Last active
March 25, 2024 10:15
-
-
Save FelDev/50d969fe7249da949ed966538929310b to your computer and use it in GitHub Desktop.
Boilerplate to authenticate to the App Store Connect API from Node.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| console.log("π appStoreConnectAPIFromNode.js running πβ") | |
| const fs = require('fs'); | |
| const jwt = require('jsonwebtoken'); // npm i jsonwebtoken | |
| // You get privateKey, apiKeyId and issuerId from your Apple App Store Connect account | |
| const privateKey = fs.readFileSync("./AuthKey_123456789Z.p8") // this is the file you can only download once and should treat like a real, very precious key. | |
| const apiKeyId = "123456789Z" | |
| const issuerId = "12345678-CLAP-FORR-THIS-GIBBERISHLOLz" | |
| let now = Math.round((new Date()).getTime() / 1000); // Notice the /1000 | |
| let nowPlus20 = now + 1199 // 1200 === 20 minutes | |
| let payload = { | |
| "iss": issuerId, | |
| "exp": nowPlus20, | |
| "aud": "appstoreconnect-v1" | |
| } | |
| let signOptions = { | |
| "algorithm": "ES256", // you must use this algorythm, not jsonwebtoken's default | |
| header : { | |
| "alg": "ES256", | |
| "kid": apiKeyId, | |
| "typ": "JWT" | |
| } | |
| }; | |
| let token = jwt.sign(payload, privateKey, signOptions); | |
| console.log('@token: ', token); | |
| // Congrats! the token printed can now be tested with the curl command below | |
| // curl -v https://api.appstoreconnect.apple.com/v1/apps --Header "Authorization: Bearer <YOUR TOKEN>" | |
| // (no '<>' in the curl command) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Does not work! Not sure what the issue is, I have tried with both team and individual keys.