What is App Store Connect Shared Secret?
The App-Specific Shared Secret from Apple is a distinctive 32-character key to receive receipts for auto-renewable in-app subscriptions.
How to get an App Store Connect Shared Secret
A Shared Secret is a critical component of server validation, which is a process used to authenticate the authenticity of purchases made through an app. Server-side receipt validation is performed on the server side and involves the device or server sending a request to Apple’s servers to confirm the validity of the purchase. This validation process relies on the Shared Secret to ensure that the purchase is authentic and valid.
Apple offered special App Store API. Upon creating an API key in App Store Connect, a unique Shared Secret is automatically generated by Apple for that specific key. This Shared Secret can be downloaded as a text file, which contains a confidential string that must be securely stored on your server. To authenticate your authorization to access the App Store Connect API, the Shared Secret must be included as part of your authorization header when making requests to the API.
Adapty uses The App Store Connect Shared Secret for receipt verification. Learn how to configure App Store shared secret for each of your apps with a step-by-step guide here.