I'm trying to generate a JWT token for Apple Connect but It's look like something is missing in the "Verify signature" field. From the API Apple Store Connect dashboard, I'm only able to download the "private key" name AuthKey_{kid}.p8. From https://jwt.io/ , I select the "ALGORITHM" as "ES256" then two field appears in the "SIGNATURE" section: a) Public key or certificate b) Private key or certificate (AuthKey_{kid}.p8) Issue : I do have the "Invalid Signature" message displaying ... I don't have any idea where to find the "Public key or cerficate" I'm following these docs : https://developer.apple.com/documentation/appstoreconnectapi/generating_tokens_for_api_requests https://medium.com/xcblog/generating-jwt-tokens-for-app-store-connect-api-2b2693812a35 Do you have any idea how to fix find the "Public key"?

Reputation: 51

How to Generate JWT token Apple connect iOS

I'm trying to generate a JWT token for Apple Connect but It's look like something is missing in the "Verify signature" field.

From the API Apple Store Connect dashboard, I'm only able to download the "private key" name AuthKey_{kid}.p8.
From https://jwt.io/, I select the "ALGORITHM" as "ES256" then two field appears in the "SIGNATURE" section:
a) Public key or certificate
b) Private key or certificate (AuthKey_{kid}.p8)

Issue :

I do have the "Invalid Signature" message displaying ...
I don't have any idea where to find the "Public key or cerficate"

I'm following these docs :

Do you have any idea how to fix find the "Public key"?

Upvotes: 5

Answers (2)

Mukesh Jeengar

Reputation: 812

Try Below Code:

/* eslint-disable no-console */
const jwt = require('jsonwebtoken')
const fs = require('fs')


// issueId and kId get from https://appstoreconnect.apple.com/access/api
const issueId = 'xxxx'
const kId = 'xxxx' 

// generate private key from https://appstoreconnect.apple.com/access/api
const privateKey = fs.readFileSync('AuthKey_xxxx.p8')

// appId get it from https://appstoreconnect.apple.com/apps
const url = 'v1/apps/{{appId}}/customerReviews'     
const payload = {
    iss: issueId,
    iat: Math.floor(Date.now() / 1000),
    exp: Math.floor(Date.now() / 1000) + (60 * 20), // Token expiration time (20 minutes)    
    aud: 'appstoreconnect-v1',
    scope: [
        'GET /' + url
    ]
}

const header = {
    keyid: kId,
    algorithm: 'ES256'
}

const token = jwt.sign(payload, privateKey, header)

console.log({ token })

const fetch = require('node-fetch')

const headers = {
    'Authorization': `Bearer ${token}`,
    'Content-Type': 'application/json',
}

fetch('https://api.appstoreconnect.apple.com/' + url, {
    headers
}).then(resp => (
    resp.json()
)).then(data => {
    console.log(data)
}).catch(err => {
    console.log(err)
})
// Now use 'token' as the Bearer token in your API requests

Upvotes: 1

Abdullah Malik

Reputation: 161

The .p8 file includes the private and public keys. You need to extract those using OpenSSL.

To get the private key:

$ openssl ec -in AuthKey.p8 -out AuthKey_private.p8

To get the public key:

$ openssl ec -in AuthKey.p8 -pubout -out AuthKey_public.p8

Using keys generated via these commands got the signature verified on jwt.io.

Upvotes: 14

How to Generate JWT token Apple connect iOS

Answers (2)

Related Questions