v1/subscribers endpoint returns empty entitlements - But iOS App SDK finds the entitlements

  • 26 April 2024
  • 1 reply



I am trying to access a user’s entitlements via the API (I am using the sandbox environment, i.e. I am using Xcode to simulate purchases).

But I always get empty entitlements in the response and I’m not sure why. This is my call:

curl --request GET \
--url<app_user_id> \
--header 'accept: application/json' \
--header 'authorization: Bearer <my_v1_token>'\
--header 'X-Is-Sandbox: true'

And this is the answer

    "request_date": "2024-04-26T13:34:56Z",
    "request_date_ms": 1714138496699,
    "subscriber": {
        "entitlements": {},
        "first_seen": "2024-04-26T11:24:56Z",
        "last_seen": "2024-04-26T11:24:56Z",
        "management_url": null,
        "non_subscriptions": {},
        "original_app_user_id": "<original_app_user_id>",
        "original_application_version": null,
        "original_purchase_date": null,
        "other_purchases": {},
        "subscriptions": {}


However, the iOS app SDK makes this exact same call (according to the DEBUG prints) and receives the correct set of entitlements. The only real difference is the api token but I created one in the dashboard and there aren’t any ways to customize it or give it additional rights or something.


For what it’s worth, the user I am testing with only shows one of the two expected entitlements in the customer dashboard, even though the correct purchases are shown in their history. So I might have made a mistake somewhere. But then again, even that single entitlement isn’t returned by the REST API.


I’m kind of lost and don’t really know how to debug this. I’d appreciate any help with this.



UPDATE: Okay, so I switched from using the Xcode environment to using a Sandbox Account and now the dashboard correctly shows all entitlements. The API still returns nothing, unfortunately

This post has been closed for comments

1 reply


Okay, it turns out I might just be a bit dumb 😅

Everything works when I surround the URL with quotes. I guess the $RCAnonymousID prefix in the app_user_id conflicts with something in the bash program or whatever? (Even though I encoded it)

curl --request GET \
--url '<app_user_id>' \
--header 'accept: application/json' \
--header 'authorization: Bearer <my_v1_token>'\
--header 'X-Is-Sandbox: true'

Well, not sure, but it does work now, which is great 😀