Attribloom
All terms

App Store

App Store Server Notification forwarding

Notification forwarding is how an App Store Server Notification v2 reaches Attribloom: your server relays Apple's signed payload to your Attribloom forwarding URL, HMAC-signed, so attribution can be confirmed from Apple's own event.

Apple sends App Store Server Notifications v2 to a single URL that you control, not to Attribloom directly. To attribute a purchase, your server forwards each notification's signed payload to Attribloom.

The forward is signed with a shared secret (HMAC-SHA256 over the timestamp and the raw body, prefixed with sha256=, within a 300 second window). That HMAC only proves the forward came from you. Attribloom independently re-verifies Apple's own signature chain before it trusts any value.

Forwarding runs off your critical path: a delivery failure to Attribloom must never affect your app's own entitlement logic, and delivery is idempotent so retries are safe.

Frequently asked

Why can Apple not notify Attribloom directly?

Apple sends notifications to one URL that the app's own server owns. Attribloom receives them by having that server forward the signed payload, which also lets your existing notification handling keep working unchanged.

What does the forwarding HMAC protect?

It proves the forward came from your server. It is not what Attribloom trusts for money: Attribloom re-verifies Apple's JWS signature chain to the Apple Root CA independently.

Related

Learn more

Get startedSee pricingSee integrations