You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jun 23, 2021. It is now read-only.
Hi Matt, I'm hoping you can clarify something around the use of the password field when using the verifyTransactionWithMethod: method. Apple recommends that a Server is used to combine the SharedSecret (password) with the receipt before calling Apple to verify it so that the secret is not embedded in the App. AFAICR this is specifically for auto-renewing subscriptions but might apply to other IAPs. CargoBay seems to be subverting that recommendation by combining the SharedSecret on the Client side, or is it doing something special that eliminates the need for a intermediate Server in the first place ?
Fergal
The text was updated successfully, but these errors were encountered:
verifyTransactionWithMethod: is provided as a convenience, and does not prescribe any one particular way of doing this. A password may be sent with the request, but it is not required. I do not have any personal recommendations beyond what Apple might suggest.
Hi Matt, I'm hoping you can clarify something around the use of the password field when using the verifyTransactionWithMethod: method. Apple recommends that a Server is used to combine the SharedSecret (password) with the receipt before calling Apple to verify it so that the secret is not embedded in the App. AFAICR this is specifically for auto-renewing subscriptions but might apply to other IAPs. CargoBay seems to be subverting that recommendation by combining the SharedSecret on the Client side, or is it doing something special that eliminates the need for a intermediate Server in the first place ?
Fergal
The text was updated successfully, but these errors were encountered: