchantIdentifier being used? Here is the ApplePayRequestData that we are using. { "supportedMethods": "https://apple.com/apple-pay", "data": { "version": 3, "merchantIdentifier": "***", "merchantCapabilities": [ "supports3DS", "supportsCredit", "supportsDebit" ], "supportedNetworks": [ "visa", "masterCard" ], "countryCode": "US", "recurringPaymentRequest": { "paymentDescription": "A description of the recurring payment to display to the user in the payment sheet.", "regularBilling": { "label": "Recurring", "amount": "4.99", "paymentTiming": "recurring", "recurringPaymentStartDate": "2025-06-02T16:00:00.000Z" }, "trialBilling": { "label": "7 Day Trial", "amount": "0.00", "paymentTiming": "recurring", "recurringPaymentEndDate": "2025-06-02T16:00:00.000Z" }, "billingAgreement": "A localized billing agreement displayed to the user in the payment sheet prior to the payment authorization.", "managementURL": "https://applepaydemo.apple.com", "tokenNotificationURL": "https://applepaydemo.apple.com" }, "additionalLineItems": [ { "label": "7 Day Trial", "amount": "0.00", "paymentTiming": "recurring", "recurringPaymentEndDate": "2025-06-02T16:00:00.000Z" }, { "label": "Recurring", "amount": "4.99", "paymentTiming": "recurring", "recurringPaymentStartDate": "2025-06-02T16:00:00.000Z" } ] }

We are on a .NET ecommerce site hosted on AWS on a windows 2012R2 server. We have apple pay for the web integrated on the site and the certificates (merchant id and apple pay) were set to expire shortly. We created a new merchant id and apple pay cert, however we are now stuck as the new merchant ID certificate doesn't appear to be working although the old one did. Note there have been no code changes. Basically the apple pay process is failing on the merchant validation. Here are the steps we took: Created a CSR in Keychain Access Generated a Merchant ID cert in the Apple Developer account with that CSR. Imported the Merchant ID cert back into Keychain Access and exported as a p12 file the cert and the private key used to generate the CSR. Imported the p12 file into Windows 2012 R2. I can see in our debugging that the new certificate is being loaded but a SSL/TSL connection couldn't be made. So it seems there is an issue with the cert. Has anyone encountered this? I'm out of ideas at this point and under a lot of pressure from management to fix what was supposed to be a routine maintenance issue. If anyone has any ideas, that would be greatly appreciated.

For the pushToken sent by APNS to register a wallet pass for update notifications, is there a max length or size that APNS will send? I save the token in my database and have it defined as varchar(256), but I have had some instances where the pushToken is larger than that. I'd like to know if there's an absolute max size that APNS will send. Then I'll know if I should reject requests with tokens larger than what's expected, and/or if I need to make the token size larger in the database.

Hi, we are trying to verify our domain and we uploaded the file to our domain {DOMAIN}/.well-known/apple-developer-merchantid-domain-association.txt and we can access it. But when we want verify the domain in your platform we can't do it and you see the message "Domain verification failed". How can we verified or if we need change something in our side to verify it? thanks!

We have an app that uses the pass-presentation-suppression entitlement and calls requestAutomaticPassPresentationSuppression to prevent the Wallet app from being presented when the device is displaying a barcode to a barcode/nfc reader. This works as expected for users of the standard Apple Wallet app. However, it does not prevent third-party wallet apps from being launched, which hides the barcode and prevents it from being scanned properly. What options do I have to prevent third-party wallet apps from launching or interfering while our app is actively presenting a barcode?

I am somewhat of a beginner in mobile app development. I have some questions about IAP and commissions. One of my clients has a website that basically acts as the middle man which connects the trainers and participants. Basically, the trainers pay my client a subscription fee and they can list the kind of trainings they have to offer (ex. cardio, weight lifting, ...etc.). These trainings can be one-to-one, one-to-many, or one-to-few depending on the trainers. When the participants see something that they like, they would make a payment directly to the trainers via the website. To save time, we will probably do some kind of webview app. Having said all these, my questions are as follows, As far as the IAP is concerned, can the payments between the trainers and the participants use third party payment method and ONLY the subscription fee from the trainers to the client use the storeKit/Apple IAP plugin? If the answer to the question above is Yes (i.e. using Apple IAP for subscription only but use a third party payment for the transactions between the trainers and the participants), does it mean that the commissions ONLY apply on the subscription fees and NOT the payments between the trainers and the participants? If the answer to Question 1 is No (i.e. ALL the payments have to go through Apple IAP), the commissions would apply to both the payments between the trainers and the participants and the monthly subscription payments, right? In this case though, to my understanding, when using the Apple IAP plugin, essentially, all the payments go to Apple temporarily. After taking out the commissions, the payments would be released to the bank account on file with the App Store within 45 days of the last day of the fiscal month in which the transaction was completed. Am I correct? And if so, as far as the business model on the App is concerned, my client would collect the money released from Apple and then distribute the money to the appropriate trainers. Am I correct?

iOS 16 and earlier On iOS 16 and earlier, Apple Pay on the Web required Safari—and all interactions with the Apple Pay API to come from the parent/top level page. In order to facilitate the Apple Pay button in an HTML inline frame (iframe), there will need to be cross frame communication between the child and parent pages. Cross frame communication should be secure and robust, therefore the use of postMessage for this purpose is recommended. The expectation is for all communication with Apple Pay to occur from the parent page, so the iframe must relay all Apple Pay related events to the parent to handle. Some examples: Apple Pay availability: The parent calls applePayCapabilities, then sends the message of the response to the iframe, which then uses the value to toggle the visibility of the Apple Pay button. Apple Pay session: The iframe receives an onclick() event when the Apple Pay button is clicked and sends the message to the parent (providing details about the transaction). The parent create the payment request to obtain the session validation URL, and eventually receive session credentials and invokes completeMerchantValidation() to prevent the payment sheet. After the payment is authorized by the Payment Service Provider (PSP), the parent either: Redirects the parent page to a payment success page; or Sends a message to the iframe to complete the transaction flow itself. iOS 17 and later On IOS 17 and later, the iframe HTML element should include the allow="payment" attribute, which should facilitate the cross frame communications instead of needing a dedicated JavaScript library. This means all of the Apple Pay code/calls can reside in the iframe page—which is typically a hosted page from a Payment Service Provider (PSP), all the parent page—typically a merchant—has to do is add the attribute mentioned above to the iframe element. Important: Regardless of the iOS version, the PSP/merchant always needs to make sure the parent page domain is the one registered in the Developer portal, and used in the request to generate a merchant session via ApplePaySession. Cheers, Paris X Pinkney |  WWDR | DTS Engineer

Hi, we are implementing the push provisioning via the Apple Wallet Extension starting from the example at https://developer.apple.com/documentation/passkit/implementing-wallet-extensions. To correctly manage the push provisioning on Apple Watch, specifically for a card tokenised in the iPhone but not in the Watch, we need to know if there is a connected Apple Watch to the iPhone. We are using the following code from the Apple Wallet Extension example to detect whether there is a connected watch: WCSession* session = [WCSession defaultSession]; session.delegate = delegate; [session activateSession]; In the main target of the app, at the end of the activation the system correctly calls the delegate method: session:activationDidCompleteWithState:error: but we noticed it is not being called in the UI extension context (the one having NSExtensionPointIdentifier: com.apple.PassKit.issuer-provisioning.authorization). We don't understand why the delegate is not being called in the UI extension, can you please help? Thanks! Steps to Reproduce: Start with a card not added in the Apple Wallet app Open the Apple Wallet app Click on add card Select the app to launch the Wallet Extension flow The Apple Wallet Extension with UI is on screen and invokes the activateSession method, the delegate method is not invoked and session.isPaired returns "no". Xcode Version 16.2 macOS Version 15.6.1 (24G90) Feedback ID FB20082564