Hi everyone! When I attempt the Post Request using Postman, as shown in my attached curl, I receive the error "{ "errors": [ { "status": "405", "code": "METHOD_NOT_ALLOWED", "title": "The request method is not valid for the resource path.", "detail": "The request method used for this request is not valid for the resource path. Please consult the documentation." } ] }". I have constructed the JWT correctly as an admin with correct private Key and Unix Times and I am able to send regular GET requests without issue and I can view the dashboards in App Store Connect. The described POST request is being rejected, although it says so in the documentation: https://developer.apple.com/documentation/appstoreconnectapi/post-v1-analyticsreportrequests. Curl: curl --location 'https://api.appstoreconnect.apple.com/v1/analyticsReportRequests' --header 'Content-Type: application/json' --header 'Authorization: Bearer XXX' --data '{ "data": { "type": "analyticsReportRequests", "attributes": { "accessType": "ONGOING" }, "relationships": { "app": { "data": { "type": "apps", "id": "XXXXXXXXXX" } } } } }' (using ONE_TIME_SNAPSHOT makes no difference) Is this a documentation error ? I'd be happy to hear about a fix.

I'd like to report an issue with the "App Referrer" source segmentation in the App Store Connect Analytics API. Issue Summary When retrieving impression data via the App Store Connect Analytics API using groupBy=["sourceType", "sourceInfo"], the impressions attributed to specific referring apps (e.g., Facebook, Instagram) do not match the values ​​displayed in the App Store Connect web dashboard. Details The total impressions in the API and dashboard are completely consistent, with the report category: App Store Discovery and Engagement Standard_Daily. The aggregated "App Referrer" (overall category) is also consistent. However, the detailed segmentation data in "App Referrer" is inconsistent, with the report category: App Store Discovery and Engagement Detailed_Daily. For example: The web dashboard shows significantly more impressions attributed to Facebook or Instagram. The API returns fewer impressions for the same referral source. Furthermore, the API does not return any "unknown"/"other" referral source entries, and displays no data for presentations where the exact referring app cannot be identified. Therefore, the sum of all sourceInfo entries returned by the API is lower than the app referral source value displayed in the web dashboard. We have confirmed: This is not due to time zone differences—the totals are exactly the same. We used the same date range, region, and platform settings as the dashboard. The difference only appears in the detailed app referral source breakdowns (e.g., "Facebook," "Instagram"). The API does not return missing presentations under any category. Questions for Apple: Does the App Store Connect web interface aggregate presentations from unidentified or privacy-restricted referring apps into known app names (e.g., Facebook or Instagram)? Is it normal for the Analytics API not to expose these presentations when the exact referring app cannot be identified? What official logic does the App Store Connect use to determine and display specific app referral sources (e.g., Facebook, Instagram)? When the API returns fewer referral records than the dashboard, how can developers accurately reproduce the same detailed app referral breakdown data in their reports? Are there any known limitations or privacy thresholds in the API that affect the disclosure of sourceInfo? Other Information Endpoint: Analytics API (Impressions grouped by sourceType and sourceInfo) Metric: Impressions Grouping Criteria: sourceType, sourceInfo We want to understand how App Store Connect allocates impressions to specific third-party apps (e.g., Facebook, Instagram) in the dashboard, and why the Analytics API returns lower numbers for these referral sources.

I think there's been a recent change to the App Store Connect API; I claim that it's a bug. When querying App Store Connect API endpoints that return arrays, like https://api.appstoreconnect.apple.com/v1/apps, the response includes a links property, of type PagedDocumentLinks. https://developer.apple.com/documentation/appstoreconnectapi/pageddocumentlinks links should include a next link only if there's more data to provide, and, indeed, this is how it works for the /v1/apps endpoint. But when querying inAppPurchasesV2, I find that starting very recently (this week?) the API always returns a next link, even if there's no more data to show. { data: [], links: { self: 'https://api.appstoreconnect.apple.com/v1/apps/1363309257/inAppPurchasesV2?cursor=APo&limit=50', first: 'https://api.appstoreconnect.apple.com/v1/apps/1363309257/inAppPurchasesV2?limit=50', next: 'https://api.appstoreconnect.apple.com/v1/apps/1363309257/inAppPurchasesV2?cursor=ASw' }, meta: { paging: { total: 223, nextCursor: 'ASw', limit: 50 } } } If I request the next link, it will generate me another response with empty data and with a new cursor. { data: [], links: { self: 'https://api.appstoreconnect.apple.com/v1/apps/1363309257/inAppPurchasesV2?cursor=ASw&limit=50', first: 'https://api.appstoreconnect.apple.com/v1/apps/1363309257/inAppPurchasesV2?limit=50', next: 'https://api.appstoreconnect.apple.com/v1/apps/1363309257/inAppPurchasesV2?cursor=AV4' }, meta: { paging: { total: 223, nextCursor: 'AV4', limit: 50 } } } Code I've written against this API (including my open-source library https://github.com/dfabulich/node-app-store-connect-api) assumes that if there's another links.next link, we should follow it; as a result, my code is looping infinitely, requesting empty data until eventually I have to give up. This issue doesn't affect other endpoints, like /v1/apps, just this inAppPurchasesV2 endpoint. Was this an intentional change? It seems to be a bug.

I’m experiencing an issue while attempting to authenticate API calls to the App Store Connect API using a JWT token. I have App Manager permissions on my apple developer account. Despite following the official documentation and successfully verifying the JWT signature locally, I consistently receive the following response from the API: { "errors": [{ "status": "401", "code": "NOT_AUTHORIZED", "title": "Authentication credentials are missing or invalid.", "detail": "Provide a properly configured and signed bearer token, and make sure that it has not expired." }] } import jwt import time from cryptography.hazmat.primitives import serialization from cryptography.hazmat.backends import default_backend from jwt.exceptions import InvalidSignatureError Replace with your own credentials KEY_ID = "<YOUR_KEY_ID>" ISSUER_ID = "<YOUR_ISSUER_ID>" PRIVATE_KEY_PATH = "AuthKey_<YOUR_KEY_ID>.p8" def generate_token(): """Generate a JWT for App Store Connect API authentication.""" with open(PRIVATE_KEY_PATH, "r") as f: private_key = f.read() header = { "alg": "ES256", "kid": KEY_ID, "typ": "JWT" } now = int(time.time()) payload = { "iss": ISSUER_ID, "iat": now, "exp": now + 1200, # Token valid for 20 minutes "aud": "appstoreconnect-v1" } token = jwt.encode(payload, private_key, algorithm="ES256", headers=header) return token def verify_token_signature(token): """Verify JWT signature locally using the public key derived from the .p8 private key.""" with open(PRIVATE_KEY_PATH, "rb") as key_file: private_key = serialization.load_pem_private_key( key_file.read(), password=None, backend=default_backend() ) # Derive public key from private key public_key = private_key.public_key() pem_public_key = public_key.public_bytes( encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo ) try: decoded = jwt.decode( token, pem_public_key, algorithms=["ES256"], audience="appstoreconnect-v1" ) print("✅ JWT signature verified successfully.") print("Decoded payload:", decoded) except InvalidSignatureError: print("❌ JWT signature is invalid.") except Exception as e: print(f"❌ JWT verification failed: {e}") if name == "main": token = generate_token() print("Generated JWT:", token) verify_token_signature(token) Why might a JWT that is valid locally still fail authentication with a 401 NOT_AUTHORIZED error from the App Store Connect API? Are there any specific permission scopes required for API access beyond App Manager account access from Apple Store connect? Are there any known issues or additional configuration steps required for API key access? Is there a way to validate API access status for a specific key or account? Could you please share the correct example of JWT generation in Python for reference?

Hello, I’m currently using the App Store Connect API to automate report downloads. I’ve successfully downloaded data for Sales and Trends and Financial Reports via API. However, I noticed there’s also a “Payment Information” report listed here: 👉 https://developer.apple.com/help/app-store-connect/reference/reporting/payment-information Could you please confirm whether this report can also be retrieved via the App Store Connect API? If so, which endpoint or reportType / reportSubType should be used? I’ve reviewed the documentation here (https://developer.apple.com/documentation/appstoreconnectapi/downloading-analytics-reports ), but couldn’t find a match. Thanks a lot for your help!

We fetch the App Store Analytics – App Installs & Deletions (Daily) report via the Analytics Reports API and land each delivery into S3. The rows we ingest contain fields like Date, Event, Download Type, Counts, and Unique Devices. We’re trying to compute for example Installations and First-time downloads so our warehouse totals match the App Store Connect UI exactly, but our counts are consistently higher when we aggregate (with filter conditions being the same). Questions: (1) Official dedupe/versioning approach: What's the recommended approach to avoid double counting across API deliveries and to match the UI exactly? If later deliveries can revise past dates, what field(s) or process should we rely on to decide which records to keep for a given Date? (2) Completeness window: For daily data, is the recommended approach to publish rolling values that may change for a few days, or waiting until dates are considered “complete” before reporting? Any best-practice guidance would be helpful. Thanks!

Hi! We are seeing increased number of 404s when trying to download sales report from reportingitc-reporter.apple.com/reportservice/sales/v1 We are using API version 2.2 Is anyone else facing these issues?

Hi! I am working on automating the Apple Pay integration process in our CI/CD pipeline and would like to confirm whether a fully automated setup is currently possible for our preproduction environment. Right now, our process is as follows: A certificate is generated for the root domain and for each individual merchant subdomain. Both certificates are manually uploaded to our preproduction servers to test and verified via HTTP. We’d like to automate this flow in GitLab CI, mainly the generation of the necessary certificates programmatically or via API. However, from my research, it seems that Apple does not currently provide an API or any support to automate this task, but I’d like to confirm this directly with you. Is there any official support or workaround for this kind of automation? If not, do you have any plans to provide it in the future? Thanks in advance for your help.

I am following the Downloading Analytics Reports guide which consists of five steps: request the ONGOING report generation for the app once list all analytics report requests for the app list all analytics reports based on the analytics report request id :x: list all analytics report instances based on the analytics report id list all segments of the analytics report instance to get the download url I can only complete the third step which returns a list of all available reports. However when I continue with step four, the request for the analytics report instances returns with a response code 200 but the data array is always empty: I am using the Home Screen Widget Installs report but this is also happening for other reports Also changing or omitting the filter doesn't change anything { "data": [], "links": { "self": "https://api.appstoreconnect.apple.com/v1/analyticsReports/{reportId}/instances?filter%5Bgranularity%5D=DAILY" }, "meta": { "paging": { "total": 0, "limit": 50 } } } What could be the reason that the data array is empty and how can I fix it because there is no error message?

Our application is currently under review, and we are still facing issues because we receive a 401 Unauthorized response from the App Store Connect API when using the production environment. Our app integrates with Chargebee for subscription management, and in production, Chargebee is unable to authenticate with the App Store Server API. This results in a 401 Unauthorized error, preventing the user’s subscription from being synced correctly into our system. Interestingly, the same configuration works in the sandbox environment, but fails in production. We’ve tried authenticating using JWTs generated from multiple keys (including App Store Connect API / Team Keys with both Admin and App Manager access, and also In-App Purchase keys), all with the same result — sandbox access works, production does not. Here is our example code for testing with JWT token: const jwt = require('jsonwebtoken'); const fs = require('fs'); const https = require('https'); const config = { keyId: '<key_id>', issuerId: 'issuer_id', bundleId: 'bundle_id', privateKey: fs.readFileSync('path_to_key') }; const { keyId, issuerId, bundleId, privateKey } = config; const now = Math.floor(Date.now() / 1000); const jwtToken = jwt.sign( { iss: issuerId, iat: now, exp: now + 60 * 10, // 10 minutes is fine for test aud: 'appstoreconnect-v1', bid: bundleId }, privateKey, { algorithm: 'ES256', header: { alg: 'ES256', kid: keyId, typ: 'JWT' } } ); console.log('Generated JWT:\n', jwtToken); // prod const originalTransactionId = '<prod_transaction_id>'; const hostname = 'api.storekit.itunes.apple.com'; // sandbox // const originalTransactionId = '<sandbox_transaction_id>'; // const hostname = 'api.storekit-sandbox.itunes.apple.com' const options = { hostname, port: 443, path: `/inApps/v1/history/${originalTransactionId}`, method: 'GET', headers: { Authorization: `Bearer ${jwtToken}`, 'Content-Type': 'application/json', }, }; const callAppStoreConnectApi = async () => { const req = https.request(options, (res) => { console.log(`\nStatus Code: ${res.statusCode}`); let data = ''; res.on('data', (chunk) => { data += chunk; }); res.on('end', () => { console.log('Response Body:\n', data || '[Empty]'); }); }); req.on('error', (e) => { console.error('Request Error:', e); }); req.end(); }; callAppStoreConnectApi(); With this code, we were able to authenticate successfully in the sandbox environment, but not in production. I read in this discussion: https://developer.apple.com/forums/thread/711801 that the issue was resolved once the app was published to the App Store, but I haven’t found any official documentation confirming this. Does anyone know what the issue could be?

I am trying to add webhook subscriptions for TestFlight build processing completion and TestFlight beta build review completion events. These were showcased in the WWDC25 session: https://developer.apple.com/videos/play/wwdc2025/324/ Currently, I am able to receive webhook events for distribution updates, and the corresponding checkmark option is available in the App Store Connect portal. However, there is no checkmark option in the portal to subscribe to beta build-related events. In the video, there is clearly a checkmark option for the beta review event subscription (at 4:55). The current documentation also does not mention beta processing and beta review event subscriptions. It only lists the event types that are visible in the web portal: https://developer.apple.com/documentation/appstoreconnectapi/webhookeventtype When I try to add the BUILD_BETA_DETAIL_EXTERNAL_BETA_STATE_UPDATED event (as shown in the video at 6:10) via the PATCH API request, I get the below error. "errors": [ { "id": "****-****-****-****-*********3851", "status": 409, "code": "ENTITY_ERROR.ATTRIBUTE.TYPE", "title": "An attribute in the provided entity has the wrong type", "detail": "'BUILD_BETA_DETAIL_EXTERNAL_BETA_STATE_UPDATED' is not a valid value for the attribute 'eventTypes/3'.", "expectedValues": [ "APP_STORE_VERSION_APP_VERSION_STATE_UPDATED", "BETA_FEEDBACK_CRASH_SUBMISSION_CREATED", "BETA_FEEDBACK_SCREENSHOT_SUBMISSION_CREATED" ], "source": { "pointer": "/data/attributes/eventTypes/3" } } ] } The App Store Connect web portal also does not provide a checkmark option for subscribing to this event type. My questions are: Are the TestFlight build processing completion and beta build review completion webhook events coming soon, or do they already exist? Are there any other ways to get beta build events apart from polling?

Hey there, I'm building a service that requires receiving accurate app downloads and sales/proceeds data along with the campaign name. From reading the documentation it looks to be fairly understandable, but in practice it is not that straightforward. For example, I received the first one-time-snapshot detailed report for the App Store Purchases, and it contains partial data for several days. Shouldn't that be a full report of everything in analytics for like last year or so? Should I expect it to be updated and extended in the coming days? For the ongoing detailed report, I have not received anything yet, but I'm afraid it might have partial data as well. I will report here as well.

Dear community, in order to modernize our build pipelines, I wanted to try out the new App Store Connect build upload API that was introduced in the WWDC video "Automate your development process with the App Store Connect API". However, when POSTing to https://api.appstoreconnect.apple.com/v1/buildUploads, I receive the following error message: { "errors": [ { "id": "9fb916ea-4d26-4712-8c55-d1d4b5320bf2", "status": "404", "code": "PATH_ERROR", "title": "The URL path is not valid", "detail": "The resource 'v1/buildUploads' does not exist" } ] } Is this API not yet available or am I doing something wrong? If it is not yet available, is there an ETA? Thanks in advance & best regards, Yannik

I need to get the app icon from the AppStore Connect API in order to display a list of my apps. However there seems to be no way. I See in the appstoreconnect.apple.com website that the icons are there and available, there is even a function where you can click on it and get the high res version: https://appstoreconnect.apple.com/apps/1504874998/distribution/ios/version/deliverable (this link is of course not available from the outside) I tried builds/{id}/icons which always returns nothing and found an iconAssetToken object in the builds array, but the link is weirdly formatted and leads to nothing. Hope someone can help, I'm fairly new to the API and the usage is quite odd for me so far. Best, Nils

Failed to fetch certificates: This request is forbidden for security reasons - Unable to find a team with the given Content Provider ID '72df6041-c291-4d95-b690-2a3b75ff72f6' to which you belong. Please contact Apple Developer Program Support. https://developer.apple.com/support I have already confirmed that: All API keys were generated correctly. All required roles and permissions have been assigned in App Store Connect. To confirm my doubt, I requested api key from a fellow developer, and that worked in CodeMagic without throwing an error. Could you please help me figure out why the given Content Provider ID is not being recognized? Thank you.

I’m currently automating our iOS release pipeline with the App Store Connect API. TestFlight and App Store version creation are mostly working, but I’m stuck at the “submit for review” step. Below are the endpoint I’m calling, the payload, and the error I receive: > url: https://api.appstoreconnect.apple.com/v1/appStoreReviewSubmissions > method: POST > params: None > json: {'data': {'type': 'appStoreReviewSubmissions', 'relationships': {'appStoreVersion': {'data': {'type': 'appStoreVersions', 'id': '62db20b9-1bc6-4b1a-9b52-9834a807c377'}}}}} > response: <Response [404]> > ASCAPIError(404): The specified resource does not exist: The path provided does not match a defined resource type. | errors=[{'id': '32d2c224-0f1c-4592-a02d-a4f87b13b6b7', 'status': '404', 'code': 'NOT_FOUND', 'title': 'The specified resource does not exist', 'detail': 'The path provided does not match a defined resource type.'}] The official documentation app-store-version-submissions doesn't mention the endpoint, and I could not find any working example in open-source CLI tools. Questions: Does the App Store Connect API actually support submitting an App Store version for review? If yes, where can I find the exact endpoint & required scope documented? If no, is there a canonical list of what the API can and cannot do so I can confirm the limitation? Any pointers to docs or working code samples would be greatly appreciated.

I am using v1/apps/{appid}/appPricePoints to get app pricepoints. Few days ago i noticed that calling v1/apps/{appid}/appPricePointsfilter[territory]=USA&limit=200 i get four pages but last page just reaches only 400$ pricepoint. As i can see also on App Store connect Then i have to click additional prices Please help what am i missing ?

TLDR; I can't get QueueName to work with matchmaking a turn-based match in Unity using matchmaking rules. Long version: I'm using the apple unity plugin found here: https://github.com/apple/unityplugins/blob/main/plug-ins/Apple.GameKit/Apple.GameKit_Unity/Assets/Apple.GameKit/Documentation~/Apple.GameKit.md I have created a Queue, RuleSet and a simple Rule to match players by following these docs tightly: https://developer.apple.com/documentation/gamekit/finding-players-using-matchmaking-rules. Here is the single rule I have that drives matchmaking: { "data" : { "type" : "gameCenterMatchmakingRules", "id" : "[hiddden-rule-id]", "attributes" : { "referenceName" : "ComplimentaryFactionPreference", "description" : "default desc", "type" : "MATCH", "expression" : "requests[0].properties.preference != requests[1].properties.preference", "weight" : null }, "links" : { "self" : "https://api.appstoreconnect.apple.com/v1/gameCenterMatchmakingRules/[hidden-rule-id]" } }, "links" : { "self" : "https://api.appstoreconnect.apple.com/v1/gameCenterMatchmakingRules" } } which belongs to a rule set which belongs to a queue. I have verified these are setup and linked via the App Store Connect API. Additionally, when I tested queue-based matchmaking without a queue established, I got an error in Unity. Now, with this, I do not. However there is a problem when I attempt to use the queue for matchmaking. I have the basic C# function here: public override void StartSearch(NSMutableDictionary<NSString, NSObject> properties) { if (searching) return; base.StartSearch(properties); //Establish matchmaking requests _matchRequest = GKMatchRequest.Init(); _matchRequest.QueueName = _PreferencesToQueue(GetSerializedPreferences()); _matchRequest.Properties = properties; _matchRequest.MaxPlayers = PLAYERS_COUNT; _matchRequest.MinPlayers = PLAYERS_COUNT; _matchTask = GKTurnBasedMatch.Find(_matchRequest); } The _PreferencesToQueue(GetSerializedPreferences()); returns the exact name of the queue I added my ruleset to. After this function is called, I poll the task generated from the .Find(...) function. Every time I run this function, a new match is created almost instantly. No two players are ever added to the same match. Further, I'm running two built game instances, one on a mac and another on an ipad and when I simultaneously test, I am unable to join games this way. Can someone help me debug why I cannot seem to match make when using a queue based approach?

Hi, In the AppstoreConnect website it's possible to retrieve the payments and estimated proceeds. Is it possible to recover it automaticaly with an API ? I saw "Payments and Proceeds" documentation (https://developer.apple.com/help/app-store-connect/getting-paid/view-payments-and-proceeds), and the "Download Sales and Trends Reports" API documentation (https://developer.apple.com/documentation/appstoreconnectapi/get-v1-salesreports). But none can retrieve the amount that Apple proceeds to the bank account. I need this because I sell in different countries with different currencies. And I manage different Apple accounts. Best Regards,

Failed to fetch certificates: This request is forbidden for security reasons - Unable to find a team with the given Content Provider ID '72df6041-c291-4d95-b690-2a3b75ff72f6' to which you belong. Please contact Apple Developer Program Support. https://developer.apple.com/support