Technical Checklist

All the all technical tasks involving an onboarding, wich are not part of the integration itself.

This article summarizes all the aspects of an onbording that have to be tackled in paralel to the integration itself.

Active Directory

To provision accounts in Wapping, we have two models depending on how you manage authentication within your organization.

If you use Microsoft Entra ID (Azure AD) to manage identities and have a Microsoft Azure tenant for this, we can use B2B Direct Connect, so we can grant access and permissions directly with your accounts.
This works by connecting a group from your tenant to an application in Wapping’s tenant. This is the most convenient option since you would manage which users have access through a group, and they would authenticate using your policies (multi-factor authentication, specific endpoints, etc.).

If you do not use this method internally, no problem—we create the access in a dedicated tenant on our side to do the same thing, using accounts separate from your organization and handled by Wapping.

B2B Direct Connect

For B2B Direct Connect, some configurations need to be done on both tenants, for which we will need your Tenant ID and the ID of the group created. With this information, we can configure the access rules in Wapping’s tenant.

On your side, you will need to perform the configuration described below.
You will need Wapping’s Tenant ID: 04e5d7b8-5a57-4f70-9091-a9a93dfe3cbe

With this, in Azure you can go to: Entra ID > External Identities > Cross-tenant access settings

Then, click on “Add organization” and add Wapping’s Tenant ID.

Once added, you can configure the permissions. Here you can define inbound and outbound rules.
For inbound rules, you can block all connections, since Wapping’s tenant will not access any part of yours.
For outbound rules, you must allow your users to connect to our tenant. By editing these rules, you can define in the B2B

Direct Connect section the access for the group you just created.


*Please note that to specify users or groups, you need Microsoft Entra ID Premium. If you do not have it, that’s fine—the result will be that all your users will have “access” to the platform.
This is not an issue because the Manager has a second layer of permission management, through which you can grant access to your users and define who can see each section, report, etc. We will review this in more detail when necessary.

Once the configuration is complete, we will need the email address of a user who is in the group (if applicable) to configure access and test that everything is properly linked.


Domains

A subdomain needs to be created to direct to the Customer Wallet so that clients can access it through one of your corporate URLs and to secure it in case it's embedded in the ecommerce via iframe.

The first step is to decide what the URL for this Wallet will be. It should follow the format: club.yourdomain.com
This is more of a business decision regarding what public address you want to configure.

From a technical perspective, this is done by creating a CNAME record in your DNS. It’s a simple configuration to point the domain you choose to our Wallet Web App.
Therefore, the DNS entry to create will be:

(CNAME) club.yourdomain.com  >  wapping-app-customer-wallet-pro-northeu.azurewebsites.net

Google and Apple Stores

📘

This step will only be required if Wapping is the one providing the Mobile App and/or the Wallet Pass integrations.

If the business is going to use the custom APP provided by Wapping, it will be necessary to create an account in its name on the Apple and Google Stores. The APPs are published under the business’s name (Wapping is not visible to the end customer), and therefore the business needs to have its own account on the stores.

Below are the steps to follow for each store:

GOOGLE

  • Create a Google account
    Associate it with the developer program (https://play.google.com/console/u/0/developers)
  • Pay the fee (€25 one-time payment)
  • Wait for validation (it can take from a couple of days up to 1 week)
  • Create the APP descriptions (texts + screenshots) required by Google

APPLE

  • Create an Apple account
  • Associate it with the developer program (https://developer.apple.com/)
  • Pay the fee (€99 per year)
  • Complete the registration process with the company and owner’s details (the process should be done by the owner or someone using their details; no one else’s details are accepted. They perform validation and may even call by phone, which is why it must be the owner).
  • Register the company with its DUNS number. If you already have one, you need to enter it during registration; if not, you must request it (https://developer.apple.com/support/D-U-N-S/) (this can take up to 1 week)
  • Wait for the developer account to be validated (it can take from a couple of days up to several weeks)
  • Create the APP descriptions (texts + screenshots) required by Apple


Wallet Passes

To manage Wallet Passes, the respective certificates are required to generate them on behalf of the business.

Below are the steps for each platform:

GOOGLE

  • Step 1: Create an account and project in Google Cloud.

  • Step 2: Enable API, create a service account, and export the key.

  • To manage Passes, you need a Google Cloud account with a project created to support this functionality.

  • With this project selected, go to the APIs section.

  • Then, enable the Google Pay Passes / Wallet API
    https://console.cloud.google.com/apis/dashboard

  • Next, create a Service Account (Credentials > Service Accounts).

  • Within this account, add a Key in .p12 format.

📘

This key should be sent to Wapping, who will securely store it in a keyVault to generate passes using this service account.

Then, create a loyalty-type class with the following properties:


Issuer Name: <business-name>
Class ID: 1
Status: APPROVED
Logo Image URL: <URL provided by Wapping>
Background Color (Hex): #292929
Callback URL: https://wallet-pass-pro.b2w.app/v1/GooglePayCallbacks
Program Name: <program-name>

APPLE

This will be sent to Wapping, who will securely store it and use it to create wallet passes on behalf of the business.