I encounter the same issue even when testing with TestFlight. my verification code in java: logger.info("Apple authorization validation"); // get the subject received from the client String clientSubject = getSubject(identityToken); // verifying the code by the apple server String token = getToken(); logger.debug("Authorize with token:" + token); Map<String, String> params = new HashMap<>(); params.put("client_id", CdConfig.APPLE_CLIENT_ID); params.put("client_secret", token); params.put("code", authorisationCode); params.put("grant_type", "authorization_code"); params.put("redirect_uri", ""); if (redirectURI != null) { } String response = post(CdConfig.APPLE_AUTH_URL, params); logger.info("Apple authorization response:" + response); AppleTokenResponse tokenResponse = objectMapper.readValue(response, AppleTokenResponse.class); if (tokenResponse.getError() != null && tokenResponse.getError().length() > 0) { logger.warn("Error during verification of the code. Reason:" + tokenResponse.getError()); return null; } String serverSubject = getSubject(tokenResponse.getId_token()); if (!serverSubject.equals(clientSubject)) { logger.warn("Validation failed, subject does not match!"); return null; } return getClaims(tokenResponse.getId_token()); myJwt Token : return Jwts.builder() .setHeaderParam(JwsHeader.KEY_ID, CdConfig.APPLE_KEY_ID) .setHeaderParam(JwsHeader.ALGORITHM,"ES256") .setIssuer(CdConfig.APPLE_TEAM_ID) .setAudience(CdConfig.APPLE_APPLE_ID_URL) .setSubject(CdConfig.APPLE_CLIENT_ID) .setExpiration(new Date(System.currentTimeMillis() + (1000 * 60 * 5))) .setIssuedAt(new Date(System.currentTimeMillis())) .signWith(SignatureAlgorithm.ES256, pKey) .compact();

Hello, were you able to test your integrated purchase on your xCode environment? The integrated purchase can work correctly and be tested on the Sandbox environment without any validation wait. In my opinion your problem comes from the code, it has nothing to do with the validation of purchases by the review team.