-
Notifications
You must be signed in to change notification settings - Fork 0
App Store Connect API Key
Remember, documentation is king. For the full official reference, see Creating API Keys for App Store Connect API — Apple Developer.
This guide walks you through creating an App Store Connect API key for automated iOS and macOS app uploads, and storing the credentials as GitHub repository secrets.
- An active Apple Developer Program membership
- Admin or Account Holder role in App Store Connect
- Your app record must already be created in App Store Connect (go to My Apps > + to create it)
Note: Unlike Google Play and Microsoft Store, App Store Connect does not require a manual first upload — you can use the API key to upload builds from the start. However, the app record (bundle ID, app name, SKU) must exist in App Store Connect before uploading.
- Go to App Store Connect
- Navigate to Users and Access
- Select the Integrations tab
- Click on App Store Connect API
- Click the + button to create a new key
- Enter a name for the key (e.g.,
CI/CD Upload Key) - Select the access level:
- App Manager — recommended for CI/CD uploads
- Developer — minimum role for uploading builds
- Click Generate
- After generation, click Download API Key to get the
.p8file - Save this file securely — it can only be downloaded once
If you lose the
.p8file, you will need to revoke the key and create a new one.
On the same API Keys page:
-
Key ID — displayed next to your key name (e.g.,
ABC123DEF4) -
Issuer ID — displayed at the top of the page (a UUID like
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)
Save both values.
# macOS
base64 -i AuthKey_ABC123DEF4.p8 | pbcopyReplace ABC123DEF4 with your actual Key ID.
Go to Your repository > Settings > Secrets and variables > Actions and create the following secrets:
| Secret name | Value |
|---|---|
APPLE_API_KEY_ID |
The Key ID from Step 4 |
APPLE_API_KEY_ISSUER_ID |
The Issuer ID (UUID) from Step 4 |
APPLE_API_KEY_CONTENT |
The Base64-encoded .p8 file from Step 5 |
For iOS publishing:
- name: Publish to App Store (iOS)
uses: Spaccesi/flutter-actions-suite/publish/ios-app-store@main
with:
apple-api-key-id: ${{ secrets.APPLE_API_KEY_ID }}
apple-api-key-issuer-id: ${{ secrets.APPLE_API_KEY_ISSUER_ID }}
apple-api-key-content: ${{ secrets.APPLE_API_KEY_CONTENT }}For macOS publishing:
- name: Publish to App Store (macOS)
uses: Spaccesi/flutter-actions-suite/publish/macos-app-store@main
with:
apple-api-key-id: ${{ secrets.APPLE_API_KEY_ID }}
apple-api-key-issuer-id: ${{ secrets.APPLE_API_KEY_ISSUER_ID }}
apple-api-key-content: ${{ secrets.APPLE_API_KEY_CONTENT }}The same API key works for both iOS and macOS uploads.
| Step | Action |
|---|---|
| 1 | Navigate to App Store Connect API Keys |
| 2 | Generate a new API key with App Manager role |
| 3 | Download the .p8 private key (one-time download) |
| 4 | Note the Key ID and Issuer ID |
| 5 | Encode the .p8 file with Base64 |
| 6 | Store all three values as GitHub secrets |
| 7 | Reference the secrets in your workflow |
@