JWSDecodedHeader

A decoded JSON Web Signature header containing transaction or renewal information.

Declaration

object JWSDecodedHeader

Properties

Name	Type	Description
`alg`	`alg`	The algorithm used for signing the JSON Web Signature (JWS).
`x5c`	`x5c`	The X.509 certificate chain that corresponds to the key that the App Store used to secure the JWS.

Discussion

All JWS representations, including the signedPayload, contain a JWS header. When you Base64 URL-decode the header, use the JWSDecodedHeader object to read its contents. Use the information in the JWSDecodedHeader to validate the JWS signature. For more information about validating signatures, see the JSON Web Signature (JWS) IETF RFC 7515 specification.

The App Store signs transaction and renewal information that you receive in App Store Server Notifications V2 and in the App Store Server API. It uses the following x5c certificate chain, in the following order:

A certificate that contains the public key that corresponds to the key the App Store uses to digitally sign the JWS. Section 4.11.10 Mac App Store Receipt Signing Certificates of the Apple Inc. Certificate Practice Statement Worldwide Developer Relations document defines the custom extensions this certificate uses.
An Apple intermediate certificate that contains an extension with the extension ID for Apple Worldwide Developer Relations (1.2.840.113635.100.6.2.1).
An Apple root certificate.

For more information, or to download Apple’s root and intermediate certificates, see Apple PKI.

JWSDecodedHeader

Declaration

Properties

Discussion

Topics

JWS header types

See Also

JWS header and payload data types