Currently, 'Get Transaction History', 'Get Transaction Info', 'Get All Subscription Statuses' and 'Notifications V2' are being used in the App store Server API.
When I decoded the JWS received in response and checked the root certificate, it was always 'AppleRootCA-G3'.
Are there cases where the root certificate is not 'AppleRootCA-G3'?
Hello, our recommendation it to use all certs under the Root Certificates section of https://www.apple.com/certificateauthority, this is why when decoding and verifying with the App Store Server Library we accept an array of root certificates. Also, remember to check the appropriate OID values when verifying the certificates in the chain. The full process is described here https://developer.apple.com/videos/play/wwdc2023/10143?time=614