What is the iOS App Shared Secret used for?

February 17, 2022
|
Team Nami
Generating an iOS app shared secret

The iOS app Shared Secret, also known as the App Store Connect Shared Secret, is a 32 character hexadecimal string. It is used for server-side receipt validation. Specifically, the Shared Secret is sent to Apple in the request payload. This provides added security for receipts with auto-renewable subscriptions.

Receipt verification is a process app developers use to verify purchases. Specifically, this process if for purchases made using Apple’s App Store payments mechanism (aka StoreKit). The receipt provides a complete list of all the purchases made by an app’s user. The receipt includes both in-app purchases and subscriptions.

Apple recommends that app developers validate a receipt for security and piracy reasons. In fact, property security requires a secure backend.

The Shared Secret is allows you to receive the decoded form of a receipt. In addition, its included in the payload of App Store Server Notifications. You can check that the password key’s value matches the known Shared Secret verify the authenticity of the notification.

Two Types of iOS App Shared Secret

There are two flavors of Shared Secret that can be generated through App Store Connect.

  1. Primary Shared Secret - used across all apps in your Apple Developer account
  2. App-Specific Shared Secret - used for a specific app in your Apple Developer account

The App-Specific Shared Secret is a good idea if you want app-level security. Perhaps plan to transfer an app to another Apple Developer. For instance, if you sell an app to another party on a marketplace like Flippa.

To generate either type of Shared Secret requires an App Store Connect account with either Account Holder or Admin role.

Generating a Primary Shared Secret

To generate (or re-generate) a Primary Shared Secret, follow these steps:

  • Sign-in to App Store Connect
  • Navigate to Users and Access
  • Navigate to Shared Secret
  • Click Generate or Regenerate
Generating a Primary Shared Secret in App Store Connect

Generating an App-Specific Shared Secret

To generate (or re-generate) an App-Specific Shared Secret, follow these steps:

  • Sign-in to App Store Connect
  • Navigate to My Apps
  • Choose the app you want to generate a Shared Secret for
  • Navigate to In-App Purchases under the Features heading
  • Click App-Specific Shared Secret
  • Click Generate or Regenerate
Generating an App-Specific Shared Secret in App Store Connect

Sign up to our newsletter

Get the latest articles delivered straight to your inbox.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Nami® logo

Nami® logo

Maximize your App's Potential

Accelerate app revenue with Nami subscriptions.

Portrait photo of blog author
Team Nami

The Nami ML team is on a mission to help app developers succeed in the modern App Economy.

Similar articles

Read similar articles to this one

Quotes mark

Testimonials

Some client stories

"We spent hours researching the best ways to implement subscriptions and after many failed attempts we found Nami. We were able to go live with subscriptions in our Apple and Android apps in a matter of days."
Client portrait
Brian Pedone
Founder
Quiet Punch
Quiet Punch
"Nami helped us achieve a cross-platform solution for managing and sellingsubscriptions on Apple and Google. The Nami platform was flexible enough to handleour business requirements for in-app purchasing, allowing us to focus on our client'score domain and domain logic.”
Client Name
Client role
Company name
"Nami helped us achieve a cross-platform solution for managing and selling subscriptions on Apple and Google. The Nami platform was flexible enough to handle our business requirements for in-app purchasing, allowing us to focus on our client's core domain and domain logic."
Melody Morgan
Director, Engineering
Diamond
Diamond
"We spent hours researching the best ways to implement subscriptions and after many failed attempts we found Nami. We were able to go live with subscriptions in our Apple and Android apps in a matter of days."
Brian Pedone
Founder
Quiet Punch
Quiet Punch
"It took a couple of hours to incorporate their easy to use SDK. Nami provides a monetization machine learning solution, a paywall displaying what a user can purchase, and a whole suite of other useful features. As a result, it saved me development cycles so I could focus on other important things."
Mark Lapasa
Android Developer
Toronto App Factory
Toronto App Factory
"After spending a few days trying to implement subscriptions, I found Nami ML. I was able to complete in-app subscriptions within less than 3 hours."
Tanin Rojanapiansatith
iOS Developer
Transcrybr
Transcrybr

The best subscription experience starts with Nami

Get connected with one of our product experts to get started with your journey with Nami today.