Server-side
Make an endpoint that creates a PaymentIntent with an
amount
and
currency
. Always decide how much to charge on the server side, a trusted environment, as opposed to the client side. This prevents malicious customers from choosing their own prices.
curl
https://api.stripe.com/v1/payment_intents
\
-u
sk_test_4eC39HqLyjWDarjtT1zdp7dc
:
\
-d
"amount"
=
1099
\
-d
"currency"
=
"usd"
Client-side
Create a method that requests a PaymentIntent from your server:
function
PaymentScreen
(
)
{
const
fetchPaymentIntentClientSecret
=
async
(
)
=>
{
const
response
=
await
fetch
(
`
${
API_URL
}
/create-payment-intent
`
,
{
method
:
'POST'
,
headers
:
{
'Content-Type'
:
'application/json'
,
}
,
body
:
JSON
.
stringify
(
{
some
:
'value'
,
}
)
,
}
)
;
const
{
clientSecret
}
=
await
response
.
json
(
)
;
return
clientSecret
;
}
;
}
Troubleshooting
If you’re seeing errors from the Stripe API when attempting to create tokens, you most likely have a problem with your Apple Pay Certificate. You’ll need to generate a new certificate and upload it to Stripe, as described on this page. Make sure you use a CSR obtained from your Dashboard and not one you generated yourself. Xcode often incorrectly caches old certificates, so in addition to generating a new certificate, Stripe recommends creating a new Apple Merchant ID as well.
If you receive the error:
You haven’t added your Apple merchant account to Stripe
it’s likely your app is sending data encrypted with a previous (non-Stripe) CSR/Certificate. Make sure any certificates generated by non-Stripe CSRs are revoked under your Apple Merchant ID. If this doesn’t resolve the issue, delete the merchant ID in your Apple account and re-create it. Then, create a new certificate based on the same (Stripe-provided) CSR that was previously used. You don’t need to upload this new certificate to Stripe. When finished, toggle the Apple Pay Credentials off and on in your app to ensure they refresh properly.