403 Forbidden error

Hello Apple Developer Support,

I am facing an issue when attempting to use the App Store Connect API with my API key. While basic access (e.g., /v1/apps) works correctly, any requests related to Certificates, Identifiers & Profiles (CIP) are failing with a 403 Forbidden error. Here are the details of the request and validation results: JWT Details: { "header": { "alg": "ES256", "kid": "2XLW343BLM", "typ": "JWT" }, "payload": { "iss": "9cf6159c-e038-4703-b542-7652242a6dbf", "iat": 1757515277, "exp": 1757516357, "aud": "appstoreconnect-v1" } } Test Results: ✅ /v1/apps?limit=1 → Status: 200 (working) ❌ /v1/bundleIds?limit=1 → Status: 403 Error: Unable to find a team with the given Content Provider ID 9cf6159c-e038-4703-b542-7652242a6dbf to which you belong. ❌ /v1/certificates?limit=1 → Status: 403 Error: This request is forbidden for security reasons. ❌ /v1/profiles?limit=1 → Status: 403 Error: Unable to find a team with the given Content Provider ID. I have already confirmed that: All API keys were generated correctly. All required roles and permissions have been assigned in App Store Connect. It seems that while public access endpoints are functioning, the CIP endpoints are blocked for my account/key. Could you please advise: Why the given Content Provider ID is not being recognized? Whether additional permissions, roles, or configuration are required to enable access to Certificates, Identifiers, and Profiles through the API? If it is possible to reset or refresh my membership/team configuration so that I can successfully access the App Store Connect API endpoints for CIP.

Thank you for your support and guidance. Best regards

Hello Apple Developer Support Team,

Thank you for your assistance. I would like to provide the requested details regarding the error we are facing when using the App Store Connect API.

• Mac usage: This Mac is dedicated to a single development team. • Platform: iOS application signing.

• Deployment type: We are preparing for Ad-hoc/App Store deployment.

Error details: When calling the App Store Connect API with our API Key (Key ID, Issuer ID), we observe:

• /v1/apps?limit=1 → 200 OK • /v1/bundleIds?limit=1 → 403 Forbidden • /v1/certificates?limit=1 → 403 Forbidden • /v1/profiles?limit=1 → 403 Forbidden

The error returned is: Unable to find a team with the given Content Provider ID to which you belong.

Steps already verified:

• The JWT is correctly generated (ES256, valid iat/exp, aud = appstoreconnect-v1).

• The API Key is active in App Store Connect.

• The Developer Program membership is active. It seems the key is associated with an Issuer ID/Provider ID that does not have access to Certificates, Identifiers & Profiles, even though the App Store access is working.

Request: Could you please confirm if the API Key has the required role/permissions for CIP access, or if it was created under a different team/provider than the one associated with our Apple Developer Program membership? Thank you for your support.

Error Fetching Certificates in Codemagic – Content Provider ID Not Found

Hello,

I’m experiencing an issue in Codemagic when trying to fetch certificates from the Apple Developer Portal. The error message I receive is:

Failed to fetch certificates: This request is forbidden for security reasons – Unable to find a team with the given Content Provider ID ‘72df6041-c291-4d95-b690-2a3b75ff72f6’ to which you belong. Please contact Apple Developer Program Support.

I have confirmed that I am logged into the correct Apple Developer account and that I’m using the correct Issuer ID, Key ID, and private key. I have also verified that the API key has the necessary permissions.

I tested the API key with Admin, App Manager, and Developer roles, but the same error occurred each time. The key was created under my team.

Could you please advise me on how to resolve this issue?

Thank you in advance.

I am facing the exactly same problem

I have the same problem. Getting 403 when trying to create a new API Key.

I am facing the same problem

did you fix it, i have the same problem and still stuck with it

We have the same problem. Please help. Thanks!

I've been getting the same error for a couple weeks now. I'm using a third-party wrapper to hopefully get my web app onto the apple store. Everything seems to be correct, but still getting this error: "code": "FORBIDDEN_ERROR", "title": "This request is forbidden for security reasons", "detail": "Unable to find a team with the given Content Provider ID 'c139b742-81df-408e-8849-177df15a8e45' to which you belong.

I’m seeing the same issue when calling the API to search certificates. The response looks like this:

{
  "status": "403",
  "code": "FORBIDDEN_ERROR",
  "title": "This request is forbidden for security reasons",
  "detail": "Unable to find a team with the given Content Provider ID 'xxxxxxxxx' to which you belong. Please contact Apple Developer Program Support. https://developer.apple.com/support"
} 

Has anyone resolved this ?

having the same issue. I do know that when I spoke with the apple connect developer support they stated that the content provider ID they had (nine digits), was different than the one that Is provided in apple connect and in turn in my my build and error details(UUID 32 hexadecimal characters plus 4 hyphen, for a total of 36 characters). So I used this link: https://itunesconnect.apple.com/WebObjects/iTunesConnect.woa/ra/user/detail to take a look at my account details. If your logged into the connect store and click this link you will see a json file that contains your account data. Here I was able to verify that the content provider ID(nine digits): matches what apple connect developer support told me they had. And the number I had given them: 36 characters is listed here as the "contentProviderPublicId". But so far no resolution. Either my 3 party build team or apple can help solve this issue. Seems to me there is a disconnect here somewhere.

I'm having the exact same problem. Keys are created in https://appstoreconnect.apple.com/access/integrations/api with sufficient access permissions.

To eliminate all potential misdoings on my side I used altool to generate the JWTs for API requests:

JWT=$(xcrun altool --generate-jwt --apiKey "${APP_STORE_CONNECT_KEY_IDENTIFIER}" --apiIssuer "${APP_STORE_CONNECT_ISSUER_ID}" 2>&1 | tail -1)

With the generated JSON Web Token I can successfully access endpoints such as List Apps

10:56:08 priit@marmot ~ curl -H "Authorization: Bearer ${JWT}" https://api.appstoreconnect.apple.com/v1/apps | jq '.meta'

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 10945  100 10945    0     0  15788      0 --:--:-- --:--:-- --:--:-- 15770
{
  "paging": {
    "total": 1,
    "limit": 50
  }
}

and List Users

10:56:35 priit@marmot ~ curl -H "Authorization: Bearer ${JWT}" https://api.appstoreconnect.apple.com/v1/users | jq '.data[] | .attributes.roles'

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   973  100   973    0     0   1381      0 --:--:-- --:--:-- --:--:--  1380
[
  "ACCOUNT_HOLDER",
  "ADMIN"
]

But trying to access any resource under the Provisioning group results in the error described above.

For example listing certificates:

10:56:54 priit@marmot ~ curl -H "Authorization: Bearer ${JWT}" https://api.appstoreconnect.apple.com/v1/certificates | jq

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   414  100   414    0     0    716      0 --:--:-- --:--:-- --:--:--   716
{
  "errors": [
    {
      "id": "e70dd620-a680-4cd7-9856-7f430955628b",
      "status": "403",
      "code": "FORBIDDEN_ERROR",
      "title": "This request is forbidden for security reasons",
      "detail": "Unable to find a team with the given Content Provider ID 'f5dbed8a-f897-4690-a802-44a53612a306' to which you belong.  Please contact Apple Developer Program Support. https://developer.apple.com/support"
    }
  ]
}

or provisioning profiles:

10:57:06 priit@marmot ~ curl -H "Authorization: Bearer ${JWT}" https://api.appstoreconnect.apple.com/v1/profiles | jq

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   414  100   414    0     0    696      0 --:--:-- --:--:-- --:--:--   696
{
  "errors": [
    {
      "id": "576b557b-480f-452a-9b91-e21f3993caea",
      "status": "403",
      "code": "FORBIDDEN_ERROR",
      "title": "This request is forbidden for security reasons",
      "detail": "Unable to find a team with the given Content Provider ID 'f5dbed8a-f897-4690-a802-44a53612a306' to which you belong.  Please contact Apple Developer Program Support. https://developer.apple.com/support"
    }
  ]
}

Of course the same error happens when attempting to create, modify or delete provisioning resources.

I am facing same issue for few of our apps. Anyone found workaround

Hi! Did someone managed to resolve this issue?

403 Forbidden error
 
 
Q