#tylerdmace_applepay-windows-browsers

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1480627693090508993

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Hello 👋

What "Payment API" are you referring to here? Can you point to one of our Public APIs in our reference?
https://docs.stripe.com/api?api-version=2026-02-25.clover&rds=1

Yes, one second, my friend!

I can't find the document off hand. Let me look a little deeper and also put together a test flow with logs that I can review to answer any of your questions you'll have. ETA 10 minutes.

Sorry!

Didn't expect a response on this quite so soon

We reply in seconds (usually) on this server. But the flip side of that speed is we expect you to be available for a synchronous chat.

Want me to close this one and reopen when ready?

If you can put together a description of what you are attempting to do, specifically as it pertains to Stripe APIs

then you should be fine. We generally leave threads open for between 20 - 40 minutes of inactivity

but that is highly dependent on the person staffing and how busy the server is

Totally understand. Let me write up the flow wer'e shooting for. One sec.

So we have been using Stripe's CheckoutElement or whatever its called in order to create payment methods for our users to select from, one of which we have enabled is Apple. But we realized upon implementation that Stripe does environmental checks to see if the user is on an Apple device or platform and if not, the payment method doesn't show at all. But we had seen platforms offering an Apple Pay button to users on Windows machines using Chrome / Firefox so we knew there had to be a way to still get the Apple Pay button for non-Apple devices/platforms. We found that a few years ago Apple implemented a cross-browser solution for this very thing. An Apple-hosted QR code based flow that launches a modal from Apple with a QR code that any Apple device can scan in order to complete the payment on their phone/tablet. Stripe does not support this flow so we had to step outside of CheckoutElement and implement Apple Pay's QR flow through their Apple Pay JS SDK. Whenever we try to complete our payment flow using that QR code, our purchase details and shipping details make it to the Apple Pay app on the device but the order is automatically canceled after a few seconds and the app closes. I don't have them on me at the moment but some of our logs indicated that Stripe was complaining that we had sent sensitive information to your servers (raw card data) and that we would need to fill out PCI documentation in order to enable an API. But we dont capture or see sensitive information at all on our system so my understanding is that Apple is sending encrypted stuff to you guys but your systems don't know that it came straight from Apple and not from us.

Hopefully that makes sense!

I just want to flag that we do support the Apple Pay QR code natively with Stripe. It requires using the Express Checkout Element but it is possible

Oh, do you have documentation on that?!

We would love to keep it all in-house, so-to-speak!

but I could not find ANYTHING on that

Okay well first take a look here: https://docs.stripe.com/elements/express-checkout-element

And open this page with a browser that does not support Apple Pay

e.g. Chrome, Firefox

You should still see Apple Pay rendered in the demo section

Nope

Opened it in Edge

On Windows

No Apple Pay

Ah I see in our Supported Browsers footnotes, we call out the OS that the browser is running on must be a MacOS

3. Apple Pay on desktop Chromium browsers is only supported on MacOS when paymentMethods.applePay is set to always.

Yep

Which is ALMOST good enough

but not quite

I can flag this internally. Do you have a doc for the ApplePay JS SDK that points to it working on Windows machines?

https://applepaydemo.apple.com/

Windows + Comet:

This is a general page but I'm having trouble finding the specific language about browser/OS support

I'm looking for information I can pass to internal teams about this.

tylerdmace_applepay-windows-browsers

Looking!

Stripe was complaining that we had sent sensitive information to your servers (raw card data)

With respect to this, use an Apple Token to create a Stripe Token IS considered a "card details" flow that comes with extra PCI compliance. The details have more to do with legal requirements than I can dig into. So if you wind up going that route, you should likely write in to Support here: https://support.stripe.com/contact

We wrote into support. We were told it would have a reply within 24 hours. It's been over a week I believe and we haven't heard anything back.

I don't see any language that shows specifically what platforms Apple Pay supports using the QR flow. Their documentation is pretty awful. But I know we're not touching any sensitive information so I need this API approved so that we can finish this flow.

What can we do to get it looked over and approved right now?

Look at this support case: sco_U2Y12mTHyfZ54f

Hello! I'm taking over for @signal jasper who had to step away, please give me a few minutes to catch up 🙂

Sure thing

I need one of two things today: 1) API to be enabled for our account so we can start using this Apple Pay flow (at least testing with it) OR I need to know the official method for supporting this flow (assuming we are doing something wrong here). I got my boss breathing down my neck since we haven't had any movement on this since opening the support ticket.

I'm very sorry you haven't heard back from our support team! Let me look into why that is...

As for your question, I'm not sure which API you mean when you say "API to be enabled for our account". I understand that you're trying to use Apple Pay JS SDK directly while still using Stripe to process payments in order to show Apple Pay on Windows devices. I'm not sure if Stripe supports for this but am doing some digging...

Thanks for your patience!

https://support.stripe.com/questions/enabling-access-to-raw-card-data-apis

Ahh, I see that's what you wrote into support for - thanks for clarifying 🙏 my team isn't able to enable raw card data APIs on your account but I'm looking at what I can do to get you unblocked.

I called it "Payment API" in a few places but was confusing that with something from Apple. I don't know what you call the APIs internally.

Thank you!

What is the reason they cannot enable the API? Are we doing something wrong?

Your documentation (which I linked above) says that this API should be able to be enabled IF we aren't handling sensitive data ourselves. We do not handle sensitive data nor do we store it, we simply pass what Apple Pay provides us. This implementation is done and we see no reason to wait for different Stripe implementation while we have this working. Since we are complying with the rule not to handle sensitive data can we please proceed with enabling this?

I see your support case is in the right queue, but sadly can't speak to why it hasn't been actioned or if you meet the requirements to have the raw card data API enabled 🙁

Thankfully, there might be an alternative solution here! My teammate is going to jump in to explain it.

Ok, we've already implemented a solution and as per your documentation, we are doing everything we should. We've explored your documentation in detail and your current solution works in fewer cases than ours. Rather than creating a new body of work can you please escalate to those who can enable the API ASAP

Hello 👋 as my colleague said, your case is in the right queue of people who can enable raw PAN access. We can't escalate to them beyond where this already is. I am sorry your case is in that situation but my team on this server cannot push further there.

To clarify a bit, that raw PAN access is required if you are decrypting Apple Pay tokens and passing us the DPANs that you get from that decryption. Even though Apple handed you that info and the DPAN is just a temporary card number, it is still considered sensitive and handling DPANs heightens your PCI compliance requirements. Stripe does not have a choice in that matter, we just have to make sure our users are compliant.

That said, it is possible to create a Stripe token from a PKPaymentToken without decrypting it and raising your PCI requirements. So if your flow can get a PKPaymentToken, you can just pass us fields from that token like so:

  -d pk_token=<PKPaymentToken.paymentData decoded as JSON> \
  -d pk_token_instrument_name=<PKPaymentToken.paymentInstrumentName> \
  -d pk_token_payment_network=<PKPaymentToken.paymentNetwork> \
  -d pk_token_transaction_id=<PKPaymentToken.transactionIdentifier>```
That will create a Token object with an ID like `tok_abc` that you can then use to confirm our intents like so:
```curl https://api.stripe.com/v1/payment_intents \
  -u REPLACE_WITH_YOUR_SECRET_KEY: \
  -d amount=1099 \
  -d currency=eur \
  -d "payment_method_data[type]"=card \
  -d "payment_method_data[card][token]"=tok_123 \
  -d confirm=true \
  --data-urlencode return_url="https://example.com"```
So doing that may be the best solution in your situation and could avoid the matter of raw PAN access altogether.

Let me paste you a document with our flow in detail

one sec

https://gist.github.com/tylerdmace/a07539dd7d648713478125cc4e495c68

Maybe you can see what I'm doing wrong but I believe we're doing this very thing.

Step 7 is where we get a token back from Apple Pay

which we use to create the pk_token

Yep that is the flow I was suggesting. Can you try making another Token this way? The raw PAN requirement for PKPaymentToken flows was lifted around the time of the last error I see for this on your sandbox account (late Feb). I have a feeling you've tested this more recently if you're writing in now, but it could be helpful to try again now.

I can try to put a few through, yes

Can you please confirm again that we are indeed doing things how you require?

(I'm working on the tests still, I just want a little more confirmation on that point)

Yep I can see this request which is of the format that I suggested and ran into the error that as best I know shouldn't be triggered for that flow anymore.
https://dashboard.stripe.com/acct_1QPnCsRAxuxzRkuM/test/logs/req_CnmE99SOfJIf5B
I'm looking into if there are updates I missed here.

Kk, thank you! I'll continue with my tests and let you know the results ASAP

Sorry; just putting some logging and stuff back in place right quick

shouldn't be too much longer

appreciate the patience

No worries, just let me know what you see. As best I can tell this should be accessible to you now.

I'm getting a different error at the moment (domain verification) that needs to be addressed first, it looks like.

Interesting, can you send me the request ID from the error you got? (req_123) should be in your logs https://dashboard.stripe.com/test/logs

What's happening now is that my apple pay app (on my phone) is canceling the payment flow after a few seconds

Oh this is a console error? Can you paste the text of the error?

It's an error with Apple Pay specifically

so nothing you guys can fix

I'll resolve this and open a new ticket if I still run into issues with you guys afterwards, is that OK?

or if you want me to just fix it now and keep the chat open, I can do that too

If you can fix now and test the /v1/tokens endpoint quickly, I'd prefer that. If you still get the raw card data error still, that would be a bug as far as I can tell and I can escalate that to the owning team. Unfortunately can't promise a timeline on the fix in that scenario, but that would at least get the ball rolling for that type of error.

Kk, let me try to resolve the domain issue right quick and get another test going.

@upper geode are you still working o this? I can create another case for this followup if you think it may take a bit to run this test.

I am still working on it, yeah

there's some weird domain issues with apple pay that need to be addressed before I can push it through

Could take another 15 minutes pretty easily

Gotcha, I have to step out not long after that so I say let's create a case now. If the token call is working now, that is great and we can close it out, otherwise I can at least get it escalated to the right team quickly.

Yeah, fair enough

If you can start a DM with me I can send the link to create a case quickly. Looks like I can't start the DM myself

Appreciate all your attention on this (all of you)

Sure thing!

Might have to add you as a friend first

Ah that may be my DM settings, fixing that one sec

sure thing.

Okay should be good now, otherwise yeah send the friend request. Gotta love when every step has small sub-steps

I tried to send a message and a friend request

neither worked :(

Maybe add me?

I think I can just send this here: https://support.stripe.com/?refcode=Q5nH&contact=true&discord_conversation_url=https%3A%2F%2Fdiscord.com%2Fchannels%2F841573134531821608%2F1480627693090508993&discord_username=tylerdmace_applepay-windows-browsers

Takes me to a generic support page

Ah, you need to be signed in to your Stripe account for it to work

I am pasting it in a browser with an active logged in session

I believe our chat/dm is working tho

Can you try clicking "Sign in" on the upper right of that page? That may just automatically log you in and the link should work. The DM was just to send that link, I can send another link via DM if that one isn't working after the page says you are logged in

Logged in (as you can see in the upper right) and still landing on the same generic support page

Hello @upper geode, we have sent you a direct message, please check it at https://discord.com/channels/@me/1480676457880617076

• 🔗The message has instructions on how to open a direct support case with our Developer Support team, in order to help you more effectively.

Okay new link sent via bot. If that doesn't work, I think just click the "contact support" link and ask the bot to open a case and I can grab after that. Sorry this has turned into a thing itself

It does the same thing but the chat window is open and asking me to connect to a stripe support agent by selecting either "Platform account" or "Connected accounts".

Just like you said

I'll do the platform account

Ok, I believe it's created for you

hopefully that pops up here in a second

Yep I got it! I'll close out this thread and will keep an eye on the ticket for an update on whether you still get this error. Best of luck fixing the domain issue!

Thank you so much man. Really appreciate all of you.

Of course, glad we can move this forward somehow at least!

Getting the thumbs up on our process/flow looking correct was a huge point of relief for me. I am betting the error is gone but I'll confirm as soon as possible with you guys.