Post not yet marked as solved
Hello @blackvision,
Thanks for posting on the Apple Developer Forums!
When you say "command line tools", is there a specific command line tool that you are referring to? Maybe something included in the Xcode Command Line tools?
From what I have been able to find in the Apple documentation, I have not found a way to create an API Key outside of the web interface. If I understand your question, what you are essentially asking for is an API Key that can generate additional API Keys. While Apple can introduce a new service at any time, I cant think of another existing Apple service with this model as it does not fall within their current authentication model.
However, it might be worth looking into something like what this other poster on the forums is doing.
https://developer.apple.com/forums/thread/707271
In this post they are dynamically creating JWTs with an expiration that can be provided to other teams and have specific scopes set for the applications they may be responsible for or the resources they would like for the end user to have access to. This certainly would not solve ALL of the challenges of being able to hand out an API Key itself, but building a proxy service for authentication internally would be more secure and provide better flexibility in the long run if you are needing to have managed access.
One thing that I try to remind myself of when providing authentication information to users for Apple resources is that there are no logs of who did what or when which is the biggest driver for building a proxy service to control access instead of providing authentication information directly. Just some ideas even though I know this does not directly answer your question.
Hopefully this helps and happy coding!
Post not yet marked as solved
Hello @Lamyae,
Thank you for positing on the Apple Developer Forums!
While this is not possible today with the App Store Connect API, Apple did announce at WWDC 2022 that this will be a supported feature in the near future. They talk about this in the below WWDC session.
https://developer.apple.com/videos/play/wwdc2022/10043/?time=424
I have not been able to find any specific details about the API or what interactions will be enabled, but we know it will eventually find its way into our hands. Version 2.0 of the App Store Connect API will be available "Later this summer." based off of the information from Apple.
Hopefully this helps and happy coding!
Post not yet marked as solved
Hey @huanling820713,
Would it be possible for you to share the steps you are taking for signing and notarization? This will help us break down what is happening after the build (assuming the application works at this point) that could be modifying the application contents and then we can look at whether or not the steps you are taking to sign are being trusted by the OS.
While I sign mostly DMG files, I think you should be able to run the below command on your signed file to determine if it is trusted, but this is only checking your high level signing and not whether or not Gatekeeper trusts you at this point.
codesign -dv --deep --verbose=4 /Path/To/File
@eskimo also has a great post that I skimmed over at the below URL and certainly looks like a good read to help you troubleshoot!
https://developer.apple.com/forums/thread/128166
Hopefully this helps and happy coding!
Post not yet marked as solved
Hey @Efun,
Thanks for posting your question on the Apple Developer Forums!
After watching the announcement, I am not 100% sure that I know what this is so hopefully you will get some other responses from the community!
Without the App Store Connect API, the only way that I knew to get content uploaded to Apple was through the Transporter tool. Below is the first of many links to Transporter.
https://help.apple.com/itc/transporteruserguide/en.lproj/static.html
Transporter was not an application at first but a CLI agent that you installed on your machine to assist in the delivery of content. Over time, Apple is constantly attempting to make it easier for developers to get work done so they eventually released the Transporter application.
https://apps.apple.com/app/transporter/id1450874784
Transporter is mostly used from my experience by teams who would like a GUI instead of using the Terminal and altool for uploading IPA files to Apple.
Anyways, Transporter also enables the uploading of any large number of content to Apple and the services they host. Nested inside of the Transporter documentation under the Apps section, you will find a link to the App Metadata Specification.
https://help.apple.com/asc/appsspec/
I will let you go through and read the full specification if you would like, but transporter leverages an XML style communication pattern when delivering content to Apple. An example of this can be found in the documentation at the below URL.
https://help.apple.com/asc/appsspec/#/itc39ebbd83d
While I am not 100% sure this is what they are talking about in the App Store Connect video, this is the most prominent location that I can think of where XML data is used to upload content to App Store Connect outside of the REST API.
Hopefully this helps and happy coding!
Post not yet marked as solved
Hey @sesingh,
What version of the Command Line Tools are you using with Xcode?
Are you modifying your IPA file after archiving in any capacity? What are you export options set as? The Xcode verbose logs contain tons of errors that have not been resolved over the years so the Bitcode errors could be legit or misleading.
What is the exit code of altool when you get the error? You can get it by running the below command.
echo $?
Hopefully we can find a clue to correct the issue.
Happy coding!
Post not yet marked as solved
Hey @rextremotabaresDT,
Thanks for posting on the forums!
I am running the iOS 16 Beta on my iPhone 13 and I have been able to successfully install Enterprise signed applications. Are you running into an error that you would be able to share on the forums? Do you have any device console logs that help pinpoint where the error is happening during the installation process?
When attempting to install an Enterprise application, does the device already have an approved Enterprise certificate or is this the first Enterprise application you are attempting to install and the certificate is not approved?
Hopefully this helps and happy coding!
Post not yet marked as solved
Hey @trebla4603,
Thanks for posting on the developer forums!
I personally have never heard of Apple waiving annual the Apple Developer Account fee since the account is fundamental to providing you with the services and support you will need to deploy your potential application, but if you are unable to raise these funds internally, it might be worth using one of the crowd funding platforms and seeing if others will rally behind your new idea and could be an encouraging experience!
Best of luck and happy coding!
Hey @Ashcheulov,
Would it be possible for you to share additional information on where you are getting this error or how it is being reported?
The error above that you have posted is a very small subset of information that the App Store Connect API returns when you get a 401 from the server so having the additional details would be especially helpful.
However, without having this information, I would look in the below places.
Most of the time, the response headers from Apple will have a clue as to why your request was rejected. You could have exceeded the number of requests for the API key, you could be passing malformed data, etc. I would make sure to look through these as a starting place just to see what exists to help you in your efforts.
Is it possible that you are making a request that the API Key does not have permission for? Without knowing what API you are hitting and the exact response it is hard to tell, but if you are hitting the same API endpoint over and over and you get this randomly, it is possible the token expired prior to the remote server getting the request and reading the response error body should give you a clue on next steps.
It could be possible that the authorization header is missing all together. It is not likely if you are running a sequence of API requests and all of a sudden this stops working, but if you can run the commands verbose and view the API trace data this would be an area you could at least rule out.
Hopefully this helps you get started looking. My initial thought is that the token is expiring during the series of transactions possibly due to the overall number of screenshots you are uploading, but that is a guess without much factual information.
Happy coding!
Post not yet marked as solved
Hey @taktem,
No problem at all! We are all here to learn!
So I tried to validate what you have posted above using all of the documented implementation information that Apple provides, and I am not able to replicate your findings. Specifically, if I include /v1/apps as the scope of my JWT, I am not able to successfully interact with the API. However, when I remove the '/v1' portion from the request, I am capable of hitting the API successfully.
When trying to replicate your environment, would it be possible for you to share your full JWT composure code so that we can see what it looks like? Would be interesting to see if you are seeing something that Apple is not expecting so that the paths do not align.
One other thing that might be of interest that I could help validate is the different API Key permissions. What API Key type are you using?
Specifically for wildcards, I would strongly recommend opening up a Feedback with Apple for this so that they can evaluate it and determine whether or not this fits within their current authentication model. I know that they are moving away from wildcards in many other places within the Apple ecosystem so it would be great to file a Feedback and get information from Apple directly on the direction they are going since wildcards can act as a very broad attack vector if the token were to fall into the wrong hands.
Hopefully this helps some and happy coding!
Post not yet marked as solved
Hey @rethgil2,
Thanks for posting on the Apple Developer Forums!
Without additional information, it is going to be hard for the forum to help you diagnose the issue that you are currently facing.
While you may not have crash logs, are you able to connect your iOS device to a macOS device, open the Console application and then replicate the issue after starting the log capture? You should be able to search for Errors and Faults at a minimum to give us a clue of what is going on as to why the application is failing.
If you have not used the Console before, I would suggest finding the process(s) associated with your application and then doing a right click and "Show Process" to limit the number of logs you need to look through. This may also help give you context as to what your application is doing prior to crashing.
Hopefully this helps and happy coding!
Post not yet marked as solved
Hello @Zivi0,
Thanks for posting your question on the Apple Developer Forums!
Would it be possible for you to share your applications App Store URL? This will help other forum users attempt to load your application page and verify if it is still available for sale.
You can find this in App Store Connect -> Apps -> Select App -> App Information -> Additional Information -> View on App Store.
One thing to note about the App Store is that the SEO process is always changing and at least for the applications that I have deployed, for the first few days, the fastest way to find an application is by searching for the developer and looking at the latest release or by using the link to the App Store directly. My assumption is that this is because it takes a while for the SEO algorithm to update but I am not sure what the real cause is.
Hopefully this helps and happy coding!
Post not yet marked as solved
Hey @Mike-in-NM,
Thanks so much for the additional information!
Since Expo is in the middle of your development efforts and getting to Apple, I would suggest also posting in the Expo forums if you have not already just to get help from those who specialize in using Expo.
How are you trying to upload the application to TestFlight? If you have access to the IPA file and are attempting to upload through Transporter, you will be able to use the below commands in order to find the Info.plist file.
unzip /Path/To/IPA.ipa
The Info.plist will be in the /Payload/*.app/Info.plist location.
Hopefully this helps and happy coding!
Post not yet marked as solved
Hey @ir0nDev,
Thanks for posting on the developer forums!
Have you attempted to generate your JWT outside of your NodeJS application and make a GET request with a tool like Postman or from cURL on your local machine? If you are getting an authentication error, that is where I would start to verify that the token is being properly generated and that you can make a request without NodeJS which is acting as an abstraction layer right now for you to find out what is really going on.
The error message that you have posted above (body Unauthenticated) is from NodeJS and not the actual App Store Connect API body response so being able to see that will be valuable while troubleshooting.
Is it possible for you to share a link to the JWT Library (https://jwt.io/libraries) that you are using? Personally, when I need to generate tokens I do not need to include 'typ': 'JWT' in my header and I have no problems interacting with the App Store Connect API (If I include it my requests also work).
Thanks in advance for any additional information that you can share!
Hopefully this helps and happy coding!
Post not yet marked as solved
Hey @taktem,
Thanks so much for posting on the Apple Developer Forums!
I had never worked on this before now so I was tinkering around and I think I found what could be holding you up (or at least what held me up).
The first issue that I ran into when trying to figure this out was that the App Store Connect API documentation appears to need some updating. I have filed a feedback for this (FB10036380). You will need to update your "scope" to the below code example.
“scope”: [
“GET /builds/{id}/app”
]
Currently, including the /v1 as a part of the scope path will return an error from the App Store Connect API which does not match their documentation. By removing the /v1 things started to work for me.
There are many ways to accomplish what to put in the scope path, and I have not fully tested if the API accepts wildcards, but in this specific example, you would need to have some information beforehand or you would need to dynamically generate tokens on the fly and return them to the system wanting to make a request. A bit past the scope (no pun intended) of this response but I will give you one example.
In order to limit the scope of the Read the App Information of a Build API, you would first need to know all of the Build IDs and include those in the array of the scope permissions. To do this, you would need a JWT without a scope limitation to hit the List Builds API and then find the IDs from the response and generate a new JWT to be exchanged for a token.
Below is an example of what this would end up looking like (IDs are fake and generated by uuidgen).
“scope”: [
“GET /builds/4E01297D-1D43-4020-B21C-9DC94A40579B/app”,
“GET /builds/A72021D3-8712-445D-9585-B847BBCCA362/app”,
“GET /builds/65E73521-ED9A-4F06-9C5D-44B54BB34ED6/app”,
“GET /builds/1FAC0D8D-4FD5-4ECD-9B84-D1422ADE3003/app”
]
There are many ways to go about achieving what you are looking to do so I would explore how to implement this logic upstream as a part of an initial request, but that is just how I like to build things.
Hopefully this helps and happy coding!
Post not yet marked as solved
Hey @Mike-in-NM,
Thanks for posting this question on the developer forums!
One way to confirm which iOS SDK your application is actually being compiled with is by checking out theInfo.plist from the compiled binary and checking what is being injected. The Info.plist would be found at the below path.
/Path/To/Archive/Archive.xcarchive/Products/Applications/*.app/Info.plist
You would want to check what the value of DTSDKName is set to. If this is not iOS 15.5 like expected, then the file is not being compiled with the iOS 15 SDK.
If this is the case, one thing to check would be your Command Line Settings under Xcode --> Preferences --> Locations --> Command Line Tools and make sure the latest version of Xcode Command Line Tools are selected.
Hopefully this helps and happy coding! Let us know what you find out!
