Greetings,
We are using the paymentSession API to create sessions using the merchant ID and domain for our apple pay integration. We noticed that on production env, things work as expected and invalid domains don't create session. But while using this api on sandbox, we noticed that even invalid TLDs and unregistered domains are allowed to create sessions. is this expected? if yes, is it possible to make sure sandbox works the same way as production? We are trying to validate the working on internal merchant identifier and the discrepancy is making it harder to do so.
The API link - https://apple-pay-gateway.apple.com/paymentservices/paymentSession
Thank you!