Exirom Payment API Documentation

POST /api/v1/apple-pay/merchant-session

Request an Apple Pay merchant session for use with the Apple Pay JS API. The origin must match a registered payment page domain. Pass the returned session object to completeMerchantValidation() in the Apple Pay JS API.

Guide: Apple Pay Guide — conceptual walkthrough, flow diagrams, and integration patterns.

#Headers

Header	Value
`Content-Type`	`application/json`
`Authorization`	`Bearer {token}` — see Authentication

#Request Body Parameters

Field	Type	Required	Description
`validationUrl`	String	Yes	Apple's validation URL provided by the Apple Pay JS API on the client side
`origin`	String	Yes	Origin of the page requesting the session (e.g. https://checkout.your-site.com). Must match a registered payment page domain.
`intentToken`	String	Yes	Payment intent token used to look up the intent and its Apple Pay configuration

#Response

Returns an opaque Apple Pay session object as a JSON string. Pass it directly to completeMerchantValidation() in the Apple Pay JS API — do not parse or modify it.

{
  "validationUrl": "https://yourserver.com/callback",
  "origin": "example_origin",
  "intentToken": "example_intentToken"
}

#Error Responses

HTTP Status	Description
`400`	Bad Request — missing or invalid parameters. Check the response body for field-level details.
`401`	Unauthorized — missing, expired, or invalid bearer token. Re-authenticate via `POST /api/v1/auth`.
`404`	Not Found — the requested resource does not exist.
`500`	Internal Server Error — an unexpected error occurred. Retry with exponential backoff.

curl -X POST https://sandbox.api.exirom.com/api/v1/apple-pay/merchant-session \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -d '{
  "validationUrl": "https://yourserver.com/callback",
  "origin": "example_origin",
  "intentToken": "example_intentToken"
}'

#Try It

SandboxTry it

https://sandbox.api.exirom.com/api·Production URL: contact your account manager

Auth Token

Request Body