Home jwt
Post
Cancel

jwt

This is a example for generating JWT token for App Store Connect API Request

JWT Header

Field Description
alg Encryption Algorithm (ES256 All JWTs for App Store Connect API must be signed with ES256 encryption)
kid Key Identifier (Your private kexy ID from App Store Connect (Ex: 2X9R4HXF34))
typ Token Type (JWT)
1
2
3
4
5
{
    "alg": "ES256",
    "kid": "623TVBWL3X",
    "typ": "JWT"
}

JWT Payload

Field Description
iss - Issuer ID Your issuer ID from the API Keys page in App Store Connect (Ex: 57246542-96fe-1a63-e053-0824d011072a)
exp - Expiration Time The token’s expiration time, in Unix epoch time; tokens that expire more than 20 minutes in the future are not valid (Ex: 1528408800))
aud - Audience appstoreconnect-v1
1
2
3
4
5
{
    "iss": "24aaecba-91b1-491e-9bca-d09cbb66a40f",
    "exp": 1584069664,
    "aud": "appstoreconnect-v1"
}

Get current timestamp

1
date +%s
  • Sign The JWT JWT.io

  • Fetch my apps in connect:
    1
    
    curl -v -H 'Authorization:Bearer [signed token]' "https://api.appstoreconnect.apple.com/v1/apps"
    
  • Fetch users in connect
    1
    
    curl -v -H 'Authorization:Bearer eyJhbGciOiJFUzI1NiIsImtpZCI6IjYyM1RWQldMM1giLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiIyNGFhZWNiYS05MWIxLTQ5MWUtOWJjYS1kMDljYmI2NmE0MGYiLCJleHAiOjE1ODQwNzIzOTAsImF1ZCI6ImFwcHN0b3JlY29ubmVjdC12MSJ9.eO-BwIZL3AhHMgURTzA8QQDuvUpMH79L4R7bpi9xoFolWIvXZv-rF6MHkx9-Fy9wyVFIJy2e4_ByTvMinFssiA' "https://api.appstoreconnect.apple.com/v1/users"
    
  • more
This post is licensed under CC BY 4.0 by the author.