Apple Pay Web Integration Setup Guide

Prerequisites

• Active Authorize.net merchant account for your customer
• Apple Developer account (customer needs this)
• HTTPS website with valid SSL certificate
• Payment processor that supports Apple Pay tokenization through Authorize.net

Process Overview

The setup involves three main stages:

1. Apple Developer Account Setup - Customer creates Apple Pay identifiers and certificates
2. Authorize.net Configuration - Link Apple Pay to customer's Authorize.net account
3. Domain Verification - Prove ownership of the domain serving Apple Pay
4. Integration - Your frontend code uses customer's credentials

---

Part 1: Apple Developer Account Setup

Step 1.1: Create Apple Merchant ID

Your customer needs to create a unique Merchant Identifier in their Apple Developer account.

Actions for Customer:

1. Log in to https://developer.apple.com
2. Navigate to: Certificates, Identifiers & Profiles
3. Select Identifiers from sidebar
4. Click the + button
5. Select Merchant IDs from the dropdown (top right)
6. Click Continue
7. Enter a description (e.g., "My Company Apple Pay")
8. Enter identifier (format: merchant.com.yourcompany.identifier)
   • Example: merchant.com.acmestore.payments

What You Need: Record the Merchant ID for later use

---

Part 2: Authorize.net Configuration

Step 2.1: Generate Certificate Signing Request (CSR)

The CSR is generated BY Authorize.net and uploaded TO Apple.

Actions for Customer:

1. Log in to Authorize.net Merchant Interface at:
   • Sandbox: https://sandbox.authorize.net
   • Production: https://authorize.net
2. Navigate to: Account > Digital Payment Solutions (or Tools > Digital Payment Solutions)
3. Locate the Apple Pay section
4. Click Sign Up or Enable
5. Enter the Apple Merchant ID from Part 1 (e.g., merchant.com.acmestore.payments)
6. Click Generate Apple CSR
7. Download the CSR file (.certSigningRequest)

Step 2.2: Create Payment Processing Certificate in Apple

This certificate allows Authorize.net to decrypt Apple Pay payment data.

Actions for Customer:

1. Return to Apple Developer account
2. Navigate to: Certificates, Identifiers & Profiles > Identifiers
3. Select Merchant IDs from dropdown
4. Click on the Merchant ID created in Step 1.1
5. Under Apple Pay Payment Processing Certificate, click Create Certificate
6. In the dialog, click Choose File
7. Select the CSR file downloaded from Authorize.net (Step 2.1)
8. Click Continue
9. Click Download to save the certificate (.cer file)

Step 2.3: Upload Certificate to Authorize.net

Actions for Customer:

1. Return to Authorize.net Merchant Interface
2. Navigate back to: Digital Payment Solutions > Apple Pay
3. Upload the .cer file downloaded from Apple
4. Complete the enrollment process

What You Need: Customer's Authorize.net API credentials:

• API Login ID
• Transaction Key

---

Part 3: Domain Verification

Apple requires proof that you control the domain where Apple Pay will be displayed.

Step 3.1: Download Domain Association File

Actions:

1. Apple provides a domain verification file
2. Download: apple-developer-merchantid-domain-association
3. This is a text file that must be placed on your web server

Step 3.2: Host the Verification File

Place the file at this exact location on your web server:

https://yourdomain.com/.well-known/apple-developer-merchantid-domain-association

Requirements:

• Must be accessible via HTTPS
• Must be in the .well-known folder at the root of your domain
• Must be publicly accessible (no authentication required)
• File must be served as-is (no modifications)

Step 3.3: Register Domain with Apple

Actions for Customer:

1. Return to Apple Developer account
2. Navigate to: Certificates, Identifiers & Profiles > Identifiers
3. Select the Merchant ID
4. Under Merchant Domains, click Add Domain
5. Enter your domain (e.g., yourdomain.com)
   • Do not include https:// or www.
6. Click Verify
7. Apple will check for the association file

Result: Domain is registered and verified for Apple Pay

---

Part 4: Integration with Your Frontend Code

Step 4.1: What You Need from Customer

To integrate Apple Pay for each customer, you need:

1. Apple Merchant ID (from Part 1)
   • Example: merchant.com.acmestore.payments
2. Authorize.net API Credentials:
   • API Login ID
   • Transaction Key
3. Environment (Sandbox or Production)

Step 4.2: Frontend Implementation Overview

Your existing frontend code needs to:

1. Initialize Apple Pay Session with customer's Merchant ID
2. Handle Merchant Validation (you may need a server-side endpoint)
3. Receive Payment Token from Apple Pay
4. Send to Authorize.net using customer's API credentials

Step 4.3: Processing Apple Pay Payments

When a payment is made:

Data Flow:

Customer's Browser (Apple Pay)
  ↓ [Apple Pay Token]
Your Frontend
  ↓ [Base64 Encoded Token]
Authorize.net API (using customer's credentials)
  ↓ [Payment Result]
Your Backend

Key Points:

• Apple Pay returns a payment token (JSON object)
• You must Base64-encode the entire token
• Send to Authorize.net using opaqueData format:
  • dataDescriptor: "COMMON.APPLE.INAPP.PAYMENT"
  • dataValue: Base64-encoded Apple Pay token
• Use customer's Authorize.net API credentials for authentication

Step 4.4: Authorize.net API Call Structure

{
  "createTransactionRequest": {
    "merchantAuthentication": {
      "name": "[Customer's API Login ID]",
      "transactionKey": "[Customer's Transaction Key]"
    },
    "transactionRequest": {
      "transactionType": "authCaptureTransaction",
      "amount": "50.00",
      "payment": {
        "opaqueData": {
          "dataDescriptor": "COMMON.APPLE.INAPP.PAYMENT",
          "dataValue": "[Base64-encoded Apple Pay token]"
        }
      }
    }
  }
}

---

Part 5: Managing Multiple Customers

Storage of Customer Credentials

For each customer, you need to securely store:

• Apple Merchant ID
• Authorize.net API Login ID
• Authorize.net Transaction Key
• Environment (Sandbox/Production)

Runtime Selection

When processing a payment:

1. Identify which customer the transaction belongs to
2. Retrieve that customer's Apple Pay Merchant ID and Authorize.net credentials
3. Use those credentials in the Apple Pay session and API call
4. Payment is processed through their Authorize.net account

---

Important Limitations & Requirements

Payment Processor Support

Apple Pay through Authorize.net requires a payment processor that supports payment network tokenization. Your customer should verify this with their processor.

Certificate Expiration

Payment processing certificates expire every 25 months and must be renewed. Set reminders for customers.

Security Requirements

• All pages with Apple Pay must use HTTPS
• Domain must have valid SSL certificate
• Cannot use localhost for testing (use sandbox.authorize.net for testing)

Transaction Requirements

When submitting transactions:

• Must be e-commerce transactions (set marketType=0)
• Cannot include credit card numbers or expiration dates
• Cannot include track data or 3D Secure data
• Transaction type must be authCaptureTransaction or authOnlyTransaction

---

Testing & Validation

Sandbox Testing

1. Use Authorize.net sandbox account (sandbox.authorize.net)
2. Use Apple's sandbox environment
3. Test with Apple's test cards in Wallet app
4. Verify end-to-end flow before production

Validation Checklist

---

Troubleshooting

Common Issues

---

Summary

The key to multi-customer support is:

1. Each customer completes Apple Developer setup independently
2. Each customer provides you with their Apple Merchant ID and Authorize.net credentials
3. Your code dynamically uses the appropriate credentials based on which customer is being served
4. All payments flow through the correct customer's Authorize.net account