Integrating Samsung IAP Subscription Functionalities with Your Server
Md. Hossain
Engineer, Samsung Developer Program
Introduction
The Samsung IAP Subscription server APIs empower developers to efficiently manage Samsung In-App Purchase (IAP) subscriptions, including cancellation, refund, revocation, and status check. These APIs serve as the foundation for implementing subscription management features within your application management server.
Integrating the Samsung IAP server APIs with your backend server simplifies subscription management. This integration allows you to cancel subscriptions and prevent further billing for users, revoke access to subscription-based content, process refunds based on user requests, and check subscription status to determine validity and current state.
A well-structured backend implementation streamlines subscription management, ensuring customers receive reliable service and minimizing potential issues related to billing, access, and refunds.
Prerequisites
To establish server-to-server communication between the Samsung IAP service and your server, follow these essential steps.
- Develop a Subscription Application – Ensure your application supports subscription operations.
- Upload Binary for Beta Testing – Submit your application for testing in Seller Portal.
- Create Subscriptions – Set up subscription products in Seller Portal for user subscriptions.
Completing these steps ensures a seamless integration of Samsung IAP into your application. For detailed guidance, visit Register an app and in-app items in Seller Portal.
Implementation of the Samsung Subscription APIs
The Samsung IAP Subscription server APIs are used to manage subscription-related operations, including cancellations, revocations, refunds, and status checks.
To leverage these APIs effectively, setting up a backend server is essential. This secure server-to-server communication facilitates efficient handling of all subscription-related operations between the Samsung IAP service and your server.
API Overview
The Samsung IAP Subscription server API provides endpoints for efficiently managing subscription-based operations. It allows developers to cancel, revoke, refund, and check the status of subscriptions. This API also facilitates robust operations and efficient management of user subscriptions, all while ensuring security and authentication through the use of appropriate headers.
Base Endpoint
The Samsung IAP Subscription server APIs need a secure endpoint for managing subscriptions.
https://devapi.samsungapps.com/iap/seller/v6/applications/<packageName>/purchases/subscriptions/<purchaseId>
More detailed information is available through the Support Documentation.
Headers
To ensure secure communication with the Samsung IAP service, the following headers must be included in every request.
- Content-Type – Defines the format of the request body. For JSON content, use application/json.
- Authorization – Uses an access token for authentication. The format should be (Bearer <access_token>). Refer to the Create an Access Token page for details on generating an access token.
- Service Account ID – Obtained from Seller Portal under Assistance > API Service. This ID is required to generate a JSON Web Token (JWT). For more detailed information, visit the Create a Service Account section in Seller Portal.
These headers collectively ensure secure and authenticated API requests, enabling seamless integration with the Samsung IAP service.
Supported Methods
The Samsung IAP Subscription server API enables efficient subscription management. Developers can cancel, revoke, or refund subscriptions using PATCH requests, and check subscription status using GET requests.
Configuring the Server
You can develop a Spring Boot server for this purpose. Here are the guidelines for setting it up.
- Create a Spring Boot Project - For detailed steps, refer to Developing Your First Spring Boot Application.
- Set Up the Server Endpoint:
- Create a controller for Samsung IAP Subscription APIs within your IDE after importing the Spring Boot project. This controller manages all in-app subscription activities.
- The controller performs
PATCHandGETrequests with the Samsung IAP service, ensuring communication with your server.
Performing a PATCH Request
The PATCH request is used to cancel, refund, or revoke a subscription. Follow these steps to proceed.
- Creating a Request Body
To cancel, refund, or revoke a subscription, a specific request body must be created for each operation. When interacting with Samsung IAP service, you send a well-structured API request tailored to the specific action you wish to execute. Below are the request formats for various subscription operations.
// Cancel a subscription
RequestBody body = RequestBody.create(
MediaType.parse("application/json"),
"{\"action\" : \"cancel\"}"
);
// Revoke a subscription
RequestBody body = RequestBody.create(
MediaType.parse("application/json"),
"{\"action\" : \"revoke\"}"
);
// Refund a subscription
RequestBody body = RequestBody.create(
MediaType.parse("application/json"),
"{\"action\" : \"refund\"}"
);
- Building the PATCH Request (Cancel, Revoke or Refund Subscription)
The PATCH method in REST APIs is used for partial updates of resources, enabling you to send only the specific fields that need modification rather than the entire resource. The PATCH request needs a request body to specify the intended action. To execute a subscription management request, you must construct a secure HTTP request that includes all necessary headers and authentication details.
Request request = new Request.Builder()
.url(API_URL)
.patch(body)
.addHeader("Content-Type", "application/json")
.addHeader("Authorization", "Bearer " + ACCESS_TOKEN)
.addHeader("service-account-id", SERVICE_ACCOUNT_ID)
.build();
- Executing the PATCH Request
Once the PATCH request is prepared, execute it using the OkHttpClient, ensuring proper request handling and response processing.
@CrossOrigin(origins = "*")
@RequestMapping(value = "/cancel", method = RequestMethod.PATCH )
public void patchRequest(){
// Set request body as JSON with required action.
// Initialize PATCH request, set body, add headers, and finalize setup.
client.newCall(request).enqueue(new Callback() {
@Override
public void onFailure(Call call, IOException e) {
// handle exception
}
@Override
public void onResponse(Call call, Response response) throws IOException {
// handle response
response.close();
}
});
}
Example Response
This response indicates that the request was processed successfully and without errors.
{
"code" : "0000",
"message" : "Success"
}
Performing a GET Request
The GET request is used to retrieve the status of a subscription. Follow these steps to proceed.
- Building the GET Request
The GET method is primarily used to retrieve or read data from a server. To check the status of a subscription, the GET method is required to retrieve detailed item information. This type of request does not require a request body; only the necessary headers for authentication are needed.
Request request = new Request.Builder()
.url(API_URL)
.addHeader("Content-Type", "application/json")
.addHeader("Authorization", "Bearer " + ACCESS_TOKEN)
.addHeader("service-account-id", SERVICE_ACCOUNT_ID)
.build();
- Executing the GET Request
Once the GET request is prepared, execute it using the OkHttpClient to retrieve and efficiently process the response data.
@GetMapping("/get")
public void getRequest(){
// Initialize GET request, add headers, and finalize setup.
client.newCall(request).enqueue(new Callback() {
@Override
public void onFailure(Call call, IOException e) {
// handle exception
}
@Override
public void onResponse(Call call, Response response) throws IOException {
// handle response
}
});
}
Example Response
If the GET request executes successfully, it returns the status of the subscription as a response.
{
"subscriptionPurchaseDate": "2025-04-28 04:54:06 UTC",
"subscriptionEndDate": "2025-04-28 05:54:06 UTC",
"subscriptionStatus": "CANCEL",
"subscriptionFirstPurchaseID": "55541a3d363c9dee6194614024ee2177c72a9dec51fe8dba5b44503f57dc9aec",
"countryCode": "USA",
"price": {
"localCurrencyCode": "USD",
"localPrice": 15,
"supplyPrice": 15
}, ...
}
Deploying and Testing the Server
For the server to perform API calls, it can use a publicly accessible URL. You can deploy the project to obtain the URL. For testing purposes, you might deploy it on a platform like CodeSandbox, which provides a publicly accessible URL similar to https://abcde-8080.csb.app/iap/xxxx.
Conclusion
By properly integrating the Samsung IAP Subscription server APIs, developers can ensure seamless handling of subscription-related actions within their applications. The implementation of secure server-to-server communication guarantees efficient subscription management and significantly enhances the overall user experience.
