I'm trying to create an Apple Pay session for my website. I'm starting with curl for now, just to get proof of concept.
curl --cert cert.pem --pass {passphrase} --header "Content-Type: application/json" --request POST --data '{"merchantIdentifier":"{merchantIdentifier}","displayName":"testDisplayName", "initiative": "web", "initiativeContext": "{domain}"}' https://apple-pay-gateway.apple.com/paymentservices/paymentSession
This is the response I get back
{
"statusMessage": "Payment Services Exception merchantId={VERY-LONG-ID} not registered for domain={domain}",
"statusCode": "400"
}
I'm not sure why this is happening. {domain} is in the form of sub.site.tld with no protocol, such as https, which matches what I see in the list of the domains in the merchant identity dashboard. The {merchantIdentifier} also matches what I see in the top right, but the merchantId in the response is something I don't recognize. It's a long string of characters that appears to be hexadecimal.
I added the apple-developer-merchantid-domain-association file to my .well-known directory and the dashboard does report that the domain is verified.
I am making the request from the web server that the domain resolves to, if that matters.
I can't think of any reason this would be happening.
I'm not sure where the long merchantId in the response is coming from. Does it matter that it doesn't match what I supplied in the request? As far as I can tell, I am using the correct merchantIdentifier. It matches the dashboard and the CN field of the certificate.
I found this other post that seems to have a similar error: https://forums.developer.apple.com/forums/thread/671227
The main difference is a 417 status code instead of the 400 I got. But the problem here was that there was no payment processing certificate and I do have one of those.
I haven't checked with my processor to verify that the certificate is published, but I will do that soon. I wouldn't expect that to matter. Maybe it does?
What other reason could I be getting this error?
Could it be a problem with my merchant identity certificate? It took a lot of effort to make it work. But I suspect it's fine, otherwise I wouldn't be getting a response from Apple at all. I can't think of any other possible problems.