In App Purchase Receipt Validator

The receipt validator handles a lot of important things: it makes sure no one can fake a purchase and gain access to your app, it also handles requests that handle activation and cancellation of memberships.

  • Make sure you have version 2.0.0 of the AppPresser in app purchase plugin installed and activated on your WordPress site.
  • You must setup your in app purchases in the app stores before you can setup the validator

How it Works

When someone purchases in your app, here's what happens:

  1. New users are registered on your WordPress site, and logged into the app.
  2. The purchase information is sent to the app store, and we get back a receipt. 
  3. The receipt is then sent to the receipt validator, and the app gets back a response. If the purchase is valid, the app completes the purchase.
  4. The receipt validator sends a webhook to your WordPress site to add the user to your membership level, course, or whatever you have setup.

Cancellation

When someone cancels their subscription:

  1. The app stores send a notification to the receipt validator. 
  2. The validator sends a webhook to your WordPress site to cancel the user from your membership level or course.

Keep in mind that subscriptions need to be managed through the app stores. If you change an expiration date or price in your WordPress membership plugin, it does not change in the app stores.

Setup

Create a free account here: https://billing.fovea.cc/

If you have more than 100 new subscriptions per month, you will need to update to a paid plan.

On the Dashboard, click Edit Settings.

Validator URL: copy this and paste in the Integrations tab of your app on myapppresser.com.

Webhook URL: Add your site url: https://YOURSITE.com/wp-json/appp/v2/in-app-purchase-validate

iOS Shared Key: Visit your app in App Store Connect, click Apps => Your App => Features => In App Purchases. Find or generate the app specific shared secret. More information.

iOS Bundle ID/Android Package name: must match the app ID on the settings tab of your app customizer. For example, com.myapp.app

iOS Subscription Status URL: copy this and visit your app in App Store Connect, click app information, and add it. More information.

Android License Key: the Billing key from your Google Play Console. This is the same key that you create your manifest.json with. More information.

Android Service Account: you may have already set this up, if not here are instructions.  You need to paste the value into the field, and also send us the .json file. We also use this file to resubmit your app to Google Play. Make sure the permissions are correct as listed in our documentation, NOT the permissions in the fovea.billing documentation.

Android real-time developer notifications

It is recommended to setup real-time developer notifications for Android in app purchase events. In app purchases will still work without this, but there may be some instances where you miss a cancellation.

To set them up, see the Fovea docs here. This is optional, but recommended.

Without server-side developer notifications, the server will know about changes in a user purchase / subscription in 2 cases:
  • The user launch the app while connected with the same Google Play or Apple AppStore account on the device he is user. This triggers a receipt validation request, thus refreshing the status of this users purchases.
  • Our system runs active request when it suspects something should have happened (like a subscription renewal).
However we won't always can't about the latest status of users subscription this way. For example, in case of this combination:
  • things happen outside the app: subscriptions can be canceled, paused and resumed, purchases refunded, etc. Real-time developer notifications will inform our server of those changes (and yours through the webhook), so the status is always correct ;
  • they use the same app account from different devices, or have multiple [App/Play]Store accounts. When starting the app in a device they did NOT make the subscription from, you still want your system to know the latest status of purchases. There's no guarantee of that without real-time developer notifications (because of things happening outside the app).

MyAppPresser Settings

Visit your app dashboard, click your app, and click Integrations. Add your product ID from app store connect and Google Play, that you setup in previous steps. Make sure it is the ID, not the name. There should be no spaces or special characters.

Add the store validator URL from above and save.

The next steps are to add the purchase form to your app and get ready for testing.