Server to server notification v2, is verify receipt mandatory ?

App Store Distribution & Marketing General
Mohdis OP
Created Oct ’22
Replies 2
Boosts 0
Views 2.5k
Participants 3

I have done my app backend server to listen to server subscription notification, but in somewhere in the apple documentations I read that you have to verify receipt for every notification received to my server, if I didn't the notification will be send many times in specific times .

is verify receipt mandatory for subscription notifications ?

Answered by App Store Commerce Engineer in 733301022

If you are using App Store Server notifications V2, it sends you signed data. Each of the signed JWS representations, signedPayloadsignedTransactionInfo, and signedRenewalInfo, have a JWS signature that you can validate on your server. Use the algorithm specified in the header’s alg parameter to validate the signature. There's no need to additionally verify it with another call to Apple servers.

For more information see:

Replies  2
Boosts  0
Views  2.5k
Participants  3
App Store Commerce Engineer OP
Apple
Oct ’22
Accepted Answer

If you are using App Store Server notifications V2, it sends you signed data. Each of the signed JWS representations, signedPayloadsignedTransactionInfo, and signedRenewalInfo, have a JWS signature that you can validate on your server. Use the algorithm specified in the header’s alg parameter to validate the signature. There's no need to additionally verify it with another call to Apple servers.

For more information see:

0
App Store Commerce Engineer OP
Apple
Oct ’22

I’m unfamiliar with such guidance but with v2 server notifications there is no app receipt anyways but the transactions are signed so you can verify without needing to make a request to App Store Server API

0
Server to server notification v2, is verify receipt mandatory ?
First post date Last post date
 
 
Q