#daniyal-pmd-validation

Hello! We'll be with you shortly. Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

• daniyal-applepay-domain, 19 hours ago, 49 messages
• daniyal-applepay-domain, 5 days ago, 40 messages

Hello again

can you share the account IDs as my colleague asked the last time?

acct_1JVFMDH21SAdRZ8C

Still looking in to this.

I am honestly a bit surprised that the Apple Pay button is showing up here. For direct charges, domains need to be registered on the connected account and I'm only seeing registrations on the platform account. On top of that I'm only seeing a registration for stores.brooksrunning.com so www.brooksrunning.com would not be expected to show up

Also the error in the console from your video is more or less a separate error for when it takes more than a second to display apple pay after the user clicks submit. We can look in to that as well

when i try to register domain for www.brooksrunning.com it shows an error of apple merchant file not found.

When I try to access https://www.brooksrunning.com/.well-known/apple-developer-merchantid-domain-association, I get a 301 redirect. Apple (and therefor Stripe) error out if they see anything other than a 200 response that directly serves the file

on every site i need apple pay to work. i'll need to host ^ this file?

like i've this on my app server from where payment element is being served from.

Correct, Apple requires that each subdomain that their button appears on to be registered

Also to follow up on the console error, do you know if your page makes any networked requests or does anything time consuming between when the user clicks submit and when you attempt to confirm the payment intent?

there is some processing we do when confirming the PI

can you pls specify which console error are you talking about?

Apologies, don't know why I talked about it like it was obvious

This message

From the second video that you sent yesterday #1193934357459640462 message

integration error?

the first two are the errors related to the domain verification

Apologies, somehow missed those and was just looking at that one. We can address the domain errors first bit the integration error will likely be worth addressing as well as it can also block apple pay payments

ahh got it.

sorry to ask again but i just want to confirm. i need to do domain verfication for every connected account site?

Correct, Apple views www.example.com and shopping.example.com as two different domains that need two different registrations

$stripe = new \Stripe\StripeClient('');

$stripe->paymentMethodDomains->create(
['domain_name' => 'example.com'],
['stripe_account' => '{{CONNECTED_ACCOUNT_ID}}']
);

And when registering, both URLs need to directly serve the .well-known/apple-developer-merchantid-domain-association file. For example you can't have www redirect to shopping which serves the file

$stripe = new \Stripe\StripeClient('');

$stripe->paymentMethodDomains->create(
['domain_name' => 'example.com'],
['stripe_account' => '{{CONNECTED_ACCOUNT_ID}}']
); this code basically does the verification if i'm right?

this will return true if the apple file is present there?

There is an apple pay property that you will need to check https://stripe.com/docs/api/payment_method_domains/object#payment_method_domain_object-apple_pay-status

It is possible to create a domain that works for GPay but not Apple Pay

#1194296372439023707 message

@dense saddle not sure what you're linking to

daniyal-pmd-validation

$stripe = new \Stripe\StripeClient('');

$stripe->paymentMethodDomains->create(
['domain_name' => 'example.com'],
['stripe_account' => '{{CONNECTED_ACCOUNT_ID}}']
); this code basically does the verification if i'm right?
this will return true if the apple file is present there?

@dense saddle that doesn't "return true" but that returns a PaymentMethodDomain with details about the validation for each payment method type. Did you try?

i tried \Stripe\Stripe::setApiKey("");

\Stripe\ApplePayDomain::create([
'domain_name' => 'www.brooksrunning.com',
]);

but it throwed an error of that apple merchant file not found

Okay so that's the first step: it seems you don't have the right configuration for ApplePay. Did you follow our detailed instructions for it? https://stripe.com/docs/payments/payment-methods/pmd-registration?platform=dashboard#verify-domain-with-apple

let me summarize what i've done till now: i've registered and verified my domain from where payment element is being served from. before this apple pay option was not appearing.

pause here

your code is explicitly about registering your domain for Apple Pay. And that call is failing right now. Which means you haven't done the steps for Apple Pay properly.
That's what you need to focus on. Ignore everything else about Connect or PaymentElement or anything like this.

Right now if you try to load https://www.brooksrunning.com/.well-known/apple-developer-merchantid-domain-association you will see it does not work.

www.brooksrunning.com is the 3rd party site which loads my payment element.

https://frontend2.locally.com/.well-known/apple-developer-merchantid-domain-association

Sure but to be able to offer ApplePay on that domain, that domain has to be registered. There's no way around it. So you have to work with that developer of the domain to configure ApplePay properly with you

understood.

if you see https://frontend2.locally.com/.well-known/apple-developer-merchantid-domain-association this has been verified and this is the place from where my paymment element is being served from.

now it' clear that the other connected account domain also needs to be verified.

in conclusion: we are supposed to host that apple file on every connected account server?

@dense saddle Assuming your code is loaded from each connected account's domain then yes

no my code gets loaded from https://frontend2.locally.com

are you using an iframe?

no shadow dom

I don't really know what that means unfortunately

https://developer.mozilla.org/en-US/docs/Web/API/Web_components/Using_shadow_DOM

what it basically does it loads the component natively.

Sure sorry I know what shadow DOM is, I don't really grasp how your code is deployed and who hosts it on each domain

ahh ok

But ultimately what matters the most is the root URL

see https://stripe.com/docs/stripe-js/elements/payment-request-button?client=html#safari

When using an iframe, its origin must match the top-level origin (except for Safari 17 when specifying allow="payment" attribute). Two pages have the same origin if the protocol, host (full domain name), and port (if specified) are the same for both pages

Something similar would happen for you I think in this case

not sure if you saw this: https://docs.google.com/document/d/1dhYDh7VWBTobDGaz2aSkMyIAmUkWsGwO6f3YybFOBjE/edit?pli=1

Sorry I don't open google docs

basic flow:

1. Generate Client secret

// Initialize Stripe
\Stripe\Stripe::setApiKey(PaymentIntegrationRepository::stripe_secret_key());

// Create Stripe customer
$stripe_response = \Stripe\Customer::create([
'description' => 'Locally Cart #'.$cart->hash.' : '.$user->email,
'email' => $user->email,
]);

// Save Stripe customer information to cart
$cart->stripe_response = $stripe_response;
$cart->stripe_customer_id = $stripe_response->id;
$cart->save();

// Get Stripe integration for store
$integration = PaymentIntegrationRepository::for_store($cart->store_id);

// Create a Stripe setup intent using the customer ID and store integration
try {
$intent = \Stripe\SetupIntent::create([
'customer' => $customer->id,
'on_behalf_of' => $integration->stripe_user_id
]);
} catch (\Exception $e){
return $e->getData();
}

// Return the client secret and publishable key for use by Stripe.js
$stripe_publishable_key = PaymentIntegrationRepository::stripe_publishable_key();
$data['client_secret'] = $intent->client_secret;
$data['stripe_publishable_key'] = $stripe_publishable_key;

return $data;

Sorry this is just a dump of code

We were talking about domain validation. What's your clear question?

my question was that my code is being served from https://frontend2.locally.com/ on www.brooksrunning.com which is a connected account and https://frontend2.locally.com/ domain is verified and registered. but when i do any transaction from the payment element that is being served from https://frontend2.locally.com/ on brooksrunning i get that domain verification error

Okay but we're back to what I already explained: what matter is the root URL of the page, so in this case the other domain, that's what needs to be registered

hmm

not sure what is the point of connected accounts are if we have to ask each site to manually host the verification file on their servers.

@dense saddle A connected account represents a separate entity (individual or company) that is accepting payments through your code/help. That's required to meet many compliance and legal requirements for money movement around the world.

The fact that they have to register their own domain if they want to show a payment form with Apple Pay on their own domain is an Apple requirement

understood.

Many thanks. Appreciate the help.