bg_error | Stripe Developers | Page 1

cursive marlinBOT Apr 3, 2024, 10:46 PM

#

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1225214933877395508

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

tepid sonnetBOT Apr 3, 2024, 10:47 PM

#

neat oak Apr 3, 2024, 10:47 PM

#

Hi there!

#

In order to verify domains for use with ApplePay, those domains must be publicly accessible and not behind a proxy

odd rock Apr 3, 2024, 11:17 PM

#

Are there any IP addresses that Stripe uses for the verification that I can use as allowlist for my domain? We don't want to expose our domain publicly because they are our staging environment.
Wondering how other devs use staging for testing Apple Pay

neat oak Apr 3, 2024, 11:19 PM

#

No, we don't have a list of IPs that are used specifically for verification. Both Apple and Stripe need to access that domain

#

Other devs may use ngrok for local testing, as you've done

odd rock Apr 3, 2024, 11:30 PM

#

How long do we have to keep the path open for public traffic for the domain verification?

neat oak Apr 3, 2024, 11:32 PM

#

I'd recommend keeping it open for as long as your tests continue

odd rock Apr 3, 2024, 11:40 PM

#

What about in production? Should the prod domain also keep this path open for as long as the domain is used for payment using Apple Pay?

#

Ideally, we wont want our prod domain to be keeping a path open for all public. This is because we are a startup in stealth mode and we don't want people accessing our domain.
Are there no other ways to verify the payment method domain?

#

Can we do anything with DNS TXT records like Google does?

neat oak Apr 3, 2024, 11:47 PM

#

Just to clarify, the domain association file hosted on your domain is the only thing that needs to be publicly accessible. No other resources on your domain are needed for domain registration

#

In that vein, the domain association file in your production domain should also always be accessible, as long as you plan on using Apple Pay

odd rock Apr 3, 2024, 11:49 PM

#

Got it, and about Can we do anything with DNS TXT records like Google does? for verification?

neat oak Apr 3, 2024, 11:49 PM

#

No, not possible in this case

odd rock Apr 3, 2024, 11:51 PM

#

Got it, thanks for the information. I will evaluate how I can open up just this path for my test and staging domains

#bg_error