iOS in app-purchase receipt validation - sandbox vs production url?

Question

I followed Ray Wenderlich\'s tutorial to implement receipt validation in my app. The code connects to Apple\'s validation server directly from my app rather than going thro

Answer 1

Always verify your receipt first with the production URL; proceed to verify with the sandbox URL if you receive a 21007 status code. Following this approach ensures that you do not have to switch between URLs while your application is being tested or reviewed in the sandbox or is live in the App Store.

Note: The 21007 status code indicates that this receipt is a sandbox receipt, but it was sent to the production service for verification.

There is no public API to call to distinguish the production and sandbox environments so that you can decide which server to use ahead of time. If you have implemented the recommended receipt validation process, the fix can be implemented at your server which contacts the StoreKit server. If the status code for the validation attempt is 21007, then try again at the sandbox server.

Answer 2

It could fail. I had an app with in app purchases (but not based on my server, straight apple code) that work in development but crashed once released by Apple. It crashed because I had not done all the proper steps in iTunes Connect.

The surprising thing was that the reviewers didn't catch this, presumably since they were also working in a sandboxed environment.

I'm not sure this helps you, hope it does.

Answer 3

The solution is quite simple and it was explained on session 308 of WWDC 2012 (the video is available for registered developers). The session was related to subscriptions but you can extend it for in app purchases.

What happens is that when you develop you hard code your app to validate the receipt with the sandbox. Then you send the app to review, you clearly hard coded your app to validate the receipt with the production server.

But nothing prevents you from doing the validation in two steps:

• always validate the receipt with the production server first, this will apply for 99% of your app life. If the receipt is validated, you're done.
• if previous validation failed, just validate the receipt with the sandbox server. This should cover your development needs and of course fake receipts will fail validation too.

By the way, and this is officially stated in the documentation ONLY for subscriptions, if you try to validate a sandbox receipt with the production server you will get a specific status code; there is another status code that covers the case of production receipt validated with the sandbox server. In all cases the two worlds, sandbox and production, are always separated.

Don't forget also that with iOS7 added a new safer way to manage receipt validation directly from the device: consider in fact that receipt validation directly from the client (that you don't fully control, e.g. with jailbroken devices) is less secure than receipt validation done through a server you control.