#jorin-slaybaugh_unexpected

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1405198633003122738

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Are both domains registered?

If the top-level domain differs from the iframe domain, the top-level domain and the iframe’s source domain must both be registered payment method domains on the associated account.

"except for Safari 17+ when specifying allow="payment" attribute"

Yep

You still need both domains registered though

That's why it's under a separate bullet

Can you help me identify when this changed because it absolutely worked at one point?

Can you share your account id?

acct_1JPWviCUtVe7r0JB

That is the ID of the connected account through our platform for that test that I sent you. We have thousands of connected accounts obv

So before you'd only register the iframe domain?

yes!

Hmm let me check with a colleague. It's a bit odd that this worked before (assuming iframe and origin are different)

When did it stop working?

I wish I knew 🙁 unfortunately we don't have any logging about apple pay transactions specifically... but if I gave you a different ID of a real customer who has been doing transactions all along, do you guys have anything that could help with that?

but if I gave you a different ID of a real customer who has been doing transactions all along
Hm what do you mean by this? As in they still are somehow paying with apple pay?

No... I mean its not working for them now but it was at some point... so if you have some sort of filter or query you can write that sees that they had Apple Pay transactions and then they stopped?

Ok so my colleague said that there was a period that we didn't enforce top-level domain registration in this flow

But that was fixed in April 2024

So was this working any time after April 2024 that you're aware of?

I'm actually in a meeting with someone that might know that... let me try to get an answer in this meeting. Please standby

Ok, sorry for the delay. We definitely feel like it was working well past that. 16 months and no complaints seems very unlikely.

No worries. I'm taking over from my colleague.

To sum it up both domains will need to be registered as my colleague pointed out.

Then what purpose does allow=payment even serve?

That’s the whole point of allow attributes on an iframe

Hi, taking over as my teammate needs to step away. Let me catch up.

We document this here: https://docs.stripe.com/apple-pay?platform=web#web-integration-considerations

Using an iframe with Elements: When using an iframe, its origin must match the top-level origin (except for Safari 17+ when specifying allow="payment" attribute). Two pages have the same origin if the protocol, host (full domain name), and port (if specified) are the same for both pages.

Top-level domain and iframe domain: If the top-level domain differs from the iframe domain, the top-level domain and the iframe’s source domain must both be registered payment method domains on the associated account.

Since the origin in this scenario does not match the top-level origin, you need to register both. The exception part is around it needing to match the top-level origin or not.