Usage with Cordova

Iaptic is integrated with the cordova purchase plugin. Setting it is as simple as adding a few lines in your code at plugin initialization.

Plugin version >= 13

The latest version of the plugin contains a Iaptic helper class.

Use the receipt validator

Instantiate an "iaptic" object and set the store validator to iaptic's.

const iaptic = new CdvPurchase.Iaptic({
  appName: "[APP_NAME]",
  apiKey: "[PUBLIC_KEY]",
store.validator = iaptic.validator;

_Note: Replace [PUBLIC_KEY]; and [APP_NAME] with values from your account.

Then make sure to perform receipt validation for approved transactions:

    .approved(transaction => transaction.verify())
    .verified(receipt => receipt.finish())
    .unverified(receipt => console.log('receipt cannot be verified'));

Use to determine Apple App Store discount eligibility

With App Store, a user is only eligible to certain discount offers if he is or was a subscriber to one of the product of the same subscription group. A user is only eligible to introductory offers if he never was a subscriber.

You can use iaptic to perform eligibility detection for you. When initializing the APPLE_APPSTORE platform, set the discountEligibilityDeterminer to iaptic's:

    platform: Platform.APPLE_APPSTORE,
    options: {
      needAppReceipt: true,
      discountEligibilityDeterminer: iaptic.appStoreDiscountEligibilityDeterminer,
  // other platforms...

Security Policy

Depending on how your app is configured, security policy may prevent you to make requests to the validation service (DOM Exception 18 / Error 0). To prevent this, it make sure is listed in your HTML file’s meta "Content-Security-Policy", in the "connect-src" list.

Here is an example of what that looks like:

<meta http-equiv="Content-Security-Policy"
     content="default-src 'self' 'unsafe-eval'; connect-src; style-src 'self' 'unsafe-inline'; media-src *">

Plugin version <= 12

Use the receipt validator

Set the validator URL:

store.validator = "[APP_NAME]&apiKey=[PUBLIC_KEY]";

_Note: Replace [PUBLIC_KEY]; and [APP_NAME] with values from your account.

Your account on needs to be configured correctly for the platforms you intend to use (shared key on iOS, license key on Android, etc). See the Settings page for more information.

Enabling Validation

Receipt validation is being called when you do p.verify(). Some demo code omit this line, so make sure that p.verify() is called from the approved event, then p.finish() called from the verified event.

     .approved(p => p.verify())
     .verified(p => p.finish());

You might have to edit your existing handlers for approved events to make sure it doesn't call p.finish() but p.verify()

Need Help?

Contact us!