What does Apple's Guideline 3.1.1 actually require in 2026?

Guideline 3.1.1 requires in-app purchase for any feature, subscription, in-game currency, premium content, or full-version upgrade delivered inside your app. Apple lists license keys, augmented reality markers, QR codes, and cryptocurrency wallets as mechanisms you cannot use to release paid content inside the app. Since May 2025, apps on the United States storefront can include external purchase links and buttons without the StoreKit External Purchase Link Entitlement, but the core IAP rule still stands in every other storefront.

Why did App Review reject my app for a Stripe checkout link?

If your app sells a digital subscription or releases features and you send the user to Stripe, Paddle, or a web checkout instead of using in-app purchase, App Review reads that as a 3.1.1 violation outside the United States. Inside the United States storefront the link is allowed after the May 2025 update, but the wording often catches developers who shipped a global build and assumed the US rule applied everywhere.

Do US apps still need the StoreKit External Purchase Link Entitlement?

Not on the United States storefront after May 1, 2025. Apple updated Guideline 3.1.1(a) to state that buttons, external links, and other calls to action do not require the entitlement for apps distributed on the United States storefront. Apps shipped to other storefronts still need the StoreKit External Purchase Link Entitlement in the specific regions where it is offered, including the Netherlands, South Korea, Japan, and the European Union under the Digital Markets Act.

Does my B2B login-only app need in-app purchase?

Often yes, even with no commerce in the app. Reviewers regularly cite 3.1.1 for companion apps where the user logs in to a subscription bought on a website, because the app accesses paid digital content acquired outside the App Store. The cleanest fix is either to add in-app purchase, or to argue your case under Guideline 3.1.3(b) Multiplatform Services with the right metadata, target audience, and business documentation in App Store Connect.

Can I use a Buy Me a Coffee or donation link without triggering 3.1.1?

Donations to individuals or registered nonprofits sit under Guideline 3.2.1 and Guideline 4.2.2, not 3.1.1. The friction historically came when the donation released app features, which crosses into the IAP rule. On the United States storefront in 2026, an external donation link is no longer blocked under 3.1.1(a). Outside the United States, route nonprofit donations through Apple's documented donation flow, and treat creator tips inside an app as in-app purchase tipping.

Why did Apple reject my app under 3.1.1 for an in-app purchase link?

Name: PTKD
Availability: InStock

If your App Store Connect submission came back with a Guideline 3.1.1 notice this month, the rejection is almost always about how the user reaches paid digital content in your app. The specific rule shifted in May 2025 on the United States storefront, and the rest of the world still follows the older text.

Short answer

Guideline 3.1.1 requires that any feature, subscription, in-game currency, premium content, or full-version upgrade delivered inside the app use Apple's in-app purchase system. Since May 1, 2025, apps on the United States storefront can include buttons, external links, and other calls to action that point at a web checkout, with no StoreKit External Purchase Link Entitlement required. Apps in every other storefront still need either an entitlement or one of the Guideline 3.1.3 exceptions.

What you should know

The core rule still names in-app purchase. Subscriptions, currencies, premium content, and full-version upgrades delivered in the app must route through in-app purchase outside the United States.
The May 2025 change is United States only. Guideline 3.1.1(a) now allows buttons and external links without an entitlement for apps shipped to the United States storefront.
License keys, QR codes, and crypto wallets are still flagged. Apple's text names these as mechanisms an app may not use to release paid content or features.
Companion apps for web subscriptions get caught. Even without a buy button, the app accesses digital content purchased outside, which reviewers cite under 3.1.1.
3.1.3 carveouts are narrow. Reader, multiplatform, enterprise, and person-to-person services qualify, with strict criteria on the target audience and content type.
The Resolution Center reply matters. A clear note naming which screens you changed, which storefront you target, and which exception applies clears the second round faster.

What exactly does Guideline 3.1.1 say in 2026?

Per Apple's App Review Guidelines section 3.1.1, an app that sells subscriptions, in-game currencies, game levels, access to premium content, or a full-version upgrade inside the app must use in-app purchase. The text adds that an app may not use its own mechanisms to make paid content or functionality available, naming license keys, augmented reality markers, QR codes, cryptocurrencies, and cryptocurrency wallets as examples.

The May 2025 update added 3.1.1(a), Link to Other Purchase Methods. The new wording confirms that apps on the United States storefront can include buttons, external links, or other calls to action without the StoreKit External Purchase Link Entitlement. In every other storefront, the entitlement still applies where Apple offers it, and apps without the entitlement may not include such buttons or links. Apple announced the change through the Apple Developer News and Updates post dated May 1, 2025.

Why does the US storefront have different rules after May 2025?

The change traces back to the Epic Games vs Apple litigation. As 9to5Mac reported on May 1, 2025, Apple updated the guideline after Judge Yvonne Gonzalez Rogers found that the company had not complied with a 2021 injunction in the case. The court ordered Apple to remove barriers on developer links and calls to action to external purchase methods. AppleInsider noted that Apple disagreed with the ruling and announced an appeal, but updated the guidelines and developer documentation effective May 1, 2025.

In practice, a United States storefront app can now include a button labeled "Subscribe on the Web" that points to a Stripe, Paddle, or self-hosted checkout. The previous 27 percent commission requirement on external purchases was struck down. Apple still requires standard disclosures and clear destinations, but the entitlement and the old link template are not gates anymore. The cleanest pattern is to ship two builds, one for the United States, one for other storefronts, only when the experience meaningfully differs. Otherwise, ship a single build that hides the external link outside the United States by reading the storefront identifier at runtime.

Which apps still trip Guideline 3.1.1 on the resubmission queue?

The pattern from the Apple Developer Forums threads on 3.1.1 in 2026 is consistent. Companion apps to web subscriptions still get rejected, even when they offer no sign-up and no purchase flow inside the app, because the reviewer reads the in-app content as paid digital content acquired outside the App Store. Apps with a Restore Account button on the welcome screen are frequently cited under the standard rejection text: "Your app includes or accesses paid digital content, services, or functionality by means other than in-app purchase."

Other patterns reviewers flag under 3.1.1:

An onboarding screen that mentions "go to our website to subscribe" outside the United States storefront.
A settings screen that links to a billing portal on the web, where the user can upgrade.
A WebView that loads a page with a Stripe checkout inside the app, without using StoreKit.
A Redeem Code entry that accepts an alphanumeric license key for premium content.
A QR code scan that opens paid features.
A crypto wallet connection that gates access to premium content.

Each of those patterns is named (license keys, QR codes, crypto wallets) or implied by the wording of 3.1.1. The fix is either to route the payment through in-app purchase, hide the path outside the United States storefront, or argue the carveout under 3.1.3 with the right documentation.

When do the 3.1.3 exceptions apply (and when do they not)?

Six exceptions in 3.1.3 let an app accept payment outside of in-app purchase. Each one has narrow criteria; reviewers check them carefully. The comparison table below summarizes the most common ones encountered by developers shipping web-first products.

Exception	Covers	Common example	Storefront notes
3.1.3(a) Reader Apps	Magazines, newspapers, books, audio, music, video	Spotify, Kindle	Needs Reader App entitlement; external account link permitted with entitlement
3.1.3(b) Multiplatform Services	Apps that ship on at least one other platform	Trainerize, Notion companion	Allowed when no in-app commerce is presented
3.1.3(c) Enterprise Services	Internal B2B tools paid by the company	Salesforce, Workday	User must be an employee of the paying organization
3.1.3(d) Person to Person Services	Two-sided marketplaces between users	Upwork, Rover	Consumer pays a real person, not the platform itself
3.1.3(e) Goods and Services Outside the App	Physical items or real-world services	Amazon retail, Uber	Item is consumed outside the app
3.1.3(f) Free Stand-alone Companion Apps	Free apps that pair with a paid hardware or web product	Garmin Connect, Sonos	The companion app must be free and standalone

The carveout that handles most B2B and SaaS companion apps is 3.1.3(b) Multiplatform Services. The app must be a companion to a service that is available on at least one other platform, the user signs in to an existing account, and no commerce is presented inside the iOS app. The reviewer can still cite 3.1.1 if the app actively promotes a website for upgrade, or if the metadata implies that users should buy on the web first.

How do I fix a 3.1.1 rejection and reply in the Resolution Center?

A working fix combines three things: a clear scope choice, an honest user interface, and a short reply in App Store Connect Resolution Center.

First, decide your storefront scope. If your app ships to the United States only, the May 2025 update means the external link is now allowed and no entitlement is required. If your app ships globally, you have three paths: integrate Apple's StoreKit in-app purchase across all paid surfaces, apply for the StoreKit External Purchase Link Entitlement in the regions where Apple offers it (the Netherlands, South Korea, Japan, the European Union under the Digital Markets Act), or restructure the app to fit a Guideline 3.1.3 exception.

Second, audit the user interface. Remove any Buy on the Web call to action that appears outside the United States storefront. Remove any in-app WebView that loads a paid checkout page. Remove any QR code or license key entry that releases paid content. Replace with either a StoreKit purchase sheet or a clean sign-in only flow that does not mention how to upgrade.

Third, reply in the Resolution Center with two short paragraphs. The first paragraph names the screens you changed and the exception you rely on. The second paragraph attaches a short screen recording showing the new flow. Reviewers respond faster to a recording than to a long written defense.

For developers shipping AI-coded or no-code builds where the sign-in surface and the upgrade screens are generated by Claude, Cursor, FlutterFlow, or Bubble, a pre-submission scan of the compiled IPA against the relevant OWASP MASVS controls catches stray external purchase URLs, hidden license key inputs, and WebView destinations that the reviewer would flag. PTKD.com (https://ptkd.com) is one of the platforms focused specifically on that kind of pre-submission scan for iOS builds before App Store Connect sees them.

What to watch out for

The May 2025 change is United States only. A single global build with a Subscribe on the Web button will pass on the United States storefront and get rejected everywhere else.
The previous link template is gone in the United States. The disclosure sheet and the 27 percent commission are not required on US apps anymore, but they still apply under the older entitlement in other regions.
Companion apps without sign-up still get flagged. "No purchases here" is not a defense; 3.1.1 covers accessing paid content acquired outside.
Cryptocurrency wallets remain on the named blocklist. Connecting Metamask or Phantom to gate features is a 3.1.1 violation regardless of storefront.
Reader apps need the Reader App entitlement to use external sign-in only. Without it, magazines and audio apps still need in-app purchase for in-app upgrades.
The myth that the May 2025 update killed in-app purchase. It did not. In-app purchase is still required for the United States app whenever the user buys inside the app itself.

Key takeaways

Guideline 3.1.1 still requires in-app purchase for digital content released inside the app, with carveouts in 3.1.3 for reader, multiplatform, enterprise, and person-to-person services.
The May 2025 update to 3.1.1(a) lifted the entitlement requirement on the United States storefront only; every other region still follows the older text.
License keys, QR codes, augmented reality markers, and cryptocurrency wallets remain named examples of mechanisms an app may not use to release paid content inside the app.
A clean Resolution Center reply names the changed screens, the storefront scope, and the 3.1.3 exception, and attaches a short screen recording.
For teams shipping AI-coded or no-code apps where the upgrade surface is generated and the compiled IPA is hard to audit by eye, scanning the build against OWASP MASVS using a platform such as PTKD.com (https://ptkd.com) catches stray purchase links and license key inputs before App Review does.