I’m trying to determine the most appropriate modern method for detecting whether a user originally downloaded a paid app (prior to transitioning the app to freemium/IAP-based access). Historically, this was done by checking for a valid App Store receipt and using SKReceiptRefreshRequest to ensure a fresh one was available. However, SKReceiptRefreshRequest and many related aspects of StoreKit receipt handling are now deprecated in iOS 17+. The current Apple documentation on receipt validation still refers to SKReceiptRefreshRequest, which makes things unclear. With so many deprecations and the push toward StoreKit 2, what’s the recommended path to: Check for a valid App Store receipt Confirm that the app was originally purchased (as a paid app, not via IAP) Persist this info to exempt the user from paywalling the app in the future I don’t need to validate purchases of IAPs — just to detect a legacy paid app download. Any guidance on best practice for this use case, preferably using non-deprecated APIs (StoreKit 2 or otherwise), would be appreciated.

Hello, I recently saw this error from StoreKit in the Console - 'Invalid value for purchase intake' - while debugging a SKPayment subscription issue (where a valid receipt should be verified and restored, but isn't for one user). I haven't been able to find any documentation about this message and wondered if it was related at all. There were two other logs from StoreKit right before saying: 'Found 3 products in receipt with ID' 'Processing ad attribution purchase intake' Does anyone know what 'invalid value for purchase intake' is referencing? We don't have the AdAttributionKit implemented. It sounds like it might be related to that instead? Thank you

I have implemented in-app-purchase in one of my iOS application. I generated the consumable products and these are approved by Apple Showing with Green check. I used StoreKit-2 and locally testing with store sync configuration file. The products I have created on developer accounts automatically synced by Store Configuration file and showing no the screen and I can purchase the product with Xcode environment in development. When uploaded app to test flight, I am not getting products with sandbox email id. Cases I have tries: -Remove my original Apple ID from device and just testing with Apple Sandbox email id -> Not getting products. -Remove configuration file while uploading to test flight -> not fetching products. -Checked the archive build and its in Release mode. Note: I am as a (Admin) team member, not account holder. Issue: Not fetching products on Test flight with Sandbox & in live app. Is there something I have to track here: Agreements for Free Apps Agreement with EFFECTIVE DATE showing 3 Jul 2025 - 20 Sep 2025 & STATUS is Active Agreements for Paid Apps Agreement with EFFECTIVE DATE showing nothing & STATUS is New

Hi everyone, I’m facing a recurring issue with my macOS app being rejected during App Store review, and I’d really appreciate any guidance. The subscription flow in my app is implemented using StoreKit, and everything works perfectly in our development environment using a StoreKit configuration file. It also behaves as expected in Sandbox testing and TestFlight — I even had few beta testers confirm that the subscription information is displayed correctly and the purchase flow completes without issues. All required subscription details are configured in App Store Connect: • Subscription duration and the description of the services offered • Price and price per unit where applicable • Paid apps agreement and related forms are correctly filled However, when the app is submitted for review, the subscription screen fails to display the expected information. From what I can tell, the product information fails to load from the App Store in the review environment — even though everything is working fine on our side. We’ve already submitted a video to Apple showing the subscription UI working in the Sandbox environment, but the app continues to be rejected under guideline 3.1.2 due to missing subscription info in the binary. Is anyone else experiencing similar behavior during review? Could there be a caching issue or delay in StoreKit syncing for newly configured products? Any help or suggestions are very welcome. Thanks in advance!

Hello! I am trying to get my app set up to support external payments. The snag I am hitting at the moment is it seems that relevant pages are not accessible? There is this old EU doc https://developer.apple.com/support/apps-using-alternative-payment-providers-in-the-eu/ But the more updated US doc titled "Distributing apps in the U.S. that provide an external purchase link - Support" is not available where it should be https://developer.apple.com/support/storekit-external-entitlement-us/ In addition the link for requesting the entitlement seems to be broken https://developer.apple.com/contact/request/storekit-external-entitlement-us/ Any idea how one can access these? Perhaps this is just a temporary error?

Issue Description I am experiencing persistent 401 Unauthorized errors when attempting to access the App Store Server API using JWT authentication. Despite following Apple's documentation and regenerating keys, I am unable to successfully authenticate. Implementation Details I'm implementing JWT authentication for the App Store Server API to retrieve transaction information from the following endpoint: https://api.storekit.itunes.apple.com/inApps/v1/transactions/{transactionID} My JWT generation code (in PHP/Laravel) follows Apple's documentation: php$kid = '6W6H649LJ4'; $header = [ "alg" => "ES256", "kid" => $kid, "typ" => "JWT" ]; $iss = 'b8d99de7-b43b-4cbb-aada-546ec784e249'; // App Store Connect API Key Issuer ID $bid = 'com.gitiho.learnCourse'; // Bundle ID $payload = [ "iss" => $iss, "iat" => time(), "exp" => time() + 3600, "aud" => "appstoreconnect-v1", "bid" => $bid ]; $pathFileAuthKeyP8 = "AuthKey_6W6H649LJ4.p8"; $contentFileAuthKey = \File::get(base_path($pathFileAuthKeyP8)); $alg = "ES256"; $jwt = \Firebase\JWT\JWT::encode($payload, $contentFileAuthKey, $alg, null, $header); Steps Taken to Troubleshoot Verified that the Issuer ID is correct and in UUID format Confirmed that the Key ID matches the private key filename Regenerated the key with proper App Store Server API permissions Ensured the private key file is properly formatted with correct headers and footers Verified that the JWT is being properly encoded using the ES256 algorithm Confirmed the bundle ID is correct for our application Checked that the API endpoint URL is correct Additional Information This implementation previously worked correctly We started experiencing 401 errors recently without changing our implementation We are using the Firebase JWT library for PHP to encode the JWT Request Could you please help identify what might be causing these authentication failures? Is there any recent change in the authentication requirements or endpoint URLs that might be affecting our integration? Thanks for support me.

Hi All, We are trying to integrate Promotional Offer in our app, We have a React Native app and are using react-native-iap for handling our in app purchases, as per the documentation we are generating signature in our BE and passing the proper details to the function as well, but for subscription request which have offer applied we are getting the apple pop up properly as well with offer details but when trying to subscribe it gives us SKErrroDomain: 12, for subscription without applying offer the subscription goes through but when we apply the offer we get the above error. Our app is currently in Development Stages and has not been sent for review sam for our subscription plans as well. Please let me know what could be the probable cause for this and help us resolve the issue. This is the code snippet of ours for the front end : export const buySubscription = async (subscriptionData: any) => { try { if (subscriptionData.offer_id) { const response = await getSubscriptionSignature( subscriptionData.productId, subscriptionData.offer_id, ); const offerData = response?.data; const offer = { identifier: offerData?.offer_id, keyIdentifier: offerData?.key_id, nonce: offerData?.nonce, signature: offerData?.signature, timestamp: Number(offerData?.timestamp), }; await requestSubscription({ sku: subscriptionData.productId, withOffer: offer, }); } else { await requestSubscription({ sku: subscriptionData.productId }); } } catch (err) { logger.error('Subscription error: ' + JSON.stringify(err)); throw err; } }; and 
from my python Backend which generates the signature:

def generate_signature(self, product_id: str, offer_id: str) -> dict: """ Generate signature for Apple StoreKit promotional offers. Args: product_id: The product identifier from App Store Connect offer_id: The promotional offer identifier Returns: dict: Contains signature and required metadata Reference: https://developer.apple.com/documentation/storekit/in-app_purchase/original_api_for_in-app_purchase/subscriptions_and_offers/implementing_promotional_offers_in_your_app """ try: # Generate UUID without dashes and use as nonce nonce = str(uuid.uuid4()) timestamp = get_current_time_ms() # milliseconds # Create the payload string in exact order required by Apple payload_components = [ self.bundle_id, # App Bundle ID self.key_id, # Key ID from App Store Connect product_id, # Product identifier offer_id, # Promotional offer identifier nonce, # UUID without dashes str(timestamp) # Current timestamp in milliseconds ] payload_str = "\u2063".join(payload_components) # Use Unicode separator logger.debug(f"Signing payload: {payload_str}") # Create SHA256 hash of the payload digest = hashes.Hash(hashes.SHA256()) digest.update(payload_str.encode('utf-8')) payload_hash = digest.finalize() # Sign the hash using ES256 (ECDSA with SHA-256) signature = self.private_key.sign( data=payload_hash, signature_algorithm=ec.ECDSA(hashes.SHA256()) ) # Encode signature in base64 signature_b64 = base64.b64encode(signature).decode('utf-8') logger.info(f"Generated signature for product {product_id} and offer {offer_id}") return { "key_id": self.key_id, # Changed to match Apple's naming "nonce": nonce, # UUID without dashes "timestamp": timestamp, # As integer "signature": signature_b64, # Base64 encoded signature "product_id": product_id, # Changed to match Apple's naming "offer_id": offer_id # Changed to match Apple's naming } except Exception as e: logger.error(f"Failed to generate signature: {str(e)}") raise HTTPException( status_code=500, detail=f"Failed to generate signature: {str(e)}" )

I tried to apply a promotional offer to a subscribed user. When I tested it in the Sandbox environment, it did not show the promotional payment popup but returned a “restored” status. However, when I tested it in the Xcode environment, it correctly displayed the payment popup, but after I tapped the Subscribe button, it showed an “Unable to Purchase” popup like this: And in the console I could see this error: Received error that does not have a corresponding StoreKit Error: Error Domain=AMSErrorDomain Code=305 "Server Error The server encountered an error" UserInfo={AMSURL=http://localhost:56862/WebObjects/MZBuy.woa/wa/inAppBuy, AMSDescription=Server Error, NSDebugDescription=Server Error The server encountered an error, AMSServerErrorCode=3903, AMSStatusCode=200, AMSServerPayload={ "cancel-purchase-batch" = 1; dialog = { defaultButton = ok; explanation = "Contact the developer for more information.\n\n[Environment: Xcode]"; initialCheckboxValue = 1; "m-allowed" = 0; message = "Unable to Purchase"; okButtonString = OK; }; dsid = 17322632127; failureType = 3903; jingleAction = inAppBuy; jingleDocType = inAppSuccess; pings = ( ); }, AMSFailureReason=The server encountered an error} Could someone help me resolve this issue? I’ve been struggling with it for two days and feeling exhausted...

Problem Summary Apple's provisioning servers are not generating the com.apple.developer.storekit entitlement for App ID com.driftnotes.app (Team ID: 43Y6AG5NPY), making it impossible to build iOS apps for physical devices despite all configurations being correct. Environment macOS: 15.3.1 (24D70) Xcode: 16.1 (xcode-select version 2409) Flutter: 3.35.2 • channel stable Account: Individual Developer (Kazakhstan) Bundle ID: com.driftnotes.app Team ID: 43Y6AG5NPY Error Message Error (Xcode): Provisioning profile "iOS Team Provisioning Profile: com.driftnotes.app" doesn't include the com.apple.developer.storekit entitlement. /Users/vyacheslavkuzin/Desktop/FlutterProjects/DriftNotesDart/ios/Runner.xcodeproj Steps to Reproduce Configure App ID with In-App Purchase capability (✅ verified in Developer Portal) Add In-App Purchase capability in Xcode project (✅ done) Configure entitlements file with StoreKit keys (✅ done) Enable automatic signing in Xcode (✅ done) Run: flutter build ios --release Build completes successfully ("Xcode build done. 13,8s") but fails at signing stage Expected vs Actual Result Expected: Provisioning profile should include com.apple.developer.storekit entitlement Actual: Profile is created WITHOUT the entitlement, despite all configurations being correct Configuration Details Developer Portal App ID com.driftnotes.app has In-App Purchase capability enabled ✅ All agreements are active in App Store Connect ✅ Xcode Project In-App Purchase capability added via Signing & Capabilities ✅ Automatically manage signing: Enabled ✅ Team: 43Y6AG5NPY (Vyacheslav Kuzin) ✅ Entitlements File (ios/Runner/Runner.entitlements) <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.developer.in-app-payments</key> <array> <string>merchant.com.driftnotes.app</string> </array> <key>com.apple.developer.storekit</key> <true/> </dict> </plist> Build Settings CODE_SIGN_ENTITLEMENTS: Runner/Runner.entitlements ✅ PRODUCT_BUNDLE_IDENTIFIER: com.driftnotes.app ✅ DEVELOPMENT_TEAM: 43Y6AG5NPY ✅ Troubleshooting Attempted Multiple Attempts Profile Recreation: Manual and automatic profiles recreated dozens of times Cache Cleanup: Complete removal of: ~/Library/Developer/Xcode/DerivedData/* ~/Library/MobileDevice/Provisioning\ Profiles/* Flutter clean & pod cache clean Signing Methods: Tested both manual and automatic signing management Wait Periods: 48+ hours for server propagation Complete Profile Deletion: Removed ALL profiles from Developer account per Apple Support Apple Support Workaround Following Senior Advisor recommendation: ✅ Deleted all provisioning profiles from account ✅ Confirmed IAP capability in project ✅ Created StoreKit Configuration File for testing ✅ Verified automatic signing management ✅ Multiple "Try Again" attempts in Xcode Result: Problem persists Apple Support Reference Case #102680105923 - Senior Advisor Simone confirmed after internal team consultation that this requires engineering team attention and directed to Developer Forums. Technical Analysis What Works Flutter build completes successfully Pod install executes without issues (25,9s) Xcode build finishes successfully (13,8s) All dependencies resolve correctly What Fails Provisioning profile generation: Server creates profile but omits StoreKit entitlement All profile types affected: Both manual and automatic profiles Consistent across configurations: Debug, Release, Profile all fail identically Root Cause This appears to be a server-side bug where Apple's provisioning systems are not properly correlating the App ID's In-App Purchase capability with the StoreKit entitlement generation for this specific App ID (com.driftnotes.app). The issue is NOT in client-side configuration - all settings match Apple's official documentation exactly. The problem occurs during the server-side provisioning profile generation process. Request for Engineering Team This issue requires attention from Apple's provisioning infrastructure team to resolve the server-side entitlement generation bug for App ID com.driftnotes.app. Impact Critical: Complete inability to build iOS app for physical devices Business: Blocking app deployment and updates Developer Experience: Extensive time spent on troubleshooting correctly configured setup All configurations have been verified multiple times and match Apple's official documentation. The issue has been escalated through Apple Support (Case #102680105923) and requires engineering team intervention.

Hello all, Posting here before I put in a support ticket to see if there are any ideas. The previous beta issues seem to have been resolved, but now we are having intermittent problems with sandbox purchases. We do not know if this will affect real purchases. This is happening on beta 9 in both public and dev channels for us, most often on iPad Pro 4th. gen (Though idk if that is relevant). Sometimes running TestFlight builds on iOS 26 beta 9 devices we will have attempts to make sandbox purchases just go into a black hole. We do not get a "Do you want to buy this" popup, or the credentials screen. It just pauses for a bit in the section of our code that would be akin to: let result = try await product.purchase( options: [.appAccountToken(accountUUID) ] ) Then wait a couple seconds, and then nothing. The game returns to normal flow as if it was a pending purchase, but nothing more ever happens. We have not been able to get a local debug build to do this, so it's hard for us to tell if it is going into the pending bucket, the userCancelled bucket, or the unverified bucket, etc. If we take a device in this state and remove the app and reinstall from TestFlight we will get a credentials popup on the first attempt after install to buy, and after putting in our info we will get the " "You've already purchased this In-App Purchase...", but nothing ever his our listener and we return to the broken state. Has anyone else seen issues like this? P.S. Our StoreKit logic code is currently widely distributed, so if it was reproducible in the live version on iOS 18 we would know about it. Thanks, Chris

Question: In the sandbox environment, I attempted to perform an In-App Purchase within an IME (Input Method Extension) using a sandbox test account. The purchase flow completed successfully, and I received the success callback. However, I encountered an issue: no receipt file is generated. I tried checking with both the main app’s bundle and the IME’s bundle, but the receipt file was not found in either case. When I attempted to refresh the receipt using SKReceiptRefreshRequest, it failed with an exception (error code: 0). I would appreciate any guidance on how to resolve this issue.

アプリ内課金を実装しようとしていますが、サーバサイドのセキュリティに関してについて質問です。 StoreKit２を使えばアプリとApp Store Connect間のレシート検証は不要だが、 購入情報をサーバーで管理する場合は アプリからサーバーに購入情報を渡す際にレシート検証する必要があると考えるがその認識であっているか教えていただきたいです。

You can still renew your membership within the next 8 days and your apps will remain available on the App Store during this time. Open the Apple Developer app on your iPhone, iPad, or Mac. Sign in to your account, tap/click Renew, and follow the prompts. I'm getting this message but renew button is not visible in Developer App or on website. How to to renew?

For testing purposes, I log out of media and purchases to use sandbox ID's to test in app purchases. Once I log out of media and purchases in device settings, in app purchases is still using my real apple ID, I'm not being prompted anymore to log into a sandbox ID for purchases.

Hello I am trying to add payments on my app. I have added all products I need in subscriptions. I also tried by using storekit but from my understanding testing with storekit is nothing to rely on. My app works on Android (with the same product IDs same unction call) iOS is not why is that?

Hi everyone, We operate an online game where all in-app assets are stored server-side and require a logged-in account (no device binding). I’d like guidance on four areas: Do we really need deviceVerification / deviceVerificationNonce? – Because every purchase is tied to an account and we enforce a global transactionId UNIQUE constraint, replay or cross-account reuse appears infeasible. Under these conditions, is omitting device verification acceptable, or are there situations where Apple still recommends it? Permanent rate-limit increase for the App Store Server API – During anniversary events we saw bursts of ~18 000 requests per hour, breaching the current hourly cap on the App Store Server API (verifyTransaction, getNotificationHistory, etc.). Is there a formal process to request a long-term rate-limit expansion (or an alternative tier) from Apple? When is an App Store Server API call required for a StoreKit 2 jwsRepresentation? Docs say “call the API if you’re unsure,” but there’s no clear cut-off. Because we fully validate the JWS signature plus the entire certificate chain (including CRL/OCSP checks) on our server, local cryptographic validation seems sufficient for consumables. For subscriptions we still plan to hit the API to fetch the latest status. Does this separation match Apple’s best practice? If Apple does recommend hitting the API for consumables as well, we’d like a concrete rule of thumb—e.g. “if the item price is USD 50 or higher, always use the API.” Is establishing such thresholds consistent with Apple’s intent? Refund-risk reduction from Send Consumption Info – Adapty reports a 40–60 % refund-rate drop for subscriptions when using Send Consumption Info (blog reference). Can we expect similar reduction for consumable IAP in social/online games? Any real-world results would be helpful. Thanks in advance for any guidance!

Hello! We are tryign to test refund notifications and we've implemented a debug button trigger the refund of a purchase done with a sandbox account. The problem is that the refund view displays a Cannot Connect message and nothing happens. No error messages appear in the console. Anything we are doing wrong?

I had a two CS from customers that they couldn't buy a cookies(IAP). they got an alert "Purchases in this app are already purchased items." I was wondering if anyone has any similar experiences.

We are currently using App Store Server Notifications V2 in a production environment, but occasionally encounter the error "Failed to parse signedTransactionInfo in the notification payload. status=VERIFICATION_FAILURE." What could be the cause of this error? Also, is there a way to resolve this error? After the notification from Apple was received on the server side, it was passed to the Apple library and an error occurred in the Apple library when decryption was performed.

In my understanding, with the latest court ruling in the US, iOS apps may decide to support web-based payments for subscriptions and in-app purchases. However, are we allowed to exclusively support web-based payments and not implement StoreKit at all?