How to: Configure Your IAP Unlocking Endpoint

Updated on 22. June 2023 by Jan Bunk


If you set up your in app purchase settings to use our managed in app purchase verification endpoint, our verification endpoint will (after verifying the purchase) POST a JSON object such as the following to your unlocking endpoint:

Google Play purchase example JSON:


{
    // the userIdentifier you passed via Javascript
    "userIdentifier": "user123",
    // your app's ID (only relevant if you have multiple apps using the same verification endpoint)
    "appId": 1234,
    "purchaseDetails": {
        "verificationData": {
          "serverVerificationData": "abcdefghijklmnopqrstuvwx.AO-J1Oyabcdefghijklmnopqrstuvwxyz123456789_-abcdefghijklmnopqrstuvwxyz123456789_-abcdefghijklmnopq",
          // the "autoRenewing" property in localVerificationData is only sent if the product is a subscription
          "localVerificationData": "{\"orderId\":\"GPA.1234-1234-1234-12345\",\"packageName\":\"example.package.name\",\"productId\":\"exampleProductId\",\"purchaseTime\":1643389081662,\"purchaseState\":0,\"purchaseToken\":\"abcdefghijklmnopqrstuvwx.AO-J1Oyabcdefghijklmnopqrstuvwxyz123456789_-abcdefghijklmnopqrstuvwxyz123456789_-abcdefghijklmnopq\",\"autoRenewing\":true,\"acknowledged\":false}",
          "source": "google_play"
        },
        "productID": "consumable",
        "purchaseID": "GPA.1234-1234-1234-12345",
        // can also be "restored" if triggered by a call to restorePurchases()
        "status": "purchased",
        "transactionDate": "1643389081662"
      }
    }
}
    

App Store purchase example JSON:


{
  "appId": 1234,
  "userIdentifier": "user123",
  "purchaseDetails": {
    "verificationData": {
      "serverVerificationData": "veryLongBase64String",
      "localVerificationData": "veryLongBase64String",
      "source": "app_store"
    },
    "productID": "consumable",
    "purchaseID": "123",
    // can also be "restored" if triggered by a call to restorePurchases()
    "status": "purchased",
    "transactionDate": "1644239123000"
  }
}
    

Unlocking the Purchased Products

You will mainly need the userIdentifier (which is the userIdentifier you passed when you called makeInAppPurchase in your website's Javascript) to determine who to unlock the products for and the productID to determine what product to unlock for the user.

After an in app purchase - especially a subscription - was made, you will need to listen to any changes that get made to it. For example you will be notified when a subscription was canceled or an in app purchase was refunded, so you can then revoke the benefits the user gets from the subscription.

Expected Result

Once you're done, your endpoint should return a 200 status code. If it doesn't return a 200 status code, our verification server will try to repeat the request. If the verification server is unable to get a response indicating that the products were unlocked, the app will not confirm the purchase. This will lead to the purchase being automatically refunded in 3 days.

You can use our temporary no-op unlocking endpoint for testing purposes. That way you can make sure in app purchases don't fail because your server returns an incorrect status code or something like that. Here's the unlocking endpoint URL you can use in your in app purchase settings: https://webtoapp.design/apps/test_unlock_in_app_purchase/