Problem with App Store Connect APIs. Able to apply GET method but not POST and PATCH

Hi, I am working with App Store Connect APIs. and I am able to work with all GET requests but when ever I try to call a PATCH request or POST request I got an error from App Store Connect. like this

`    {
            "status": "405",
            "code": "METHOD_NOT_ALLOWED",
            "title": "The request method is not valid for the resource path.",
            "detail": "The request method used for this request is not valid for the resource path. Please consult the documentation."
        }`

I read all documentation but not able to find out why this is happening. I hope you can help me with this.

Thanks is advance.

Up vote post of Krishnatrea Down vote post of Krishnatrea
3.8k views
Posted by
Krishnatrea
Reply

  • I am also getting same error, why?

    VidyaBinoy
Add a Comment

Replies

is it because app store connect has introduced 2FA?

Posted by
shabari13
Up vote reply of shabari13 Down vote reply of shabari13
Add a Comment

I didn't get answers for this but I used fastlane and it really solved the issue. Without any problems

Posted by
Krishnatrea
Up vote reply of Krishnatrea Down vote reply of Krishnatrea
Add a Comment

Hey @Krishnatrea,

What App Store Connect API are you trying to post data to? Could you please share a link to the API documentation? I am able to post data successfully and will see if I can post an example of a successful cURL request.

Thanks!

Posted by
ChuckMN
Up vote reply of ChuckMN Down vote reply of ChuckMN
Add a Comment

Hi @ChuckMN, here's an example request:

curl -X "DELETE" "https://api.appstoreconnect.apple.com/v1/appInfoLocalizations/{APP_INFO_LOCALIZATION_ID}" \
     -H 'Authorization: Bearer {TOKEN}' \
     -H 'Content-Type: application/json; charset=utf-8' \
     -d $'{}'

That is getting the following error: status: 405 code: Method Not Allowed title: The request method is not valid for the resource path.

The documentation is here: https://developer.apple.com/documentation/appstoreconnectapi/delete_an_app_info_localization

Any guidance or suggestions would be great!

Posted by
joestone
Up vote reply of joestone Down vote reply of joestone
Add a Comment

Hey @joestone,

What happens when you remove the Content Type header and the body data from the request to look like the below?

curl --request DELETE "https://api.appstoreconnect.apple.com/v1/appInfoLocalizations/{APP_INFO_LOCALIZATION_ID}" \
     --header 'Authorization: Bearer {TOKEN}' \

I am able to successfully hit the API and remove a localization when making the above request. I think it could be due to the fact that when you are making a DELETE request, the endpoint is not expecting to receive any data as a part of the request and interpreting it as something that is not supported (specific to Apple where other endpoints may support data in the body).

Hopefully this helps and we can keep digging in if this does not solve it!

Happy Coding!

Posted by
ChuckMN
Up vote reply of ChuckMN Down vote reply of ChuckMN
Add a Comment

Check to make sure the JWT has all the required fields. If you're able to access the GET methods of the API but not the more restricted methods (POST, PATCH, DELETE) you might have missed a required field.

Here are the docs for setting up your jwt: https://developer.apple.com/documentation/appstoreserverapi/generating_tokens_for_api_requests

Reposted from the docs; header

{
"alg": "ES256",
"kid": "2X9R4HXF34",
"typ": "JWT"
}

payload

{
  "iss": "57246542-96fe-1a63e053-0824d011072a",
  "iat": 1623085200,
  "exp": 1623086400,
  "aud": "appstoreconnect-v1",
  "bid": "com.example.testbundleid2021"
}
Posted by
joestone
Post not yet marked as solved Up vote reply of joestone Down vote reply of joestone
Add a Comment

I ran into the same error, and it was also caused by a bad JWT. In my case the problem was caused by the scope property. E.g.:

{
  "iss": "57246542-96fe-1a63e053-0824d011072a",
  "iat": 1623085200,
  "exp": 1623086400,
  "aud": "appstoreconnect-v1",
  "bid": "com.example.testbundleid2021",
  "scope": [ "PATCH /v1/appStoreVersionLocalizations/{id}" ]
}

The scope property doesn't cause problems with GET requests, but it causes PATCH requests to fail with The request method is not valid for the resource path.

Fixed by omitting the scope property.

Posted by
darren11
Post not yet marked as solved Up vote reply of darren11 Down vote reply of darren11

  • Had the same problem as darren11. The 405 is really misleading, making you believe that you have a problem with the url/method itself. If it was a 405 but stating that the jwt scope was a fault, I would not have spent one hour+ pulling the tiny hairs I have left... Scope is only for GET apparently. I would have love this to be for other method than GET, it was a pretty cool security feature. What a pity.

    yanlevesque
Add a Comment