InApp Purchase

InApp purchase allows a user to pay for a subscription using either the Apple or Google InApp Payment platform.

While InApp Purchase is not only a very convinient way to pay for a subscription, it can also be used to replace an account creation flow, if the user only wants to use the product on one specific device or devices which are linked to his Apple or Google account. Apple and Google will take care of the authentication and the returned Receipt or Purchase Token can be used as an alternative way to authenticate the customer.

Sends an InApp Purchase Receipt to the backend

post

This endpoint is used to implement several flows in the In-App Purchase process:

The backend validates the purchase.
a. Authentication Token provided without customer details
- Purchase is assigned to the existing account
b.Authentication Token provided customer details
- Purchase is assigned to the existing account
- Account e-mail is being updated with the provided e-mail address
- User will receive a mail which asks him to confirm the new e-mail address and set a new password
- The response will have email_confirmation_required set to true
c. No Authentication Token provided, customer details provided
- The purchase is linked to a new account.
- The account is created using the specified details.
- The user receives a password reset email to set the password.
- The response will have email_confirmation_required set to true
d. No Authentication Token provided, NO customer details provided
- A random username and password are generated for the new account.
Backend returns Authentication Credentials. If the new Authentication credentials refer to an account which is different to the one identified by the Authentication Token, the property account_switched will be set to true.

Authorizations

AuthorizationstringOptional

An OpenID Access Token

Header parameters

x-client-app-versionstringRequired

The app version of the client making the request.

Example: 8.10.123

x-client-device-modelstringRequired

The type of the device making the request

Example: ["desktop","mobile","tablet","firetv","appletv"]

x-client-osstringRequired

The operating system of the client making the request.

Example: ["windows","macos","linux","android","ios","web"]

x-client-os-versionstringRequired

The operating system version of the client making the request.

Example: 10.0.1234

x-sdk-versionstringRequired

The SDK version making the request

Example: 5.0.123

x-forwarded-forstring · ipv4Optional

Real User's IP address, required for Fraud Prevention

Example: 192.168.1.1

Body

Responses

200

Successful response containing user location and VPN connection status

application/json

429

Rate limited

post

/iap

POST /iap HTTP/1.1
Host: <See Domain Reference>.com
Authorization: Bearer YOUR_SECRET_TOKEN
x-client-app-version: text
x-client-device-model: ["desktop","mobile","tablet","firetv","appletv"]
x-client-os: ["windows","macos","linux","android","ios","web"]
x-client-os-version: text
x-sdk-version: text
Content-Type: application/json
Accept: */*
Content-Length: 219

{
  "apple": {
    "bundle_id": "text",
    "jwt_receipt": "text",
    "transaction_id": "text"
  },
  "google": {
    "package_id": "text",
    "purchase_token": "text"
  },
  "customer_details": {
    "email": "text"
  },
  "aflyr": {
    "referrer_id": "text",
    "apple_search_ads": {}
  }
}

{
  "access_token": "text",
  "refresh_token": "text",
  "account_switched": true,
  "email_confirmation_required": true
}

PreviousFetching Locations and Instances NextOverview

Last updated 1 hour ago