Skip to content

Purchase verification

Mohammad Naghavi edited this page Jun 26, 2014 · 3 revisions

Please read the PlaySotre verification guide and iTunes receipt verification to have the basic idea of what the verification process on both platforms needs. You can also go through the compatibility issues to understand the differences a bit more.

Local vs. Server based

Local verification tries to validate the consistency of purchase data based on a public/private key solution. This is trustworthy to some extends. Right now this plugin only does local verification for andorid, this may change in near future but right now you may do the verification at best on an external server of your own. This document will help you to do verification on your server the right way.

Data needed for verification

To do the verification for one transaction, you will need the purchaseToken for android or app receipt for iOS, these two pieces of data will be referred to as verification payload here. Android's purchaseToken is per transaction where iOS gives you one receipt for whole application's purchases. To prevent having the potentially large receipt repeated multiple times in each purchases' data, and also let you handle all platforms in a unified way, this plugin will not return verification payload inside purchase data when you query all purchases. Instead you can always query the plugin for a verification payload for a specific purchase (using its id) from the plugin and use this for doing your server side verification.

Asking for verification payload for a purchase on android will return the purchaseToken and on iOS will return the application's receipt.

The plugin will however send the verification payload along other purchase data when a new purchase (buy or subscribe) is done successfully to the respective success callback.

Actual verification

After you have got your hands on the verification data, you have to send it to your server and verify it based on the platform as described on the documentations. This shall result in giving access to user to that product in your server, your app shall always retrieve the valid situation from your server.

  • Installation
  • [Stores setup](Stores setup)
  • [Purchase verification](Purchase verification)
  • [Testing plugin](Automatic tests)
  • [API documentation](API documentation)
  • Debugging

Philosophy

  • Roadmap
  • [Compatibility issues](Compatibility issues)

API

Clone this wiki locally