Hello, I am trying to call the StoreKit In-App API, but I am consistently receiving a 401 Unauthenticated error. Here is what I have done so far: JWT creation (via https://jwt.io): Header: { "alg": "ES256", "kid": "**********", "typ": "JWT" } Payload: { "iss": "********-e662-43d2-be42-012d0138ce39", "aud": "appstoreconnect-v1", "iat": 1757389187, "exp": 1757390987 } Private Key (.p8): -----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
Algorithm used: ES256
This generates the JWT successfully.
API Call:
I then include the JWT in the request header as follows: Authorization: Bearer ************ Endpoint: https://api.storekit-sandbox.itunes.apple.com/inApps/v1/transactions/2000001003740262
Response: Status: 401 Unauthenticated Request ID: S3KCYHDVRMDKUT3TZVTY3QRRWM.0.0
Has anyone else faced this issue?
Is there something incorrect with how I’m generating the JWT (e.g., iat/exp values, formatting, or encoding)?
Do I need to generate separate keys for Sandbox and Production, or is the same key valid for both?
Any guidance would be appreciated. Thanks in advance!