Apple Pay

Verifying domain with Apple Pay

To use Apple Pay, you need to register with Apple all of your web domains that will show an Apple Pay button. This includes both top-level domains (e.g., example.com) and subdomains (e.g., shop.example.com). You need to do this for domains you use in both production and testing (e.g. example.com/version-test).

Apple's documentation for Apple Pay on the Web describes their process of "merchant validation", which Stripe handles for you behind the scenes. You do not need to create an Apple Merchant ID, CSR, etc., as described in their documentation, and should instead just follow these steps:

  1. Download this domain association file and host it at /.well-known/apple-developer-merchantid-domain-association on your site.

    For example, if you're registering https://example.com, make that file available at https://example.com/.well-known/apple-developer-merchantid-domain-association

  2. Next, tell Stripe to register your domain with Apple. You can do this by going to the Apple Pay tab in the Account Settings of your Dashboard

    Head to your Dashboard and replace sk_live_•••••••••••••••••••••••• below with your live secret key.

All domains, whether in production or testing, must be registered with your live secret key.

Browser support

Safari

  • Safari on Mac running macOS Sierra or later.

  • An iPhone (not an iPad; Safari doesn't support them yet) with a card in its Wallet paired to your Mac with Handoff, or a Mac with TouchID. Instructions can be found on Apple's Support website.

  • Make sure you've verified your domain with Apple Pay.

  • When using an iframe, its origin must match the top-level origin. Two pages have the same origin if the protocol, host (full domain name), and port (if one is specified) are the same for both pages.

Mobile Safari

  • Mobile Safari on iOS 10.1 or later.

  • A card in your Wallet, by going to Settings → Wallet & Apple Pay.

  • Make sure you've verified your domain with Apple Pay.

  • When using an iframe, its origin must match the top-level origin. Two pages have the same origin if the protocol, host (full domain name), and port (if one is specified) are the same for both pages.

PreviousSupported PaymentsNextAir Calendar

Last updated