Which url should I use to check my In-App Purchase receipt
I found this question in the FAQ on Apple Tech Notes ( QNo: 15 ). They answered like this:
Use the sandbox url https://sandbox.itunes.apple.com/verifyReceipt when testing your app in the sandbox and the app is in sight.
Use the working URL http://buy.itunes.apple.com/verifyReceipt after your app is live on the App Store.
But in the app purchase programming guide ( Checking receipt using the App Store section ). Apple provides a URL like this:
Place the JSON object in the App Store using an HTTP POST request. The URL for the store is https://buy.itunes.apple.com/verifyReceipt .
Note that the first url uses http for a real account to verify In-App purchases, and the second uses https. Which one should I use? My app was rejected because the server is not receiving a correct response when it sends a receipt to Apple. I am using https://buy.itunes.apple.com/verifyReceipt to verify receipt.
source to share
the best way is to check with the production server first. if you get code 21007, you must make another call to the sandbox server. this is necessary because during the submission process you are not always sure that they will be using a live server or sandbox. it should work for both.
there is some source code here that checks receipts in a safe way (counter of app store hack from last year). I added the above code to this project, which will first be checked against the production server and then dropped back to the sandbox server:
https://github.com/evands/iap_validation
EDIT: I will no longer use this code in iOS 7. I think there are some problems with it!
source to share