App Store Connect API Setup 🔑

Step-by-step guide to set up App Store Connect API keys for automation. Generate Fastlane configuration and environment variables instantly.

API automation

Fastlane ready

Step-by-step guide

Create an API Key in App Store Connect

Follow these steps to generate your API key:

1. Go to App Store Connect → Users and Access → Keys
2. Click the "+" button to create a new key
3. Give it a name (e.g., "CI/CD Key") and select access level (usually Developer or Admin)
4. Click Generate
5. Download the .p8 file immediately (you can only download it once!)
6. Note your Key ID and Issuer ID from the page

Enter Your API Key Details

Fill in your Key ID and Issuer ID to generate configuration files:

Key IDFound in App Store Connect → Users and Access → KeysIssuer IDFound at the top of the Keys page in App Store ConnectPrivate Key (.p8 file content) - OptionalOptional: For environment variable configuration

Use with Fastlane

Add your API key to Fastlane configuration:

Option A: File-based (Recommended)

# Fastlane Appfile
app_identifier("com.yourcompany.yourapp")
apple_id("[email protected]")

# App Store Connect API
api_key_path("./AuthKey_XXXXXXXXXX.p8")

Place your AuthKey_*.p8 file in the same directory as your Appfile.

Option B: Environment Variables

# .env file for Fastlane
APP_STORE_CONNECT_API_KEY_KEY_ID="XXXXXXXXXX"
APP_STORE_CONNECT_API_KEY_ISSUER_ID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
APP_STORE_CONNECT_API_KEY_KEY="[Paste your .p8 file content here]"

Test Your API Connection

Use this example cURL command to test your API connection:

Example API Request

curl -H 'Authorization: Bearer [YOUR_JWT_TOKEN]' \
     -H 'Content-Type: application/json' \
     https://api.appstoreconnect.apple.com/v1/apps

You'll need to generate a JWT token from your private key first. See Apple's documentation for details.

🔒 Security Best Practices

• Never commit your .p8 private key file to Git
• Add *.p8 to your .gitignore
• Use environment variables or secret management (GitHub Secrets, AWS Secrets Manager, etc.)
• Rotate keys regularly and revoke unused keys
• Use the minimum required access level (avoid Admin if possible)

📱 Common Use Cases

• Fastlane: Automate app uploads with fastlane deliver
• TestFlight: Upload builds with fastlane pilot upload
• CI/CD: Integrate with GitHub Actions, CircleCI, Bitrise, etc.
• Metadata Management: Update screenshots, descriptions, and keywords programmatically
• Analytics: Fetch sales and analytics data via API

Built with ❤️ by NextNative.dev team.

Launch mobile apps 10x faster with Next.js

Skip native dev. Use Next.js + Capacitor to go live fast.

Learn more

Loved by 45+ teams/devs