Store Integration - Meta Horizon
Overview
This guide covers the integration of Meta Horizon (Oculus) In-App Purchases with brainCloud's marketplace, enabling secure server-side verification of Meta Quest IAP transactions. The brainCloud backend performs server-to-server verification directly with Meta's servers, ensuring transaction authenticity and preventing client-side tampering. This architecture establishes the backend as the authoritative source for purchase validation and entitlement management.
Verification Process
When AppStore.VerifyPurchase() is invoked with the metaHorizon store purhcase identifier, brainCloud executes the following operations:
- Extracts Meta transaction data from receipt JSON (userId, SKU, transactionId)
- Validates receipt format and required fields
- Authenticates transaction with Meta's IAP backend servers
- Confirms transaction has not been previously consumed
- Implements replay attack prevention
- Verifies product SKU mapping in brainCloud marketplace
- Returns validated purchase metadata and grants configured rewards
Purpose & Architecture
VerifyPurchase enforces server-authoritative purchase validation, ensuring the backend—not the client—determines transaction legitimacy and entitlement provisioning.
Key Benefits
- Authority: Server-side control over purchase validation
- Security: Protection against client-side manipulation and replay attacks
- Lifecycle Management: Centralized handling of consumables, non-consumables, and subscriptions
- Cross-Platform: Unified brainCloud marketplace works across Meta Quest, iOS, GooglePlay, and other platforms
The backend becomes the single source of truth for user entitlements, managing consumable grants, non-consumable persistence, and subscription expiration logic
Implementation
For detailed implementation steps, including portal configuration, SDK setup, and code examples, refer to the Store integration – Meta Horizon