Short Answer
If you need to add more than 100 Merchant IDs, you must add them via the Apple Pay Web Merchant Registration API.
Long answer
The Apple Developer website allows you to manage up to 100 Merchant IDs.
Once you exceed 100 and attempt to add another Merchant ID, you will receive the error, "Unable to add Merchant ID because Merchant ID limit 100 has been exceeded." The only way to add more than 100 Merchant IDs is programmatically add them via the Apple Pay Web Merchant Registration API.
You can request access to the Apple Pay Web Merchant Registration API via this link
Registering with Apple Pay and Applying to Use the API
Domain Verification File(s)
Once you have been granted access you will receive an email from the Apple Pay Team which will include domain verification file(s) attached to the email that will need to be hosted on each domain that you register. The contents of the domain verification file is a long unique alphanumeric key that Apple stores in their systems. When you attempt to call their API, they will attempt to download the domain verification file from your domain at the following address:
https://[DOMAIN_NAME]/.well-known/apple-developer-merchantid-domain-association
For clarity on exactly where to host the domain verification file, if your URL is https://www.example.com, then you would create a route on your website that returned the domain verification file at the route:
https://www.example.com/.well-known/apple-developer-merchantid-domain-association
The URL path ".well-known/apple-developer-merchantid-domain-association" could either be a virtual route, or depending on your web server you could create a folder named ".well-known", then a sub-folder named "apple-developer-merchantid-domain-association", and place an index.html file in that folder that contained the contents of the domain verification file that you received in the email from the Apple Pay Team.
More information on domain verification can be found at the following URL:
Preparing Merchant Domains for Verification
Register Merchant API
Once your domain verification file is hosted at your domain(s), then you can call the Register Merchant API endpoint. More information can be found here: Register Merchant - Web Service Endpoint
Post
Replies
Boosts
Views
Activity
The Apple Developer website allows you to manage up to 100 Merchant IDs. If you need to add more than 100 Merchant IDs, you must add them via the Apple Pay Web Merchant Registration API.
I wrote a more detailed response to this same question here:
https://developer.apple.com/forums/thread/674484?login=true&page=1#679369022
The Certificate Signing Request for the Merchant Identity Certificate requires the RSA-2048 algorithm. As an alternative, you can use openSSL to generate the CSR via the following steps:
Execute the following openSSL command to create a private key:
openssl genrsa -out privateKey.key 2048
Execute the following openSSL command to generate a certificate signing request (CSR) from the private key:
openssl req -new -key privateKey.key -out certificateSigningRequest.csr
Login to the Apple Developer Portal and upload the CSR file. You can then download the newly generated certificate.
As the error message indicates, the Certificate Signing Request for the Merchant Identity Certificate requires the RSA-2048 algorithm. As an alternative, you can use openSSL to generate the CSR via the following steps:
Execute the following openSSL command to create a private key:
openssl genrsa -out privateKey.key 2048
Execute the following openSSL command to generate a certificate signing request (CSR) from the private key:
openssl req -new -key privateKey.key -out certificateSigningRequest.csr
Login to the Apple Developer Portal and upload the CSR file. You can then download the newly generated certificate.
See this answer: CSR algorithm/size incorrect. Expected: RSA(2048)
See this answer: CSR algorithm/size incorrect. Expected: RSA(2048)
Yes, we have to handle the situation of maintaining multiple Apple Pay domain verification files at my employer as well. We just swap them out as needed since you can only host a single domain verification file at a time. In practice, it looks like once the file is verified, Apple doesn't seem to check it again since your domain is already validated. As our company continues to integrate with different payment gateways / providers, we just replace the domain verification file with the new one and verify the new one.