I am trying to understand the correct flow for a mobile app/server app - auto-renewable subscriptions.
Since verifyReceipt has been marked as deprecated, I am struggling with how I should link an App Store Server Notification v2 message with a user in the database.
Currently, the process is as follows:
First, the mobile application calls our server with receipt-data. Second, the server calls verifyReceipt to validate the receipt. Then, I am able to match the user's subscription/transaction with their data (using an internal JWT with user data from the first step and originalTransactionId from decoded verifyReceipt response). If we omit the first step, how would I determine who should receive the App Store Server Notification v2 message?