DEV Community

Cover image for Generate JWT Token for Apple Store Connect API using Python
HasOne
HasOne

Posted on

Generate JWT Token for Apple Store Connect API using Python

The Apple store Connect APIs is REST API that enables user to perform any task that you do in Apple developer website. Calling API requires JWT Token for authorization and you need to generate a JWT Token yourself based on few parameters.

API Key

To generate an API key for App Store Connect API,
1) log in to App Store Connect and select "Users and Access".

Generate JWT Token for Apple Store Connect API using Python

2) Click on the API Keys tab and Add (+) button to generate

Generate JWT Token for Apple Store Connect API using Python

Enter a name for the key, and select a role for the key under Access and click generate.

Generate JWT Token for Apple Store Connect API using Python

you will a new key's information, including its name, key ID and download link

Generate JWT Token for Apple Store Connect API using Python

Download the Private key and store it in safe place as it's available for download a single time.

Generating JWT

In order to generate JWT token, we need 3 things as shown in the above last image.
1) Private key
2) Key ID
3) Issuer ID

1) JWT Header

Now we need to create a Header for JWT:

  • Algorithms: ES256 encryption (used to sign jwt)
  • KEY ID: 2X9R4HXF34 (replace with your)
  • TYPE: JWT ```json

{
"alg": "ES256",
"kid": "2X9R4HXF34",
"typ": "JWT"
}


#### 2) Payload
The final and most important step is to configure the payload correctly:
- issuer id:(Your issuer_id)
- iat: creating time of token in UNIX format
- exp: expiration time UNIX format
- aud: "appstoreconnect-v1"
- scrop: (optional) A list of operation you want apple store connect to allow for this JWT Token

```json


{
    "iss": "69a6de95-023f-47e3-e053-12ljleio3kajvzbv",
    "iat": 1528407600,
    "exp": 1528408800,
    "aud": "appstoreconnect-v1",
    "scope": [
        "GET /v1/apps"
    ]
}


Enter fullscreen mode Exit fullscreen mode

Let's generate one

Here you would need to replace the priave_key with your own file (which you downloaded) and it will give you the JWT token for 19Min validity.

Note: however, if the token expiration time is above >= 20Min, you will get 401 Status Code



from datetime import datetime, timedelta
from time import time, mktime
import jwt

dt = datetime.now() + timedelta(minutes=19)

headers = {
    "alg": "ES256",
    "kid": "2X9R4HXF34", 
    "typ": "JWT",
}


payload = {
    "iss": "69a6de95-023f-47e3-e053-12ljleio3kajvzbv",
    "iat": int(time()),
    "exp": int(mktime(dt.timetuple())),
    "aud": "appstoreconnect-v1",
}


with open("AuthKey_2X9R4HXF34.p8", "rb") as fh: # Add your file
    signing_key = fh.read()

gen_jwt = jwt.encode(payload, signing_key, algorithm="ES256", headers=headers)

print(f"[JWT] {gen_jwt}")
# Output:
# eyJhbGciOiJFUzI1NiIsImvtpZCI6IlZaVjcxyOFdRMkEiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiI2vWE2ZGU5NS0wMjNmLTQ3ZTMtZTA1My01YjhjxN2MxMWE0ZDEiLCJpYXQiOjENzU2Njc4NTgsImV4cCI6MTY3NTY2OTA1OCwiYXVkIjoiYXBwc3RvcmVjb25uZWO0LXYxIn0.w_lBLz3UxZUbnXaydkRierf5tY92meyTKmVU1wBt5zJzJGp2UigLMwc9ZIMQEJ4Ns0IqpWIU2FJH4R0AZGxTzbQ



Enter fullscreen mode Exit fullscreen mode

let's test it by queries all the apps in your apple store:



try:
r = requests.get("https://api.appstoreconnect.apple.com/v1/apps", headers=gen_jwt)
print(f"[R] {r.json()}")
except Exception as e:
logging.info(f"❌ Error occurred: {e}")

Enter fullscreen mode Exit fullscreen mode




Conclusion

With the Apple Store Connect API, You can do all:

  • In-App Purchases and Subscriptions. Manage in-app purchases and auto-renewable subscriptions for your app.

  • TestFlight. Manage beta builds of your app, testers, and groups.

  • Xcode Cloud. Read Xcode Cloud data, manage workflows, and start builds.

  • Users and Roles. Send invitations for users to join your team. Adjust their level of access or remove users.

  • Provisioning. Manage bundle IDs, capabilities, signing certificates, devices, and provisioning profiles.

  • App Metadata. Create new versions, manage App Store information, and submit your app to the App Store.

  • App Clip Experiences. Create an App Clip and manage App Clip experiences.

  • Reporting. Download sales and financial reports.

  • Power and Performance Metrics. Download aggregate metrics and diagnostics for App Store versions of your app.

  • Customer Reviews and Review Responses. Get the customer reviews for your app and manage your responses to the customer reviews.

get started and take control of your app.

I hope it made your day a little brighter. Thank you so much && Happy Coding!!

Top comments (2)

Collapse
 
dev_community_4cc870249 profile image
devcommunity

Great!
how to get the total install count and app rating?

Collapse
 
velek profile image
Velek

I have a WeatherKit key and I'm trying to get Weather requests to work.
I'm doing the request like this:
response = requests.get(
"weatherkit.apple.com/api/v1/availa...",
headers={"Authorization": "Bearer " + gen_jwt},
)
This is the response:

{"reason": "MISSING_AUTH"}