Skip to main content

I’m quite new to RevenueCat, and I’m currently working on a Flutter app targeting all OS.

Since the purchases_flutter package is not available for Windows or Linux (please do something about it!), I assume that I need to use Stripe, connected to my RevenueCat account, to display a web page with a Stripe paywall (I use a Payment Link to keep it simple), and then call the RevenueCat REST API to:

  • list my offerings
  • purchase a product through Stripe
  • check if a user has purchased my one-time payment product or not
  • recover a one-time payment purchase

So I have 2 questions:

  • Is it the right way to do?
  • Why do I need a secret API Key (that, I assume, I need to store on a server), while I only need a public API Key for the Android, iOS and macOS version of my app?

Thanks for your help.

Hi! You should actually use the public API key associated with your Stripe app in the Dashboard in this case. I will raise adding support for Flutter Web internally to the rest of the team.


Hello,

Thanks for your answer.

My problem is not using RevenueCat for Flutter Web, my problem is using the RevenueCat REST API (since I’m targeting Windows and Linux).

If I try to achieve the tasks listed above only using my public API key (with Postman, for example), I got an error telling me that my key is invalid.

If I do the exact same thing, but with my private key, it works.

And that’s really annoying for me, since I don’t want to deal with a back-end just to store a private key.

So I have (again) 2 questions:

  • Is it a bug on your end, then? Or do I miss something?
  • What if I create a secret key, but only with the minimum required authorizations, in read only, that I store in my app, would that be safe or not?

 


Can someone please answer me?

I'm stuck with that for days now.


Reply