App Store Connect API

Required role: Account Holder. View role permissions.

1. In Users and Access, click Integrations. The page opens with the App Store Connect API selected.

2. Click Request Access.

3. Select the checkbox to agree to the terms, then click Submit.

Once submitted, your request is reviewed and approved on a case-by-case basis.

Required role: Account Holder or Admin. View role permissions.

You can use team keys across all apps in your account or assign them to specific roles.

1. In Users and Access, click Integrations. The page opens with the App Store Connect API selected.

2. Click Team Keys.

3. Click Generate API Key. If you already have an Active API key, click the add button (+) to add more.

4. Enter a name for the key—this name is for your reference only and isn’t part of the key.

5. Under Access, select the role permissions to determine what the API can be used for. Team API keys are applied across all apps, so app access can’t be limited for an API key.

6. Click Generate.

Once you generate an API key, you can’t edit its name or access level. If you need to make changes, revoke the key and generate a new one. Learn more about managing and securing your keys.

Required role: Account Holder, Admin, App Manager, Customer Support, Developer, or Marketing. View role permissions.

All App Store Connect users can generate and revoke API keys for individual use by default, unless an Admin or Account Holder has revoked this ability. Each user can only have one active API key at a time.

1. In the top right of any App Store Connect page, click your username, then click Edit Profile.

2. Under Individual API Key, click Generate Key.

3. To download your individual API key, click Download, then click Download in the dialog.

   Note: API keys are private and can only be downloaded once. After downloading, store it securely. Revoke a key immediately if it becomes lost or compromised.

4. To revoke an individual API key, click Revoke, then click Revoke in the dialog. An API key can’t be reinstated once revoked.

Required role: Account Holder or Admin. View role permissions.

Users with the Account Holder or Admin role can view and manage team keys and individual keys created by members of their App Store Connect Team. To revoke that API key and prevent the user from creating a new one, you can remove 'Generate Individual API Keys' from the user's permissions.

If you no longer want someone to be able to use an API key to authenticate into App Store Connect services, you can revoke that key.

1. In Users and Access, click Integrations. The page opens with the App Store Connect API selected.

2. On the top left, click Individual Keys, or Team Keys.

3. On the top right, click Edit.

4. Select the API Keys you want to revoke.

5. On the top right, click Revoke Key, then click Revoke in the dialog. An API key can't be reinstated once it's been revoked. Any revoked keys from the past 30 days appear under the Revoked section of the App Store Connect API page.