I am using it in conjunction with my own server verifyReceipt endpoint and store subscription data on server, along with original transaction id + user id.
First, terminology for below situations:
appuser = user login for my own app
appstore user = user login for iTunes / appstore
However, I am confused on a few things:
What should be the source of truth?
For entitlement engine to work, receipt must be sent to server. If appuser signs in on Device A, purchases product P, then signs in on Device B, no / empty receipt will exist on Device B.
Obviously, this appuser will download subscription data I stored on server during previous verifyReceipt call. Is this OK? How do I know if my server knows the truth about this appuser?
Should this be restoreTransaction flow, or simple REST call? If my server holds latest subscription data based on receipts, what should restoreTransaction do?
Also, if appuser remains the same, but appstore user changes (different itunes id) - what is the way to tackle?
1 - Is Apple OK if I allow access to purchased content via this appUser but different appstore user who never purchased it?
2 - Vice versa, if appuser is altered, but appstore user remains the same, what is correct entitlement?
Does Apple has any say on above 2 scenarios or is it just me who gets to decide?
Probably too many questions, but it is bit confusing in conjunction with storekit callbacks (transaction observers etc) and I am wondering if there is well-established universal approach other developers are following....
Thanks for the feedback! Glad to hear you found the session useful.
Let's see if I can do my best to answer your questions:
Storing the receipt on your server is recommended so that you can refresh your backend data or update entitlement info on your backend when changes occur via App Store Server notifications.For entitlement engine to work, receipt must be sent to server. If appuser signs in on Device A, purchases product P, then signs in on Device B, no / empty receipt will exist on Device B.
But you are correct, you will want to associate this with an appuser (using the terminology you menitoned), so that you can provide login across devices and off-platform.
When an appstore user (user login for iTunes / appstore) downloads the app on a different device, the receipt will also contain their purchases. If it is up-to-date, it should contain the same in-app subscription transactions as the other device.
You should use the Apple receipt as the as the source of truth for the user so that the user is always able to get the access associated with the receipt they are presenting.Obviously, this appuser will download subscription data I stored on server during previous verifyReceipt call. Is this OK? How do I know if my server knows the truth about this appuser?
Are you referring to the StoreKit restore or something else? You will need to support restoring transactions with StoreKit so that the user can receive the service reflected by the transactions within the receipt. If your server does not have a receipt or the data is incorrect, you will need to support a flow where the user can restore their purchases on device. After the receipt is refreshed on deviced, you can send that to your server to determine which content should be unlocked.Should this be restoreTransaction flow, or simple REST call? If my server holds latest subscription data based on receipts, what should restoreTransaction do?
Yes, this is allowed. Make sure you aren't accidentally replacing the receipt containing no purchases with the one that does have the active subscription.1 - Is Apple OK if I allow access to purchased content via this appUser but different appstore user who never purchased it?
You may choose to have a premium level of service that supports multiple users for one subscription or require that a subscription only be associated with a single account at a time. If you so choose, you can prompt the user to sign in with the App Store account that has the active subscription in order to access the subscription content.2 - Vice versa, if appuser is altered, but appstore user remains the same, what is correct entitlement?