Post not yet marked as solved
When we use register api to register our device,
I got response that status is PROCESSING/INELIGIBLE why?
response like:
{
"type": "devices",
"id": "XXXXX",
"attributes": {
"addedDate": "2022-04-20T22:57:51.000+00:00",
"name": "XXXXX",
"deviceClass": "IPHONE",
"model": "iPhone 13 Pro Max",
"udid": "XXXXXXXXXXXXXX",
"platform": "IOS",
"status": "PROCESSING"
},
"links": {
"self": "https://api.appstoreconnect.apple.com/v1/devices/***"
}
}
Post not yet marked as solved
Hi,
I've tried to authenticate this endpoint https://appstoreconnect.apple.com/iris/v1/betaFeedbacks with the JWT token as described in the documentation, but it's not working. I know this endpoint is not documented, but gathering the beta feedback and being able to extract it to some ticket system (e.g. GitHub board) would be a really helpful option for us.
Does anyone know how we can authenticate this one?
Post not yet marked as solved
Does the In-App Purchase Products server API exist? The API which allow to create/delete In-App Purchase Products from backend server. If it doesn't, Do you have any plans to implement it in the future?
Thank you in advance.
Post not yet marked as solved
Hi,
When calling the endpoint to list all the pricePoints per app:
https://api.appstoreconnect.apple.com/v1/apps/xxxxxxxx/pricePoints
The response does not seem correct because there is no next element returned.
Not only that but when setting different values in the limit parameter, the value of limit and total of the meta object is always the same. For example:
Example #1
https://api.appstoreconnect.apple.com/v1/apps/xxxxxxxx/pricePoints?limit=1
response:
'meta': {'paging': {'total': 1, 'limit': 1}}
Example #2
https://api.appstoreconnect.apple.com/v1/apps/xxxxxxxx/pricePoints?limit=5
response:
'meta': {'paging': {'total': 5, 'limit': 5}}
Example #3
https://api.appstoreconnect.apple.com/v1/apps/xxxxxxxx/pricePoints?limit=200
response:
'meta': {'paging': {'total': 200, 'limit': 200}}
Am I doing something wrong or is there a bug in the API?
Post not yet marked as solved
Hi,
After calling the following endpoint:
params = {'limit': 1, 'fields[appPricePoints]': ['customerPrice,territory,priceTier,proceeds'], 'include': ['territory,priceTier']}
GET - https://api.appstoreconnect.apple.com/v1/appPriceTiers/1/pricePoints
the 200 response returns the element next: https://api.appstoreconnect.apple.com/v1/appPriceTiers/1/pricePoints?cursor=AQ.AMXRC_I&include=priceTier%2Cterritory&fields%5BappPricePoints%5D=priceTier%2Cproceeds%2CcustomerPrice%2Cterritory&limit=1
for which after calling it the response is a 400 HTTP status code an error message: "The parameter 'include' can only be included once".
Am I doing something wrong or is the server responding with an invalid next link?
Post not yet marked as solved
As part of my developer duties, I white label apps and publish them on the Google and Apple app stores.
My experience deploying apps on Google play store is an actual dream compared to the hoops Apple makes me jump through like I'm some kind of circus animal.
On top of that, every time I search an issue I'm experiencing, it comes up. Other developers experience the same issues too, and the comments on them are "Same issue" and "Did you find a solution yet?".
At this stage I am flabbergasted that people actually support a company like Apple.
Dear Teams,
kindly assist as I am unable to submit my app for review due to the below errors:
You must select a primary category for your app
Before you can submit your app for review, an Admin must provide information about the app's privacy practice in the App privacy section.
Unfortunately , I couldn't see the category filled to select from.
Pls I need help.
Post not yet marked as solved
My team has CI setup to automatically build our app with Fastlane, which features functions to automatically increment the build number and version numbers.
However, to my knowledge, Fastlane (and any other ASC API clients) don't know the state of deployed builds unless they ask for a specific one. This leads to a disruption in our CI workflow, as App Store Connect rejects uploading of builds with the same version number.
I'm wondering if there's a simple way to get the version information of the latest publicly released build, whatever latest happens to refer to at runtime. That way, we can build a fully automated function into our CI system that increments the version number if and only if the latest publicly deployed release is different than the last one reflected in source (thinking a .latest_release text file or similar).
Is such a retrieval of the latest build possible with the API?
Post not yet marked as solved
I'm trying to get a response from Look Up Order ID. I have the following code to test the JWT token is working:
var {KJUR, KEYUTIL} = require('jsrsasign');
var uuid = require('uuid');
var moment = require('moment');
var axios = require('axios');
var R = require('ramda');
function fixPrivateKeyReturnLine(privKey) {
const privateKeyPatcher = R.replace(new RegExp("\\\\n", "\g"), "\n");
return privateKeyPatcher(privKey);
}
function getToken(){
var oHeader = {alg: 'ES256', typ: 'JWT', kid: `${process.env.APPLE_KEY_ID}`};
var oPayload = {
iss: `${process.env.APPLE_ISS}`,
iat: moment().unix(),
exp: moment().add(20, 'minutes').unix(),
aud: 'appstoreconnect-v1',
nonce: uuid.v4(),
bid: 'com.XXXXX.YYYYY', // Bundle -> attributes.identifier
}
var sHeader = JSON.stringify(oHeader);
var sPayload = JSON.stringify(oPayload);
var secret = fixPrivateKeyReturnLine(process.env.APPLE_API_KEY);
var prvKey = KEYUTIL.getKey(secret);
return KJUR.jws.JWS.sign('ES256', sHeader, sPayload, prvKey);
}
function getByOrderId(url, orderId){
var axiosHeaders = {
headers: {
"Authorization": `Bearer ${getToken()}`,
"Content-Type": "application/json"
}
}
return axios.get(`${url}/${orderId}`, axiosHeaders)
.then( res => console.log(`Response ---> ${res}`))
.catch( err => console.log(`ERROR ---> ${err}`))
}
getByOrderId('https://api.storekit.itunes.apple.com/inApps/v1/lookup', 'order_id');
// Response Production: ERROR ---> Error: Request failed with status code 401
getByOrderId('https://api.storekit-sandbox.itunes.apple.com/inApps/v1/lookup', 'order_id');
// Response Sandbox: ERROR ---> Error: Request failed with status code 404
When I create the JWT and hit Sandbox I get 404 (Not found), which makes me think the token is well generated. If I change the endpoint to Production URL I get 401 (Unauthorized).
Do I need to create 2 In-Apps keys for each environment? Should I use App Store Connect API keys? How can I check/debug where is the error on the Production endpoint? or Is there anything am I missing?
Post not yet marked as solved
Hi,
I understand there is are many options to manage App Store Connect programmatically using the API.
But it seems that In-App Purchases cannot be created or maintained using the API.
I have an app with about 30 IAPs that soon will expand to 1000+ IAPs due to multiple translations of contents.
Any solution?
Post not yet marked as solved
hello I'm trying to download finance detail report via api, but all I get is the consolidated reports. I see the answer for same question: https://developer.apple.com/forums/thread/134209 , and i tried to add the region code Z1 but api returns the following error:
APIError: There were no sales for the date specified.
another question:
the parameter Report Date is confusing, when I put '2022-01' I got reports for the period sep 2021. I tried different dates and it always returned data from 3 months before.
Post not yet marked as solved
We are getting ready to transfer an App from an outside developer into our organization.
According to the Help Forum they recommend backing up all information.
What kind of data needs to be backed up and where?
Post not yet marked as solved
We are using notarytool to notorize installers for distribution.
notarytool submit file-path
{ -k key-path -d key-id -i issuer | --apple-id
apple-id [--password app-specific-password]
--team-id team-id | -p profile-name [--keychain keychain-path] }
[--wait --no-s3-acceleration]
App Store Connect API Keys
Developer ID team administrators can create App Store Connect API
keys for the developers on their team by logging into
<https://appstoreconnect.apple.com/access/api> and selecting the
"Keys" tab. For security purposes, the private key can only be
downloaded once.
-k, --key key-path
App Store Connect API key. File system path to the
private key.
-d, --key-id key-id
App Store Connect API Key ID. For most teams this will be
a 10 character alphanumeric string.
-i, --issuer issuer
App Store Connect API Issuer ID. The issuer ID is a UUID
format string.
What is the recommended practice for the key-path, where should the API private key be stored in the the file system ?
There is this documentation
https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/storing_keys_in_the_keychain
https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys
https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/storing_keys_in_the_secure_enclave
But none seems to make a recommendation for storing private keys in a way that would work with notarytool
https://help.apple.com/developer-account/#/devcdfbb56a3
States the following, but does not make a recommendation
WARNING: Save this file in a secure place because the key is not saved in your developer account and you won’t be able to download it again. If the Download button is disabled, you previously downloaded the key.
Post not yet marked as solved
Additionally,
you can only remove apps if all versions of that app are in one of the following
states:
• Prepare for Submission
• Invalid Binary
• Developer Rejected
• Rejected
• Metadata Rejected
• Developer Removed From Sale
• Removed From Sale
I have try a lot of things .... I' m only interrested in
IOS 1.0 ; I don't need the
mac0s 1.0 and also not the tvos 1.0
My IOS 1.0 was rejected before because of lack in the
privacy statement , so I make the change in my apps and try to send a new
version without success.
My apps status is now
iOS App
·
1.0 Ready for Review
This is for the history.
Now I want to restart from scratch .
I want to have my app in the status rejected again so I
go to app revew
TYPE
DATE
?
VERSION
REVIEW
STATUS
App Store Submission
Feb 11, 2022 at 11:49 AM
iOS 1.0
Unresolved Issues
Resolve
and type resolve to get the
rejected again
But I get
An error has occurred. Try
again later.
App Review
Feb
11, 2022 at 11:49 AM
Resubmit to App Review
Unresolved Issues
Date Submitted
Feb 11, 2022 at 11:49 AM
Submitted By
Last Updated By
Submission ID
7e2faca0-2db1-4473-9653-a835d2a725ca
Items Submitted (1)
You can review and make edits to your
items below, or communicate with Apple. Accepted items won't be available for
release until all items with issues are resubmitted and accepted. You can also
remove those items and resubmit them later.
There are errors with one or more of your items. To fix them,
you need to remove the items and add them again to your submission.
What can I do ?
Hi everyone,
We are trying to move from using saved login sessions on our CI systems to the fancy API Key methods. Once we finally convinced our security folks to allow us to try using an admin level key we were still disappointed to find that not everything is working...
For a little setup we are building on:
macOS 12.1
Xcode 13.2.1
What we are building:
a developer-id signed Mac app
It does not have an App Store version
The bundle IDs are registered in the developer page and have been for years.
It's a regular app with some subprojects bundled inside it. (It's in production on a very wide scale and has been for years.) We recently had to add an entitlement to one of the components and thus the build now requires a provisioning profile. It's the monkey's paw promise of automatic signing with an API Key in Xcode 13 that has let that profile bring a dark malaise to my world.
When trying to build, archive, and export the app with xcodebuild we've managed to get the build and archive steps to work with the API Key. We can NOT authenticate though with the API key during the export stage. Because of this it can't find the profile for the app. If I login to the ADC page in Xcode, then download the profile with the "Download Manual Profile" button, then remove the account from Xcode again it will export the archive by using the local profile. It will though continue to flail around trying to authenticate over and over and over and over and over again using the token.
2022-03-03 08:12:49.026 xcodebuild[33107:1065902] DVTServices: Received response for 78B4588E-1CB0-4E56-86E7-4A62EB8E94A0 @ <https://appstoreconnect.apple.com/xcbuild/QH65B2/listTeams.action?clientId=XABBG36SBA>. Error = Error Domain=DVTPortalResponseErrorDomain Code=0 "Communication with Apple failed" UserInfo={NSLocalizedDescription=Communication with Apple failed, NSLocalizedRecoverySuggestion=A non-HTTP 200 response was received (401) for URL https://appstoreconnect.apple.com/xcbuild/QH65B2/listTeams.action?clientId=XABBG36SBA}
One of the goals of using an API Key on CI is that we can get away from things like needing to press manual download buttons, or try to maintain the Apple IDs that time out every 20 minutes. This is blocking us from that glorious goal and driving me to the precipice of madness.
We are going to open a DTS incident on this, but I wanted to be sure that we also posted the info here for the community.
(Note that it took us a while to realize that in order to use a token you also must remove any Apple IDs from the Xcode prefs. This would be super helpful if it was in the documentation!)
Post not yet marked as solved
when I tried to run build: ios, I get this error: Network timeout: "AccessForbiddenError", "Apple 403 detected - access denied". Retry in 3 seconds
Post not yet marked as solved
Is it possible to generate the Mac App Distribution and Mac Installer Distribution certificates from the command-line, instead of using the https://developer.apple.com/account/resources/certificates/add website?
Ludvig A. Norin
HansaWorld Development
Post not yet marked as solved
https://api.appstoreconnect.apple.com/v1/profiles/{id}?include=bundleId.bundleIdCapabilities
The detail of the api refer to
https://developer.apple.com/documentation/appstoreconnectapi/read_and_download_profile_information.
ACCESS_WIFI_INFORMATION capability is enabled, but the api result data is missing the capability.
Post not yet marked as solved
Hi! We’re having an issue with the new App Store Connect dSYMs API in one of our automatic process. We’re obtaining dSYMs download URL through app’s build data to upload it to Bugsnag.
We noticed something that can be considered a bug, it is a consistency problem that occurs when using that service to obtain the .zip file that contains the dSYMs, always trying to hit it through our API returns 401 (bad signature). But this gets fixed (starts always returning 200 in the API) once we use a generated URL (from the build-bundle request) for that release in a browser (tested in postman, chrome or safari, incognito mode or not). Was there any similar report or case? Is it a known issue? Are there any extra considerations when using this URL, such as cookies, user agent, etc?
Thanks!
Post not yet marked as solved
Hello I'm writing to the developer forums as a last ditch effort I have been trying unsuccessfully for the last two months to get apple engineering to look at what my App is named = WEEID and that when searching it will attempt to auto correct you to Weed which is not the name of my App and I was informed by apple support that this is normal behavior. I get a cop out answer for support of the following "I am following up with you regarding the issue that you are encountering when searching for your app “WeeID” on the App Store.
App Store search results are based on several factors determined by Apple-confidential algorithms and our engineering team has confirmed that search results are working as expected. The issue that you are encountering is related to the app name “WeeID” being auto-corrected to “weed”, which our engineering team advises is a reasonable auto-correction.
I hope this update is helpful and thank you for understanding our support polices. If you have any questions, please reply to this email and I will get back to you quickly. "
Which is not only a lie but just terrible customer service to begin with. How do I as a company escalate this request to someone like a engineering manager who has the power to help me get this updated so that my app can be searchable. This seems to be unfair trade practices IMO.
