Automation with the App Store Connect API
Making repetitive tasks a thing of the past
Back in 2018 during WWDC, Apple introduced a straightforward and easy to read REST API that allows developers to interact with the Apple Developer website and App Store Connect and automate many of those tasks that would typically require your organisation to create manually via browser interfaces.
Using web authentication standards like JWT and JSON payloads for all its transactions, you could finally automate workflows for managing your apps, testers, users and roles, code signing resources, download reports and performance metrics and pretty much everything you will need to test, submit and analyse your apps without manual tasks.
How can I use this?
To start using this API you will need to have access to App Store Connect and a certain level of access to generate API Keys, which you will find in Users and Access. After generating an API Key and depending on the roles you assign to it, you are ready to start using this API. Important to note that these API keys can only be downloaded once and it's your responsibility to keep them safe and revoke them whenever you think they have been compromised.
For flexibility and maintainability, Apple introduced a versioning mechanism assuring that any breaking changes introduced in the future do not break your code automatically. For this reason you will access this API by using the following URL:
https://api.appstoreconnect.apple.com/v1
If you are familiar with REST, you will also know that any operation with this API, requires you to also provide the resource you want to perform an operation on:
Depending on which resource you want to access, a full endpoint to App Store Connect will look like this:
https://api.appstoreconnect.apple.com/v1/users
Like any REST API, you will make use of these endpoints by making GET, POST, PATCH and DELETE operations.
Finally, this API uses JWT for authentication. This makes sure your requests provide context and are secure. If you're familiar with this web authentication standard, you know that there is basically a JWT implementation for almost any language out there. This is important since these modules will help you handle how you generate the authorisation tokens that you will need to perform API requests. By using the API Key you've generated and some other identifiers you find in App Store Connect you will be ready to start generating bearer tokens and authenticate all your requests to this API.
What exactly can you do?
This is where things get interesting. Apple has been expanding this API's functionality consecutively for the last 2 years. Adding more and more capabilities to the way you can automate your interactions with the Apple Developer Portal and App Store Connect.
The current state includes the following resources:
Users and Roles
Manage all your users and its roles and/or invite new users to join your team.
Provisioning
Manage the bundle IDs and its capabilities. Create, download or revoke signing certificates. Register devices and manage provisioning profiles that enable app installations for development and distribution.
Apps and App Metadata
Manage all your apps in App Store Connect, including its metadata.
Builds
Manage builds for testers and submit builds for review. Retrieve icons from your app's binary and manage declarations about types of encryption used in your app.
TestFlight
Manage your beta testing program, including beta testers and groups, apps, and builds.
Pricing and Availability
Manage your app's price tier information and the territories where they are available.
App Store Review Submissions
Manage the required information you provide for the App Review. This includes IDFA declarations, review attachments and even submit your apps for review.
App Store Publishing
Manage phased releases of updates to your app and its pre-order related settings.
Reporting
Download your sales and financial reports and get information about power and performance metrics, logs and signatures.
With iOS 14, Apple is adding over 200 new endpoints to this API which include things like managing App Clips, In-App Purchases, Game Center and much more.
Ready to Automate?
We do think this is a pretty powerful API that enables you to create your own workflow, right from your own infrastructure and using your own internal web interfaces. All this information is also available for you, in more detail, in Apple's documentation website located here.