May 15, 2022
Posted by: Rahul Upadhyay
Disclaimer: Helpful document for the coder.
Verify In-App purchase/subscription from Google Play Store and Apple Store
This will be the first API call from the mobile app to send the purchase details to the backend.
Parameters |
|
item_id |
|
receipt |
iPhone should pass the receipt_data and the Android should pass the purchase_token |
platform |
Either “google” or “apple” |
is_renewable |
Optional parameter for Android only. iPhone devices can skip this parameter. 1 = True, 0 = False |
Now, let’s understand the flow by following the sequence diagram
This will be another API call from the mobile app to verify the purchase period and the Backend is checking this on daily basis with the CRON (The CRON is a software utility, offered by a Linux-like operating system that automates the scheduled task at a predetermined time.)
Now, let’s understand the flow by following the sequence diagram:
When the “platform” is “google”, the backend needs to verify the purchase token stored in the key “receipt”. To do so, the backend team needs the Service Account JSON file to communicate with the Google Play Developer API. To get the purchased details and to verify it, you have to check, if you are checking for product purchase or subscription purchase.
https://accounts.google.com/o/oauth2/token
https://www.googleapis.com/auth/androidpublisher
Note: The URL uses gRPC Transcoding syntax.
Checks the purchase and consumption status of an in-app item.
HTTP request
GET
Checks whether a user's subscription purchase is valid and returns its expiry time.
Parameters |
|
packageName |
|
productId |
The package name of the application the in-app product was sold in (e.g., 'com.devdigital.app.tier1.package1'). |
subscriptionId |
The purchase subscription id (e.g., 'com.devdigital.app.tier1.monthly') |
purchaseToken |
The purchase token stored in the database by the user |
accessToken |
The access token generated with OAuth Steps |
This is what subscription response looks like,
When the “platform” is “apple”, the backend needs to verify the receipt-data stored in the key “receipt”.
Requirements:
Send a receipt to the App Store for verification HTTP requests.
HTTP request
Sandbox URL: https://sandbox.itunes.apple.com/verifyReceipt
Production URL: https://buy.itunes.apple.com/verifyReceiptMethod: POST
HTTP Body: requestBody
Response Codes:
200 - responseBody
https://sandbox.itunes.apple.com/verifyReceipt
https://buy.itunes.apple.com/verifyReceipt
https://accounts.google.com/o/oauth2/token
https://www.googleapis.com/auth/androidpublisher