> ## Documentation Index > Fetch the complete documentation index at: https://docs.equalsmoney.com/llms.txt > Use this file to discover all available pages before exploring further. # Create an Apple digital wallet token > Creates a digital wallet token that can be added to an Apple wallet. This token represents a specific card, wallet, and device token. The card's data is encrypted using Apple’s own encryption key, meaning your PCI compliance overhead is reduced. After your request is successfully processed, you'll receive a ```DigitalWalletTokenTransition``` webhook containing the digital wallet token. You'll also be able to retrieve it using the [List digital wallet tokens](https://docs.equalsmoney.com/openapi/em-cards/operation/findDigitalWalletTokens/) endpoint. ## OpenAPI ````yaml /autogenerated/openapi/cards.openapi.json post /cards/{cardId}/apple-wallet openapi: 3.1.0 info: title: Cards API version: 2.0.0 description: Version 2 license: name: UNLICENSED url: https://docs.equalsmoney.com servers: - url: https://api.equalsmoney.com/v2 description: Production - url: https://api-sandbox.equalsmoney.com/v2 description: Sandbox security: [] paths: /cards/{cardId}/apple-wallet: post: tags: - Digital wallets summary: Create an Apple digital wallet token description: |2- Creates a digital wallet token that can be added to an Apple wallet. This token represents a specific card, wallet, and device token. The card's data is encrypted using Apple’s own encryption key, meaning your PCI compliance overhead is reduced. After your request is successfully processed, you'll receive a ```DigitalWalletTokenTransition``` webhook containing the digital wallet token. You'll also be able to retrieve it using the [List digital wallet tokens](https://docs.equalsmoney.com/openapi/em-cards/operation/findDigitalWalletTokens/) endpoint. operationId: provisionAppleWallet parameters: - name: cardId in: path required: true schema: description: The ID of the card to work with. type: - string format: uuid maxLength: 36 example: e9293471-5eb3-4dbc-916c-dbaf9e2deefd - name: accountId in: query schema: description: The ID of the account to work with. type: - string example: F50091 required: true - name: personId in: query schema: description: The ID of the person to work with. type: - string format: uuid maxLength: 36 example: 775596ae-2624-40af-a9dc-9756110a4a04 requestBody: description: Body content: application/json: schema: type: - object properties: deviceType: description: >- The type of device into which the digital wallet token is provisioned. type: - string enum: - MOBILE_PHONE - TABLET - WATCH example: WATCH provisioningAppVersion: type: - string maxLength: 50 description: >- The version of the application making the provisioning request. This is used for debugging and fraud prevention. example: 2.11.1 certificates: type: - array items: type: - string description: >- The Base64-encoded leaf and sub-CA certificates provided by Apple. The first element of the array should be the leaf certificate, followed by the sub-CA. example: >- ['MIIEPDCCA+KgAwIBAgICEAAwCQYHKoZIzj', 'MIIDZjCCAw2gAwIBAgIJAJx22AGaEPSgMA'] nonce: type: - string description: >- The single-use nonce provided by Apple for security purposes. example: vXWJaBidcTLaJJCF nonceSignature: type: - string description: The signature to the nonce provided by Apple. example: jD4Aphu+93N2wbBn required: - deviceType - provisioningAppVersion - certificates - nonce - nonceSignature example: deviceType: WATCH provisioningAppVersion: 2.11.1 certificates: >- ['MIIEPDCCA+KgAwIBAgICEAAwCQYHKoZIzj', 'MIIDZjCCAw2gAwIBAgIJAJx22AGaEPSgMA'] nonce: vXWJaBidcTLaJJCF nonceSignature: jD4Aphu+93N2wbBn responses: '201': description: Created content: application/json: schema: type: - object properties: deviceType: description: >- The type of device into which the digital wallet token is provisioned. type: - string enum: - MOBILE_PHONE - TABLET - WATCH example: WATCH provisioningAppVersion: type: - string maxLength: 50 description: >- The version of the application making the provisioning request. This is used for debugging and fraud prevention. example: 2.11.1 certificates: type: - array items: type: - string description: >- The Base64-encoded leaf and sub-CA certificates provided by Apple. The first element of the array should be the leaf certificate, followed by the sub-CA. example: >- ['MIIEPDCCA+KgAwIBAgICEAAwCQYHKoZIzj', 'MIIDZjCCAw2gAwIBAgIJAJx22AGaEPSgMA'] nonce: type: - string description: >- The single-use nonce provided by Apple for security purposes. example: vXWJaBidcTLaJJCF nonceSignature: type: - string description: The signature to the nonce provided by Apple. example: jD4Aphu+93N2wbBn encryptedPassData: type: - string description: >- A payload encrypted with a shared key derived from the Apple Public Certificates and the generated ephemeral private key. example: w9NGKYa3OkPGeQ+FmAKGga activationData: type: - string description: >- A cryptographic one-time passcode conforming to the specifications of the payment network operator or service provider. example: TUJQQUMtMS1GSy03NDgwNTIuMS0tVERF ephemeralPublicKey: type: - string description: >- The ephemeral public key used for the provisioning attempt. example: BMop3NufgKwy/r0GX1muvomvw example: deviceType: WATCH provisioningAppVersion: 2.11.1 certificates: >- ['MIIEPDCCA+KgAwIBAgICEAAwCQYHKoZIzj', 'MIIDZjCCAw2gAwIBAgIJAJx22AGaEPSgMA'] nonce: vXWJaBidcTLaJJCF nonceSignature: jD4Aphu+93N2wbBn encryptedPassData: w9NGKYa3OkPGeQ+FmAKGga activationData: TUJQQUMtMS1GSy03NDgwNTIuMS0tVERF ephemeralPublicKey: BMop3NufgKwy/r0GX1muvomvw security: - CommonAuth: - apple-wallet:provision:own x-codeSamples: - lang: Shell label: cURL source: |- curl --request POST \ --url 'https://api.equalsmoney.com/v2/cards/{cardId}/apple-wallet?accountId={{accountId}}' \ --header 'Authorization: ' \ --header 'Content-Type: application/json' \ --data ' { "deviceType": "WATCH", "provisioningAppVersion": "2.11.1", "certificates": "['MIIEPDCCA+KgAwIBAgICEAAwCQYHKoZIzj', 'MIIDZjCCAw2gAwIBAgIJAJx22AGaEPSgMA']", "nonce": "vXWJaBidcTLaJJCF", "nonceSignature": "jD4Aphu+93N2wbBn" } ' components: securitySchemes: CommonAuth: type: apiKey in: header name: Authorization ````