Has anyone seen this issue?
We have a user who changed their Apple ID password about 5 days ago. Now when they authenticate via MusicKit JS:
- authorize() succeeds and returns a user token
- Immediately calling any /me/ endpoint returns 403 "Invalid authentication" (code 40300)
- Developer token works fine on catalog endpoints
- User has active Apple Music subscription
- Other users work fine through the same flow
- App doesn't appear in user's "Apps Using Your Apple ID"
We've tried:
- Calling unauthorize() before authorize()
- Clearing localStorage/sessionStorage/cookies
- Multiple re-auth attempts over several days
The token is freshly issued but Apple's API immediately rejects it.
Anyone encountered this after a password change? Any workarounds?