Hello, We are encountering an issue when using the App Store Connect API to create a bundle ID via the endpoint: POST https://api.appstoreconnect.apple.com/v1/bundleIds In our request, we specify the platform value "UNIVERSAL", which according to the official documentation is a valid value: BundleIdPlatform documentation However, the API now returns the following error response: { "errors": [ { "code": "ENTITY_ERROR.ATTRIBUTE.TYPE", "detail": "'UNIVERSAL' is not a valid value for the attribute 'platform'. Expected one of: 'IOS', 'MAC_OS'", "status": "409", "title": "An attribute in the provided entity has the wrong type" } ] } According to the documentation, the platform attribute accepts the following values: IOS, MAC_OS and UNIVERSAL. It appears that UNIVERSAL is no longer accepted even though it is still listed as a valid option. Has support for UNIVERSAL been deprecated or changed recently? If so, what is the current recommended way to create bundle IDs that are intended for multiple platforms? Any clarification would be greatly appreciated. Thank you!

We have been using this API call to set the In-App Provisioning capability for 2+ years and it just recently started returning errors. To set the In-App Provisioning capability we had been using the App Store Connect API directly: curl "https://api.appstoreconnect.apple.com/v1/bundleIdCapabilities" -X POST --header "Authorization: Bearer #{appleApiToken}" --header "Content-Type: application/json" -d '{"data": {"type": "bundleIdCapabilities", "attributes": {"capabilityType": " IN_APP_PASS_PROVISIONING"}, "relationships": {"bundleId": {"data": {"id": "#{appStoreBundleIdentifier}", "type": "bundleIds"}}}}}' The IN_APP_PASS_PROVISIONING capability type is shown, by getting the bundle ID capabilities, when In-App Provisioning is set on a bundle ID: curl "https://api.appstoreconnect.apple.com/v1/bundleIds/#{appStoreBundleIdentifier}/bundleIdCapabilities" --header "Authorization: Bearer #{appleApiToken}" After manually setting the In-App Provisioning capability via the Apple Developer portal you will see the new capabilityType: {     "type" : "bundleIdCapabilities",     "id" : "##########_IN_APP_PASS_PROVISIONING",     "attributes" : {       "settings" : null,       "capabilityType" : "IN_APP_PASS_PROVISIONING"     },     "relationships" : {       "bundleId" : {         "links" : {           "self" : "https://api.appstoreconnect.apple.com/v1/bundleIdCapabilities/##########_IN_APP_PASS_PROVISIONING/relationships/bundleId",           "related" : "https://api.appstoreconnect.apple.com/v1/bundleIdCapabilities/##########_IN_APP_PASS_PROVISIONING/bundleId"         }       }     },     "links" : {       "self" : "https://api.appstoreconnect.apple.com/v1/bundleIdCapabilities/##########_IN_APP_PASS_PROVISIONING"     }   } The problem now is Apple has recently (within the last week) removed support for setting the IN_APP_PASS_PROVISIONING capability type via the bundleIdCapabilities API endpoint. {   "errors" : [ {     "id" : "c6644913-d1c5-4eda-9faa-7766adf25c39",     "status" : "409",     "code" : "ENTITY_ERROR.ATTRIBUTE.TYPE",     "title" : "An attribute in the provided entity has the wrong type",     "detail" : "'IN_APP_PASS_PROVISIONING' is not a valid value for the attribute 'capabilityType'. Expected one of: 'ICLOUD', 'IN_APP_PURCHASE', 'GAME_CENTER', 'PUSH_NOTIFICATIONS', 'WALLET', 'INTER_APP_AUDIO', 'MAPS', 'ASSOCIATED_DOMAINS', 'PERSONAL_VPN', 'APP_GROUPS', 'HEALTHKIT', 'HOMEKIT', 'WIRELESS_ACCESSORY_CONFIGURATION', 'APPLE_PAY', 'DATA_PROTECTION', 'SIRIKIT', 'NETWORK_EXTENSIONS', 'MULTIPATH', 'HOT_SPOT', 'NFC_TAG_READING', 'CLASSKIT', 'AUTOFILL_CREDENTIAL_PROVIDER', 'ACCESS_WIFI_INFORMATION', 'NETWORK_CUSTOM_PROTOCOL', 'COREMEDIA_HLS_LOW_LATENCY', 'SYSTEM_EXTENSION_INSTALL', 'USER_MANAGEMENT', 'APPLE_ID_AUTH'",     "source" : {       "pointer" : "/data/attributes/capabilityType"     }   } ] } How do we set the In-App Provisioning (IN_APP_PASS_PROVISIONING) capability type via the Apple API on bundle IDs that have been approved by Wallet Entitlements?

Hello, I am thinking of developing a parental control app but I do not know if I need to request the api for using "Time Screen API". In positive case, where it should be? Is there anyway to use this for educational centers? Not just for families? Kind regards.

I'm using App Store Connect API to automate onboarding/off-boarding user invitations for my team members when they start working on my app. Once devs join the team, I'd like to invite them to the specific app's beta test group. This requires some additional work after the user has joined the team because unlike visibleApps, there's no way to initially indicate the beta test groups that a user should have access to. One challenge I'm finding is that people don't immediately join the team on time so polling feels a bit excessive/wasteful. Is there some recommended mechanism for adding users to the internal test flight group, or is there a way to trigger a webhook when the list of users is updated. I noticed that there's a new /v1/marketplaceWebhooks API so I imagine this is the recommended format for registering callbacks. Any assistance here would be greatly appreciated.

Hello everyone, I’m building a custom tool that uses the App Store Connect API (v1) to manage my team’s users. I can successfully list all users with: GET https://api.appstoreconnect.apple.com/v1/users …but the JSON response only includes fields like firstName, lastName, email, allAppsVisible, provisioningAllowed, and roles. There is no lastLogin or timestamp field anywhere in the User object: { "data": [ { "id": "USER_ID", "type": "users", "attributes": { "firstName": "mohit", "lastName": "tiwari", "email": "", "allAppsVisible": false, "provisioningAllowed": false }, "relationships": { … } }, … ] } My main question is: How can I retrieve each user’s “last login” timestamp via the App Store Connect API? Is this even possible with the current endpoints? If it isn’t exposed, has Apple any plans to add this? Or are there any recommended workarounds—perhaps via audit logs or another API—to track when each user last accessed App Store Connect? Thanks in advance for your guidance and any code/endpoint examples you can share!

I hope this message finds you well. I’m reaching out to ask whether specific App Store Connect metrics available in the App Analytics dashboard can also be accessed via the App Store Connect REST API. I have reviewed the official API documentation, but I couldn’t find confirmation regarding the metrics listed below. Could you kindly clarify if the following metrics are available through the REST API? And if so, could you point me to the relevant endpoints or documentation? From the "Usage" group: Installations (Opt-in only) Active Devices Deletions (Uninstalls) From the "App Store" group: Impressions (Unique Devices) Product Page Views (Unique Devices) If these metrics are not available via the REST API, is there an alternative method to programmatically access or export them? Thank you very much in advance for your help and guidance.

Hi everyone, I’m new here. I’m working with the App Store Connect (ASC) Analytics API and I have some questions about how to retrieve historical data for downloads and in-app purchases. I’ve created two types of reports: 1. ONGOING: Retrieves current and recent data. 2. ONE_TIME_SNAPSHOT: Supposedly retrieves historical data. I am specifically interested in the Detailed versions: • App Store Downloads Detailed • App Store Purchases Detailed What's my problem? 1. The ONGOING report brings instances with data from the last few days, which seems correct for App Downloads. But not with Purchases, it brings just a few random days and I'm not sure about the granularity. 2. The ONE_TIME_SNAPSHOT report, however, retrieves instances with data from specific days, but the selection of these days appears to be random. I can’t figure out the criteria behind it. Does anyone know what the selection criteria are for the days that appear in the ONE_TIME_SNAPSHOT report? Is it possible to configure the date range for this type of report? Why are some historical dates available while others are not? Is there a way to ensure that the ONE_TIME_SNAPSHOT report brings data from all days within a specified range? Any advice or insights would be greatly appreciated! Thanks in advance!

I'm setting up App Store Notifications for my app. Having trouble verifying even the TEST notification, through. I'm generating JWT-token and sending it via Postman. I get a successful notification UUID as a response. But my Node.JS endpoint says it can't verify it. Here's the endpoint: const fs = require('fs'); const path = require('path'); const { SignedDataVerifier, Environment } = require('@apple/app-store-server-library'); module.exports = function (sqlexec) { function loadRootCAs() { // const gPath = path.resolve(__dirname, "AppleIncRootCertificate.cer"); const g3Path = path.resolve(__dirname, "AppleRootCA-G3.cer"); // const g2Path = path.resolve(__dirname, "AppleRootCA-G2.cer"); const loadedCerts = []; try { // loadedCerts.push(fs.readFileSync(gPath)); loadedCerts.push(fs.readFileSync(g3Path)); // loadedCerts.push(fs.readFileSync(g2Path)); if (loadedCerts.length === 0) { throw new Error("No Apple Root CA certificates were loaded."); } console.log("[APPLE NOTIFICATIONS2] Apple Root CA certificates loaded successfully."); return loadedCerts; } catch (error) { console.error("❌ CRITICAL: Error loading Apple Root CA certificate(s):", error.message); console.error("Ensure 'AppleRootCA-G3.cer' (and others if specified) are present at the expected path and readable."); throw new Error("Failed to load essential Apple Root CA certificates. Notification processing will fail."); } } const appleRootCAs = loadRootCAs(); const enableOnlineChecks = true; const environment = Environment.SANDBOX; const bundleId = "SomeBundleID"; const appAppleId = undefined; // Set if you're in PRODUCTION const verifier = new SignedDataVerifier( appleRootCAs, enableOnlineChecks, environment, bundleId, appAppleId ); router.post('/notifications_refund', async function (req, res) { const signedPayload = req.body.signedPayload; try { const notificationVerificationResult = await verifier.verifyAndDecodeNotification(signedPayload); if (!notificationVerificationResult.isValid) { console.error(`[APPLE NOTIFICATIONS2] Failed to verify notification. Status: ${notificationVerificationResult.verificationStatus}, Error: ${notificationVerificationResult.errorMessage || 'N/A'}`); return res.status(400).json({ status: "error", message: "Invalid notification signature or payload." }); } const decodedNotification = notificationVerificationResult.payload; const notificationType = decodedNotification.notificationType; const subtype = decodedNotification.subtype; if (notificationType === 'TEST') { console.log(`[APPLE NOTIFICATIONS2] Received TEST notification. Subtype: ${subtype}`); // The TEST notification's data.signedTransactionInfo is a JWS representing a sample transaction. } else if (notificationType === 'REFUND') { console.log(`[APPLE NOTIFICATIONS2] Received REFUND notification. Subtype: ${subtype}`); } else { console.log(`[APPLE NOTIFICATIONS2] Received notificationType: ${notificationType}, Subtype: ${subtype}. Skipping non-refund/test type for this endpoint.`); return res.status(200).json({ status: "success", message: "Notification received, but not a type processed by this refund endpoint." }); } // Ensure data and signedTransactionInfo exist if (!decodedNotification.data || !decodedNotification.data.signedTransactionInfo) { console.error("[APPLE NOTIFICATIONS2] Notification payload is missing data or signedTransactionInfo."); return res.status(400).json({ status: "error", message: "Notification missing transaction info." }); } const transactionInfoJWS = decodedNotification.data.signedTransactionInfo; const transactionVerificationResult = await verifier.verifyAndDecodeTransaction(transactionInfoJWS); if (!transactionVerificationResult.isValid) { console.error(`[APPLE NOTIFICATIONS2] Failed to verify signedTransactionInfo. Status: ${transactionVerificationResult.verificationStatus}, Error: ${transactionVerificationResult.errorMessage || 'N/A'}`); return res.status(400).json({ status: "error", message: "Invalid signedTransactionInfo in notification." }); } const verifiedTransactionPayload = transactionVerificationResult.payload; const transactionId = verifiedTransactionPayload.originalTransactionId || verifiedTransactionPayload.transactionId; console.log(`[APPLE NOTIFICATIONS2] Successfully decoded Transaction ID: ${transactionId} for notification type ${notificationType}`); // This is where my refund logic starts in case the notif is refund, but fow now I'm just trying to verify a TEST notif return res.status(200).json({ status: "success", message: "Refund (or TEST) notification processed successfully and validated." }); } catch (error) { console.error("[APPLE NOTIFICATIONS2] Critical error processing notification:", error); // Check if the error is from the verifier or elsewhere if (error.name === 'SignedDataVerificationError') { // Example, check actual error type from library return res.status(400).json({status: "error", message: `Notification verification failed: ${error.message}`}); } return res.status(500).json({ status: "error", message: "Failed to process notification due to an internal server error." }); } }); return router; }; I tried different root certs, only G3 works, other two give errors. Also tried adding G3 intermediate (WWDRCAG3), but it doesn't seem to help. What am I doing wrong?

Sever notifications v1 is already deprecated and we are supposed to use the new v2 server notifications and yet arguably the most important notification type is not available for production.

Hello, I am developing App Store Server to Server Notifications. (The app has already been deployed and is in operation.) Test notifications in both the Sandbox and Production environments have been working correctly. Additionally, I tested in-app purchases using a Sandbox account and confirmed that the server notifications are received. However, when an actual purchase is made in the live app, the server notifications are not received. Please provide the possible causes and solutions for this issue.

Hello, We've integrated App Store Server Notifications V2 in our system. We are heavily relying on the ONE_TIME_CHARGE notification type to handle Consumable purchases, but this notification type is available only for Sandbox. And this is for a while now - starting with June 10th 2024 ( https://developer.apple.com/documentation/appstoreservernotifications/app-store-server-notifications-changelog#June-10-2024 ). Can you please provide a timeline for when the ONE_TIME_CHARGE notification type will be available in Production ? Thank you!

I'm trying to programmatically create an Advanced AppClip Experience via the API. following the docs https://developer.apple.com/documentation/appstoreconnectapi/app-clips-and-app-clip-experiences I have created the header image. But when I try to create the experience I can not figure out a) how to create a localisationID to be included in the relationships object b) how to get the included object to be recognised Any one have experience or can offer help?

Hello, can any help to set a price change to any of our In-Apps programmaticly(C#). I'm have no problem to create the token and i get positive results for GET calls (like In-App purchase data or Apple PriceTemplates). My Get call is a simple HttpClient GetAsync(id) so I supposed I need a HttpClient PostAsync(url, content). The result is a "404 NotFound" which is no error shown for this call. I searched a lot to fix the error but I found nothing that is explaining this error. My content is created like this: var content = new StringContent(jsonmodel, Encoding.UTF8, "application/json"); My URL: https://api.appstoreconnect.apple.com/v1/inAppPriceSchedules My JsonModel: { "data": { "relationships": { "baseTerritory": { "data": { "id": "DEU", "type": "territories" } }, "inAppPurchase": { "data": { "id": "6448129561", "type": "inAppPurchases" } }, "manualPrices": { "data": [ { "id": "eyJzIjoiNjQ0ODEyOTU2MSIsInQiOiJERVUiLCJwIjoiMTAxMjcifQ", "type": "inAppPurchasePrices" } ] } }, "type": "inAppPurchases", "id": "eyJzIjoiNjQ0ODEyOTU2MSIsInQiOiJERVUiLCJwIjoiMTAxMjcifQ" }, "included": [ { "attributes": { "startDate": null, "endDate": null }, "id": "eyJzIjoiNjQ0ODEyOTU2MSIsInQiOiJERVUiLCJwIjoiMTAxMjcifQ", "relationships": { "inAppPurchasePricePoint": { "data": { "id": "eyJzIjoiNjQ0ODEyOTU2MSIsInQiOiJERVUiLCJwIjoiMTAxMjcifQ", "type": "inAppPurchasePricePoints" } }, "inAppPurchaseV2": { "data": { "id": "6448129561", "type": "inAppPurchases" } } }, "type": "inAppPurchasePrices" } ] } regards kas

We are experiencing an issue with our iOS TestFlight builds where in-app purchase (IAP) products are not being retrieved as expected. We are using Unity IAP to handle our purchases, and despite having all the products correctly configured and approved in App Store Connect, we consistently receive errors such as: UnityIAP: Received 0 products Unavailable product [product_id] We have thoroughly verified that: The product identifiers are correctly configured in App Store Connect. The bundle ID mappings are correctly set on both Unity and our backend. The same setup works on the live App Store build, where purchases are fetched and validated correctly for the same set of In App products. Sandbox test accounts are being used during TestFlight testing. This issue only started appearing recently and affects the TestFlight builds only. Note: My App ID and Product ID are correct, the IAP is live on the App Store, and the product is recognized in sandbox. Looking forward to your support on this matter.

I'm trying to test my IAP in sandbox to ensure that it's functioning, but a few hours ago, I started getting the message, "Unable to process your request. Please try again later" in sandbox. Is anyone else getting this error? Below is the error in the console: Purchase did not return a transaction: Error Domain=SKServerErrorDomain Code=0 "(null)" UserInfo={developerErrorMessage=An unknown error occurred., developerErrorCode=5000000} Note: My App ID and Product ID are correct, the IAP is live on the App Store, and the product is recognized in sandbox. I'm trying to push an update tonight, but won't be able to unless this is resolved.

Hello everyone, I’d like to ask for your input regarding best practices for implementing In-App Purchases (IAP) across both the frontend and backend. Here’s our current flow: -Frontend (Mobile) The user opens a specific page. We initiate a payment request using react-native-iap. After the user completes the payment, we send the purchase data (receipt) to our backend. Backend: Accept the purchase receipt from the app. Validate the receipt with Apple’s server. (GET https://api.storekit.itunes.apple.com/inApps/v1/transactions/{transactionId}) If the receipt is valid and the response indicates success, we mark the payment status as PAID. We store the transaction ID in our payment module. The Issue: We recently encountered a situation where Apple returned a valid receipt, so we marked the transaction as PAID. However, later we realized that the payment status was actually Pending. { transactionId: '70002676245699', originalTransactionId: '70002676245639', bundleId: '', productId: '', purchaseDate: 1745560404000, originalPurchaseDate: 1745560404000, quantity: 1, type: 'Consumable', inAppOwnershipType: 'PURCHASED', signedDate: 1745981078460, environment: 'Production', transactionReason: 'PURCHASE', storefront: 'SGP', storefrontId: '', price: 5000, currency: 'SGD', appTransactionId: '' } This raised a few questions: Does a Pending status always resolve to Paid, or is there a risk that Apple may later mark it as Failed or Unpaid? Is there a specific field in Apple's receipt response that reliably indicates whether the purchase is truly active? Should we hold off on granting access or product delivery until the status transitions from Pending to Paid? We’d really appreciate any insights or recommendations on how to handle this edge case to avoid granting access prematurely. Thanks in advance!

Hi, I'm using the https://developer.apple.com/documentation/appstoreconnectapi/get-v1-profiles api to fetch our provisions profiles and decoding them using bash but it looks like the outputs also encoded in a other way, can someone help me fix my code? Many thanks! Example of the beginning of the output profileContent output: 01 *H 101 1 0 + �0"� *H ! !<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>AppIDName</key> .... Code: output=$(curl -X GET \ -H "Authorization: Bearer $jwt" \ -H "Content-Type: application/json" \ --globoff "https://api.appstoreconnect.apple.com/v1/profiles?fields[profiles]=name,profileContent,profileState") while read row; do name=$(echo -n "$row" | jq -r .attributes.name) profileState=$(echo -n "$row" | jq -r .attributes.profileState) profileContent=$(echo -n "$row" | jq -r .attributes.profileContent | base64 -d) done < <(echo "$output" | jq -c '.data[]')

We want to use the App Store Server API for in-app purchase validation. Due to circumstances, we cannot use the team-based private key (team key) and must use an individual authentication key. However, the JWT authentication keeps failing when using the individual key. Could there be an issue with our code? $jwtHeaderArray = [ 'alg' => 'ES256', 'kid' => $this->KID_ID, 'typ' => 'JWT' ]; $jwtBodyArray = [ 'sub' => 'user', 'aud' => $this->ACCESS_TOKEN_AUD, 'iat' => time(), 'exp' => time() + 3600, "scope" => [ "GET /inApps/v1/transactions" ]

I'm trying to use the App Store Connect API to get the list of expired certificates. When I make the web service call: https://api.appstoreconnect.apple.com/v1/certificates I'm able to get the list of developer certificate. The distribution certificates are not included in the list. According to the docs, I should all of them in the result set. Is there any thing special that needs to be added the web service call to have the distribution certs included in the result set?

In the context of implementing App Store Server Notification V2 for In-App Purchases (IAP) for non-consumables, I encountered a discrepancy between the documentation and the available information. According to the WWDC24 video https://developer.apple.com/wwdc24/10062 server-to-server notifications should be available on production environments. However, the documentation https://developer.apple.com/documentation/AppStoreServerNotifications/notificationType indicates that these notifications are not currently supported. Could you please clarify which resource is incorrect?