The verification request was sent as POST to https://buy.itunes.apple.com/verifyReceipt with json format body below. { "receipt-data": encoded_receipt_from_ios_client, "password": secret_stored_in_app_server, } Receipt data above was generated on purchase in iOS client as below NSURL *receiptURL = [[NSBundle mainBundle] appStoreReceiptURL]; NSData *transactionReceipt = [NSData dataWithContentsOfURL:receiptURL]; NSString *receiptBase64String = [transactionReceipt base64EncodedStringWithOptions:0];