What's the recommended way to do IAP receipt validation and also execute some cloudscript player data in regards to that IAP purchase?
I have some IAP items that need to update some title player data along with granting catalog item / currency.
So I think it would look something like
[client gets receipt] -> validates receipt via backend -> triggers cloudscript(using receipt validation event to trigger)
Let's say the cloudscript function is called "ProcessIAP"
But how would I confirm that the receipt payload is valid? (because client can call that cloudscript ProcessIAP). It seems the client could spoof the payload and just call cloudscript function with a bad receipt.
Thanks