Question

How to deny sandbox entitlements on AppStore app, while making sure they work while in AppStore review?

  • 25 May 2023
  • 2 replies
  • 43 views

Badge +1

First of all, Great product team!

This is for macOS.

I want to make sure following:

  1. Deny sandbox entitlements on AppStore
  2. AppStore reviewer should be able to access pro content after they do payment

Lets say I use customerInfo.entitlements.activeInCurrentEnvironment[“pro”] to unlock access, what will happen when AppStore reviewer tests payment flow to unlock access? I assume it will not work as that environment uses sandbox for payments.

I tested this on TestFlight and activeInCurrentEnvironment looks for non sandbox entitlements and does not find one.

Basically this code of checking sandbox env ignores macOS TestFlight and I assume will ignore AppStore review environment also:

BundleSandboxEnvironmentDetector:

var isSandbox: Bool {

return path.contains("Xcode/DerivedData")

 

Also if I am doing this filtering myself instead of activeInCurrentEnvironment:

For macOS TestFlight detection this gist works: https://gist.github.com/lukaskubanek/cbfcab29c0c93e0e9e0a16ab09586996

Does anyone know safe way to detect AppStore Review env to allow sandbox entitlements?


2 replies

Userlevel 4
Badge +6

Hey @shelehs ,

While technically possible to detect when your app is in review (https://github.com/codykerns/PurchasesHelper/tree/appreviewchecker#appreviewchecker), I’m curious about your use case for denying sandbox entitlements? No one who downloads your app from the app store will have sandbox purchases other than Testflight testers, which should expire quickly.

A better way to achieve this might be detecting Testflight purchases by simply shipping a different build to Testflight than your production one so you can label those sandbox purchases as Testflight and block them.

 

 

 

 

Badge +1

Hey @shelehs ,

While technically possible to detect when your app is in review (https://github.com/codykerns/PurchasesHelper/tree/appreviewchecker#appreviewchecker), I’m curious about your use case for denying sandbox entitlements? No one who downloads your app from the app store will have sandbox purchases other than Testflight testers, which should expire quickly.

A better way to achieve this might be detecting Testflight purchases by simply shipping a different build to Testflight than your production one so you can label those sandbox purchases as Testflight and block them.

 

Hi @kaitlin,

Thanks for your reply and the appreviewchecker. There is one-time lifetime purchase in my offerings, which is why it might not be short lived access. I am just going with the solution where snapshot entitlements in the AppStore app are only valid for few days from the time of purchase.

Reply