Apple Pay push provisioning

This endpoint is only used for Apple Pay push provisioning. It requires a certificate and a nonce from Apple.

For Apple there exists special sandbox cards in different regions that are listed here: https://developer.apple.com/apple-pay/sandbox-testing/. In order to be able to test this properly in Apple’s sandbox environment one of these cards must be used. This implies that you need to use special cardIds for getting the data. The cardId that Enfuce provides for this purpose are:

CardID: -1, card number: 5204 2477 5000 1471
CardID: -2, card number: 5204 2477 5000 1505
CardID: -3, card number: 5204 2477 5000 1497
CardID: -4, card number: 4761 1200 1000 0492
CardID: -5, card number: 4761 3497 5001 0326
CardID: -6, card number: 4761 2099 8001 1439

POST

{cardId}

provision

applepay

Apple Pay push provisioning

curl --request POST \
  --url 'https://integration-api-cat2.{{environment}}.ext.{{realm}}.cia.enfuce.com/wallet/v1/{cardId}/provision/applepay' \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "certificates": [
    "<string>"
  ],
  "nonce": "<string>",
  "nonceSignature": "<string>"
}
'

{
  "activationData": "<string>",
  "encryptedPassData": "<string>",
  "ephemeralPublicKey": "<string>"
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

cardId

integer<int64>

required

CardId for the card that should be provisioned (returned from card operation)

Query Parameters

auditUser

string

required

The audit user to log the request

Body

application/json

Provisioning data

certificates

string[]

required

List of base64 encoded X.509 certificates in the certificate chain.

nonce

string

required

Lowercase hex string of the nonce given to the application via delegate callback.

nonceSignature

string

required

Lowercase hex string of the nonce signature given to the application via delegate callback.

Response

activationData

string

required

The activationData is a Base64 encoded crypto OTP value which is sent to the payment scheme which they will validate by using keys shared with Enfuce.

Visa: WSD key
MC: TAV key

encryptedPassData

string

required

The encryptedPassData is base64 encoded for Visa and hex string for Mastercard. Encrypted payload contains these fields:

primaryAccountNuber - The full primary account number (PAN), digits only
expiration - The Expirateion date as a string. For example, 11/24
name - Name of the card holder
nonce - The hex string for the nooncle value, provided in the delegate callback
nonceSignature - The hext string for the nonce signatrue, provided in the delegate callback

ephemeralPublicKey

string

required

The ephemeralPublicKey is base64 encoded for Visa and hex string for Mastercard.

⌘I

Apple Pay push provisioning

curl --request POST \
  --url 'https://integration-api-cat2.{{environment}}.ext.{{realm}}.cia.enfuce.com/wallet/v1/{cardId}/provision/applepay' \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "certificates": [
    "<string>"
  ],
  "nonce": "<string>",
  "nonceSignature": "<string>"
}
'

{
  "activationData": "<string>",
  "encryptedPassData": "<string>",
  "ephemeralPublicKey": "<string>"
}