How to switch in-app-purchases from sandbox to production?

Question

Etherealis OP

Created 1d

Replies 2

Boosts 0

Participants 3

Hello all,

I am new to implementing payments in an app, and thus completely at sea here.

I have created a small app that I have set a one-time (non-consumable) payment for a premium version. In the Xcode simulator (on all platforms) and on any physical test devices I have tried, the payment works as expected. I have a sandbox account and various test accounts, both dummy and actual real accounts (friends and family). Everywhere everything works perfectly fine.

Yet, when I submit for review I get a rejection with this contents:

We found that your in-app purchase products exhibited one or more bugs which create a poor user experience. Specifically, the app still failed to load the in-app purchase. Please review the details and resources below and complete the next steps.

Review device details:

Device type: iPad Air (5th generation)
OS version: iPadOS 18.6

Next Steps

When validating receipts on your server, your server needs to be able to handle a production-signed app getting its receipts from Apple’s test environment. The recommended approach is for your production server to always validate receipts against the production App Store first. If validation fails with the error code "Sandbox receipt used in production," you should validate against the test environment instead.

Additionally, note that the Account Holder must accept the Paid Apps Agreement in the Business section of App Store Connect before paid in-app purchases will function.

Resources

Learn how to set up and test in-app purchase products in >the sandbox environment.
Learn more about validating receipts with the App Store.

Steps I have done:

I have signed all agreements and all bank account details are in order. Everything in the In-app-purchases section of the AppStoreConnect in an Active state.
I have triple checked that the configuration of the in-app purchases is correct (product IDs, amounts, etc.)
I have created test accounts and tested in sandbox

What I don't understand from the reviewer's response is what receipts validation are they talking about? I have no payment servers (the whole concept of using Apple's in-app-purchases service is to not have to deal with my own payment implementation). The StoreKit documentation specifically reads:

For each transaction that represents a current purchase, your app delivers the purchased products. To validate purchases, you can verify transactions on your server, or rely on StoreKit’s verification.

So now I am confused. The reviewer's response is so vague, and so completely deprived of details that I have no idea what to do...

Does the problem concern the product purchase trigger and the that in production environment it does not trigger? Is it that I haven't implemented a receipt validation? Do I need to? Although the documentation mentions that it can be done by StoreKit, I couldn't find anything concerning how to do it :(

Can someone give me a hand please?

Cheers,

Alex

Boost

Answer 1

DTS Engineer OP

Apple

21h

Apple reviews your In-App Purchases in the sandbox. For more information, see TN3186: Troubleshooting In-App Purchases availability in the sandbox.

0

Answer 2

Etresoft OP

17h

What I don't understand from the reviewer's response is what receipts validation are they talking about?

When a user makes a purchase, it creates a receipt in the app bundle. Your app should check the validity of that receipt. If it is valid, then you make the premium features available. If you don't validate the receipt, then hackers will re-distribute your app with a fake receipt so that anyone can use it for free. They might even charge a fee, making money off your app instead of you. Don't assume you're too small to be targeted. I assure you that you're not.

I have no payment servers (the whole concept of using Apple's in-app-purchases service is to not have to deal with my own payment implementation)

That's something totally different. Most apps are subscription based or have some service provided over the internet. For these use cases, Apple provides a quick-and-easy way to validate receipts.

In your case, since you're entirely on-device, you'll need to validate the receipt on-device. That's tricky because your receipt validation logic can (and will) also be hacked. Again, don't assume that hackers won't reverse-engineer your app and change the binary instructions. They will.

The reviewer's response is so vague, and so completely deprived of details that I have no idea what to do

I'm afraid that the reviewer is assuming that you already know about the issue, but maybe copied code from the internet or an AI. It's not a developer's market.

Performing receipt validation on device used to be a Really Big Deal. It isn't such a problem anymore because users have become trained to accept subscriptions.

I've tried to give you a little background to explain what's going on. Unfortunately, I have no idea what your problem is. Your app does need to connect to Apple servers to find your in-app purchases and do things like get the region-specific price to be shown to the user. It sounds like your app isn't talking to the production servers. App reviewers test in a hybrid environment where everything is real except the money.

The reviewer's note is straightforward. Just substitute "app" for "server" in your case.

0