> ## Documentation Index > Fetch the complete documentation index at: https://docs.enfuce.com/llms.txt > Use this file to discover all available pages before exploring further. # Apple Pay push provisioning > This endpoint is only used for Apple Pay push provisioning. It requires a certificate and a nonce from Apple. For Apple there exists special sandbox cards in different regions that are listed here: https://developer.apple.com/apple-pay/sandbox-testing/. In order to be able to test this properly in Apple's sandbox environment one of these cards must be used. This implies that you need to use special cardIds for getting the data. The cardId that Enfuce provides for this purpose are: - CardID: `-1`, card number: `5204 2477 5000 1471` - CardID: `-2`, card number: `5204 2477 5000 1505` - CardID: `-3`, card number: `5204 2477 5000 1497` - CardID: `-4`, card number: `4761 1200 1000 0492` - CardID: `-5`, card number: `4761 3497 5001 0326` - CardID: `-6`, card number: `4761 2099 8001 1439` ## OpenAPI ````yaml wallet post /v1/{cardId}/provision/applepay openapi: 3.0.3 info: version: '1' title: Wallet operations contact: name: Enfuce Financial Services url: https://enfuce.com email: info@enfuce.com x-logo: url: resources/enfuce.svg altText: Enfuce logo description: > Wallet API enables getting needed data for tokenization and enablement in programs like Apple Pay and Google Pay, and Visa Click to Pay. #### Terms used
Term Definition
Customer End customer using financial institution's mobile application
In-app activation Wallet provisioning using financial institution app as authentication method
In-app provisioning Mastercard's term for push provisioning
Push provisioning VISA's term for pushing card details from within mobile application. This term will be used in this document
Wallet provider Such as Apple Pay, Google Pay or Samsung Pay
It's called in two cases: - *Push provisioning* - this is usually done within issuers own application and card holder does not need to enter any information. Then the different endpoints for push provisioning must be used. - *In-app activation* - activating a card by manually adding information, then endpoint for generate activation data must be used after authentication of end customer is completed. ![ Provisioning example ](https://enfuce-public-resources.s3.eu-central-1.amazonaws.com/public/wallet_push_prov.svg) In above case the difference between push provisioning and in-app activation is which endpoint that is called in step 3. Note that diagram above is a simplification of full flow in order to explain it from a developer point of view. servers: - url: >- https://integration-api-cat2.{{environment}}.ext.{{realm}}.cia.enfuce.com/wallet - url: https://integration-api-cat2.live.ext.prod.cia.enfuce.com/wallet description: Live environment security: [] tags: - name: Push Provision - name: Activation data - name: Get tokens - name: Visa Click2Pay Enrol and Manage - name: Token Management paths: /v1/{cardId}/provision/applepay: post: tags: - Push Provision summary: Apple Pay push provisioning description: > This endpoint is only used for Apple Pay push provisioning. It requires a certificate and a nonce from Apple. For Apple there exists special sandbox cards in different regions that are listed here: https://developer.apple.com/apple-pay/sandbox-testing/. In order to be able to test this properly in Apple's sandbox environment one of these cards must be used. This implies that you need to use special cardIds for getting the data. The cardId that Enfuce provides for this purpose are: - CardID: `-1`, card number: `5204 2477 5000 1471` - CardID: `-2`, card number: `5204 2477 5000 1505` - CardID: `-3`, card number: `5204 2477 5000 1497` - CardID: `-4`, card number: `4761 1200 1000 0492` - CardID: `-5`, card number: `4761 3497 5001 0326` - CardID: `-6`, card number: `4761 2099 8001 1439` operationId: provisionApplePay parameters: - name: cardId in: path description: >- CardId for the card that should be provisioned (returned from card operation) required: true schema: type: integer format: int64 - name: auditUser in: query description: The audit user to log the request required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/ProvisioningData' description: Provisioning data required: true responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/ResponseProvisioning' '401': description: Unauthorized '403': description: Forbidden '404': description: Not Found deprecated: false components: schemas: ProvisioningData: type: object required: - certificates - nonce - nonceSignature properties: certificates: type: array items: type: string description: List of base64 encoded X.509 certificates in the certificate chain. nonce: type: string description: >- Lowercase hex string of the nonce given to the application via delegate callback. nonceSignature: type: string description: >- Lowercase hex string of the nonce signature given to the application via delegate callback. title: ProvisioningData ResponseProvisioning: type: object required: - activationData - encryptedPassData - ephemeralPublicKey properties: activationData: type: string description: > The activationData is a Base64 encoded crypto OTP value which is sent to the payment scheme which they will validate by using keys shared with Enfuce. - Visa: WSD key - MC: TAV key encryptedPassData: type: string description: > The encryptedPassData is base64 encoded for Visa and hex string for Mastercard. Encrypted payload contains these fields: - primaryAccountNuber - The full primary account number (PAN), digits only - expiration - The Expirateion date as a string. For example, 11/24 - name - Name of the card holder - nonce - The hex string for the nooncle value, provided in the delegate callback - nonceSignature - The hext string for the nonce signatrue, provided in the delegate callback ephemeralPublicKey: type: string description: > The ephemeralPublicKey is base64 encoded for Visa and hex string for Mastercard. title: ResponseProvisioning ````