We develop a mobile application that has a backend server and use in-app product purchase.
I researched the options to grant the user product usage via in-app purchase as backend developer.
It seems the most common solution is
- Mobile app interacts with payment gateway of platform(Google/Apple) to purchase in-app product
- If purchase is ok,then mobile app sends the receipt of purchase to backend.
- Backend validates the receipt against Google/Apple developer api
- If the receipt is ok (Valid), backend activate the product in its database.
- User start to use in-app product since the purchase finished and backend activated the product in its database.
My Question :
Can we activate the product without interacting with mobile application as service to service via RealTime Notification of Google or Apple ?
Can we trust this flow that I explained the steps of it in the below?
We will have a push endpoint configured on Google/Apple
Steps will be like the below
- Google/Apple will send the productId and purchase token to backend endpoint(push endpoint)
- We will validate purchase token and productId against Google/Apple developer api
- If it is valid,we will activate the product in our backend database.Then backend will return 200(OK) to Google/Apple as acknowledgement so they will remove the info from their topic.
- User start to use in-app product since the purchase already finished and backend activated the product in its database in its push endpoint.