Create Apple Pay token
Connect an Apple Pay token to the specified account.
Read our Apple Pay tutorial to learn more.
The token data is defined by Apple Pay and should be passed through from Apple Pay's response unmodified.
To access this endpoint using an access token
you'll need to specify the /accounts/{accountID}/cards.write scope.
POST
/accounts/{accountID}/apple-pay/tokens
curl -X POST "https://api.moov.io/accounts/{accountID}/apple-pay/tokens" \
-H "Authorization: Bearer {token}" \
-H "x-moov-version: v2024.01.00" \
--data-raw '{
"token": {
"paymentData": {
"version": "EC_v1",
"data": "3+f4oOTwPa6f1UZ6tG...CE=",
"signature": "MIAGCSqGSIb3DQ.AAAA==",
"header": {
"ephemeralPublicKey":"MFkwEK...Md==",
"publicKeyHash": "l0CnXdMv...D1I=",
"transactionId": "32b...4f3"
}
},
"paymentMethod": {
"displayName": "Visa 1234",
"network": "Visa",
"type":"debit"
},
"transactionIdentifier": "32b...4f3"
},
"billingContact": {
"addressLines": [
"123 Sesame Street"
],
"locality": "Phoenix",
"postalCode": "30345",
"administrativeArea": "AZ",
"countryCode": "US"
}
}'\
mc, _ := moov.NewClient()
var accountID string
address := moov.ApplePayBillingContact{
AddressLines: []string{
"123 Sesame Street",
},
Locality: "Phoenix",
PostalCode: "30345",
AdministrativeArea: "AZ",
CountryCode: "US",
}
token := moov.ApplePayToken{
PaymentData: moov.ApplePaymentData{
Version: "EC_v1",
Data: "3+f4oOTwPa6f1UZ6tG...CE=",
Signature: "MIAGCSqGSIb3DQ.AAAA==",
Header: moov.ApplePaymentDataHeader{
EphemeralPublicKey: "MFkwEK...Md==",
PublicKeyHash: "l0CnXdMv...D1I=",
TransactionId: "32b...4f3",
},
},
PaymentMethod: moov.ApplePaymentMethod{
DisplayName: "Visa 1234",
Network: "Visa",
Type: "debit",
},
TransactionIdentifier: "32b...4f3",
}
mc.LinkApplePayToken(ctx, accountID,
moov.LinkApplePay{
Token: token,
BillingContact: address,
})
import { SDK } from "openapi";
const sdk = new SDK({
xMoovVersion: "v2024.01.00",
});
async function run() {
const result = await sdk.applePay.linkToken({
accountID: "bf498c07-3852-4060-b561-bf992e26a851",
linkApplePay: {
token: {
paymentData: {
version: "EC_v1",
data: "3+f4oOTwPa6f1UZ6tG...CE=",
signature: "MIAGCSqGSIb3DQ.AAAA==",
header: {
ephemeralPublicKey: "MFkwEK...Md==",
publicKeyHash: "l0CnXdMv...D1I=",
transactionId: "32b...4f3",
},
},
paymentMethod: {
displayName: "Visa 1234",
network: "Visa",
type: "debit",
},
transactionIdentifier: "32b...4f3",
},
billingContact: {
addressLines: [
"123 Sesame Street",
],
locality: "Phoenix",
postalCode: "30345",
administrativeArea: "AZ",
countryCode: "US",
},
},
});
console.log(result);
}
run();declare(strict_types=1);
require 'vendor/autoload.php';
use OpenAPI\OpenAPI;
use OpenAPI\OpenAPI\Models\Components;
$sdk = OpenAPI\SDK::builder()
->setXMoovVersion('v2024.01.00')
->build();
$linkApplePay = new Components\LinkApplePay(
token: new Components\LinkApplePayToken(
paymentData: new Components\LinkApplePaymentData(
version: 'EC_v1',
data: '3+f4oOTwPa6f1UZ6tG...CE=',
signature: 'MIAGCSqGSIb3DQ.AAAA==',
header: new Components\ApplePayHeader(
ephemeralPublicKey: 'MFkwEK...Md==',
publicKeyHash: 'l0CnXdMv...D1I=',
transactionId: '32b...4f3',
),
),
paymentMethod: new Components\LinkApplePaymentMethod(
displayName: 'Visa 1234',
network: 'Visa',
type: 'debit',
),
transactionIdentifier: '32b...4f3',
),
billingContact: new Components\AppleBillingContact(
addressLines: [
'123 Sesame Street',
],
locality: 'Phoenix',
postalCode: '30345',
administrativeArea: 'AZ',
countryCode: 'US',
),
);
$response = $sdk->applePay->linkToken(
accountID: 'bf498c07-3852-4060-b561-bf992e26a851',
linkApplePay: $linkApplePay
);
if ($response->linkedApplePayPaymentMethod !== null) {
// handle response
}from openapi import SDK
with SDK(
x_moov_version="v2024.01.00",
) as sdk:
res = sdk.apple_pay.link_token(account_id="bf498c07-3852-4060-b561-bf992e26a851", token={
"payment_data": {
"version": "EC_v1",
"data": "3+f4oOTwPa6f1UZ6tG...CE=",
"signature": "MIAGCSqGSIb3DQ.AAAA==",
"header": {
"ephemeral_public_key": "MFkwEK...Md==",
"public_key_hash": "l0CnXdMv...D1I=",
"transaction_id": "32b...4f3",
},
},
"payment_method": {
"display_name": "Visa 1234",
"network": "Visa",
"type": "debit",
},
"transaction_identifier": "32b...4f3",
}, billing_contact={
"address_lines": [
"123 Sesame Street",
],
"locality": "Phoenix",
"postal_code": "30345",
"administrative_area": "AZ",
"country_code": "US",
})
# Handle response
print(res)package hello.world;
import java.lang.Exception;
import java.util.List;
import org.openapis.openapi.SDK;
import org.openapis.openapi.models.components.*;
import org.openapis.openapi.models.errors.GenericError;
import org.openapis.openapi.models.errors.LinkApplePayError;
import org.openapis.openapi.models.operations.LinkApplePayTokenResponse;
public class Application {
public static void main(String[] args) throws GenericError, LinkApplePayError, Exception {
SDK sdk = SDK.builder()
.xMoovVersion("v2024.01.00")
.build();
LinkApplePayTokenResponse res = sdk.applePay().linkToken()
.accountID("bf498c07-3852-4060-b561-bf992e26a851")
.linkApplePay(LinkApplePay.builder()
.token(LinkApplePayToken.builder()
.paymentData(LinkApplePaymentData.builder()
.version("EC_v1")
.data("3+f4oOTwPa6f1UZ6tG...CE=")
.signature("MIAGCSqGSIb3DQ.AAAA==")
.header(ApplePayHeader.builder()
.publicKeyHash("l0CnXdMv...D1I=")
.transactionId("32b...4f3")
.ephemeralPublicKey("MFkwEK...Md==")
.build())
.build())
.paymentMethod(LinkApplePaymentMethod.builder()
.displayName("Visa 1234")
.network("Visa")
.type("debit")
.build())
.transactionIdentifier("32b...4f3")
.build())
.billingContact(AppleBillingContact.builder()
.addressLines(List.of(
"123 Sesame Street"))
.locality("Phoenix")
.postalCode("30345")
.administrativeArea("AZ")
.countryCode("US")
.build())
.build())
.call();
if (res.linkedApplePayPaymentMethod().isPresent()) {
// handle response
}
}
}require 'openapi'
Models = ::OpenApiSDK::Models
s = ::OpenApiSDK::SDK.new(
x_moov_version: 'v2024.01.00',
)
res = s.apple_pay.link_token(account_id: 'bf498c07-3852-4060-b561-bf992e26a851', link_apple_pay: Models::Components::LinkApplePay.new(
token: Models::Components::LinkApplePayToken.new(
payment_data: Models::Components::LinkApplePaymentData.new(
version: 'EC_v1',
data: '3+f4oOTwPa6f1UZ6tG...CE=',
signature: 'MIAGCSqGSIb3DQ.AAAA==',
header: Models::Components::ApplePayHeader.new(
ephemeral_public_key: 'MFkwEK...Md==',
public_key_hash: 'l0CnXdMv...D1I=',
transaction_id: '32b...4f3',
),
),
payment_method: Models::Components::LinkApplePaymentMethod.new(
display_name: 'Visa 1234',
network: 'Visa',
type: 'debit',
),
transaction_identifier: '32b...4f3',
),
billing_contact: Models::Components::AppleBillingContact.new(
address_lines: [
'123 Sesame Street',
],
locality: 'Phoenix',
postal_code: '30345',
administrative_area: 'AZ',
country_code: 'US',
),
))
unless res.linked_apple_pay_payment_method.nil?
# handle response
endThe request completed successfully.
{
"paymentMethodID": "string",
"paymentMethodType": "moov-wallet",
"applePay": {
"brand": "Visa",
"cardType": "credit",
"cardDisplayName": "Visa 1256",
"fingerprint": "9948962d92a1ce40c9f918cd9ece3a22bde62fb325a2f1fe2e833969de672ba3",
"expiration": {
"month": "01",
"year": "21"
},
"dynamicLastFour": "string",
"issuerCountry": "US"
}
}Response headers
x-request-id
string
required
A unique identifier used to trace requests.
The server could not understand the request due to invalid syntax.
{
"error": "string"
}Response headers
x-request-id
string
required
A unique identifier used to trace requests.
The request contained missing or expired authentication.
Response headers
x-request-id
string
required
A unique identifier used to trace requests.
The user is not authorized to make the request.
Response headers
x-request-id
string
required
A unique identifier used to trace requests.
The requested resource was not found.
Response headers
x-request-id
string
required
A unique identifier used to trace requests.
The request conflicted with the current state of the target resource.
{
"error": "string"
}Response headers
x-request-id
string
required
A unique identifier used to trace requests.
The request was well-formed, but the contents failed validation. Check the request for missing or invalid fields.
{
"error": "string",
"paymentData": "string",
"paymentMethod": "string",
"transactionIdentifier": "string"
}Response headers
x-request-id
string
required
A unique identifier used to trace requests.
Request was refused due to rate limiting.
Response headers
x-request-id
string
required
A unique identifier used to trace requests.
The request failed due to an unexpected error.
Response headers
x-request-id
string
required
A unique identifier used to trace requests.
The request failed because a downstream service failed to respond.
Response headers
x-request-id
string
required
A unique identifier used to trace requests.
Headers
X-Moov-Version
string
Specify an API version.
API versioning follows the format vYYYY.QQ.BB, where
YYYYis the yearQQis the two-digit month for the first month of the quarter (e.g., 01, 04, 07, 10)BBis the build number, starting at.01, for subsequent builds in the same quarter.- For example,
v2024.01.00is the initial release of the first quarter of 2024.
- For example,
The latest version represents the most recent development state. It may include breaking changes and should be treated as a beta release.
When no version is specified, the API defaults to v2024.01.00.
Path parameters
accountID
string
required
ID of the Moov account representing the cardholder.
Body
application/json
The JSON structure returned from Apple Pay when authorizing a payment session.
Refer to Apple's documentation for more information.
token
object
required
Contains the user's payment information as returned from Apple Pay.
Refer to Apple's documentation for more information.
Show child attributes
paymentData
object
required
Contains the encrypted payment data.
Refer to Apple's documentation for more information.
Show child attributes
data
string
required
The encrypted, base64-encoded payment data.
header
object
required
Information needed to decrypt Apple Pay payment data.
Refer to Apple's documentation for more information.
Show child attributes
publicKeyHash
string
required
A base64-encoded, SHA-256 hash of the merchant's public key.
transactionId
string
required
A device-generated identifier for the transaction.
ephemeralPublicKey
string
Base64-encoded ephemeral public key, used for ECC-encrypted payment data.
signature
string
required
A base64 encoded signature of the payment and header data.
version
string
required
Specifies the encryption used for the payment token ("EC_v1" or "RSA_v1").
paymentMethod
object
required
Provides information about the underlying card.
Refer to Apple's documentation for more information.
Show child attributes
displayName
string
required
A display-friendly discription of the card.
network
string
required
The card's payment network.
type
string
required
The type of card.
transactionIdentifier
string
required
A unique identifier provided by Apple Pay for this payment.
billingContact
object
Billing contact information as returned from Apple Pay.
Refer to Apple's documentation for more information.
Show child attributes
addressLines
array<string>
Address lines 1 and 2 for the contact.
administrativeArea
string
The contact's two-letter state code.
countryCode
string
The contact's two-letter ISO 3166
locality
string
The contact's city.
postalCode
string
The contact's postal code.
Response
applePay
object
required
Describes an Apple Pay token on a Moov account.
Show child attributes
brand
string<enum>
required
The card brand.
Possible values:
American Express,
Discover,
Mastercard,
Visa,
Unknown
cardDisplayName
string
required
User-friendly name of the tokenized card returned by Apple.
It usually contains the brand and the last four digits of the underlying card. There is no standard format.
cardType
string<enum>
required
The type of the card.
Possible values:
debit,
credit,
prepaid,
unknown
dynamicLastFour
string
required
The last four digits of the Apple Pay token, which may differ from the tokenized card's last four digits.
expiration
object
required
The expiration date of the card or token.
Show child attributes
month
string
2 characters
required
year
string
2 characters
required
fingerprint
string
<=100 characters
required
Uniquely identifies a linked payment card or token.
For Apple Pay, the fingerprint is based on the tokenized card number and may vary based on the user's device.
This field can be used to identify specific payment methods across multiple accounts on your platform.
issuerCountry
string
Country where the underlying card was issued.
paymentMethodID
string
required
The new payment method's ID.
paymentMethodType
string<enum>
required
The payment method type that represents a payment rail and directionality
Possible values:
moov-wallet,
ach-debit-fund,
ach-debit-collect,
ach-credit-standard,
ach-credit-same-day,
rtp-credit,
card-payment,
push-to-card,
pull-from-card,
apple-pay,
card-present-payment