# Autonomy premium account subscription design ###### tags: `Autonomy` ## Terms 1. Persona 2. Receipt: A valid base64 string returns from Apple/Google when a user finishes their purchase. 3. Client-only premium features: Features that don't require the server side to involve. 4. Server side premium features ## Flow ### Subscription ```mermaid sequenceDiagram autonumber Client->>+Subscription Server: GET /subscriptions/current Subscription Server-->>-Client: subscription status alt if not subscribed Client->>Client: finish subscription Client->>+Subscription Server: POST /subscriptions/receipts Subscription Server->>+Apple: POST https://buy.itunes.apple.com/verifyReceipt Note left of Apple: See appendex 1. Apple->>-Subscription Server: receipt info Subscription Server->>Subscription Server: Update the subscription information else end Apple->>Subscription Server: POST /subscriptions/callback/apple Note left of Apple: See appendex 2. ``` #### Appendix 1. [Send a receipt to the App Store for verification](https://developer.apple.com/documentation/appstorereceipts/verifyreceipt) > As a best practice, always call the production URL for verifyReceipt first, and proceed to verify with the sandbox URL if you receive a 21007 status code. 2. [App Store Server Notifications](https://developer.apple.com/documentation/storekit/in-app_purchase/subscriptions_and_offers/enabling_app_store_server_notifications) ## Backend Design ### Premise - Based on discussion in [slack thread](https://bitmark.slack.com/archives/C01EPPD07HU/p1633941432033700?thread_ts=1633938186.025400&cid=C01EPPD07HU), we allow a receipt be bound to multiple accounts. - Wait for the design of account validation. (For example, using DID) ### API #### GET /auth Request: ```json { "platform": "apple", "receipt_data": "<base64 apple subscription receipt>" } ``` Response: ```json { "jwt": "<json web token>" } ```