Notarization Failure. HTTP status code: 401

Are you doing this as a member of a (paid) Apple Developer Program team? That’s a requirement for notarisation.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Yes. I'm a member of Apple Developer Program

I am experiencing the same issue as well.

I'm having the same issue. Is it possible that an App-Specific password is not allowed for a Managed Apple ID?

I've checked a number of common issues:

1. Apple account renews in July 2025
2. I have Admin permissions on the Developer accont
3. I've followed the instructions in Notarizing macOS software before distribution
4. I've checked my apple-id, team-id, and recreated the App-Specific password many times.

It seems I may need to go the direction of Team or Individual API keys but I cannot get that to work either. There is no button to create an API key even though it says I have the permission.

It seems I may need the Account Holder to enable the App Store Connect API. Can someone confirm that whether that would allow creating Team or Individual API Keys?

$ xcrun notarytool store-credentials 'Notarization' --apple-id $APPLEID --team-id $TEAMID --verbose
[05:40:47.046Z] Debug [MAIN] Running notarytool version: unknown (0), date: 2024-12-04T05:40:47Z, command: /Library/Developer/CommandLineTools/usr/bin/notarytool store-credentials Notarization --apple-id redacted --team-id redacted --verbose

This process stores your credentials securely in the Keychain. You reference these credentials later using a profile name.

App-specific password for redacted:
Validating your credentials...
[05:41:00.244Z] Info [API] Initialized Notary API with base URL: https://appstoreconnect.apple.com/notary/v2/
[05:41:00.245Z] Info [API] Preparing GET request to URL: https://appstoreconnect.apple.com/notary/v2/test?, Parameters: [:], Custom Headers: private<Dictionary<String, String>>
[05:41:00.245Z] Debug [AUTHENTICATION] Delaying current request to refresh app-specific password token.
[05:41:00.246Z] Info [API] Preparing GET request to URL: https://appstoreconnect.apple.com/notary/v2/asp?, Parameters: [:], Custom Headers: private<Dictionary<String, String>>
[05:41:00.246Z] Debug [AUTHENTICATION] Authenticating request to '/notary/v2/asp' with Basic Auth. Username: redacted, Password: private<String>, Team ID: redacted
[05:41:00.248Z] Debug [TASKMANAGER] Starting Task Manager loop to wait for asynchronous HTTP calls.
[05:41:00.917Z] Debug [API] Received response status code: 401, message: unauthorized, URL: https://appstoreconnect.apple.com/notary/v2/asp?, Correlation Key: FPB3JXB5F7KWNVLZVOKWME4ZKU
[05:41:00.917Z] Error [TASKMANAGER] Completed Task with ID 2 has encountered an error.
[05:41:00.917Z] Debug [TASKMANAGER] Ending Task Manager loop.
Error: HTTP status code: 401. Unable to authenticate. Invalid session. Ensure that all authentication arguments are correct.

Recently I got a message from my organization saying "All apple accounts needs to be managed by them". As part of that I transferred my account and was needed to change the country. Can this cause any issues in notarization?

My Account Holder enabled the App Store Connect API and I'm now able to notarize apps using a Team API key. I couldn't get this to work using an App-Specific password and my apple-id.

@ryanollos Did you create Individual API Key or Team Key?

I created a Team API Key. I didn't try with an Individual API Key.