Logo for tanaschita.com

Developer guide on the App Store Connect API

Learn how to automate App Store Connect.

28 Nov 2022 · 7 min read

The App Store Connect API allows us to automate tasks that usually can be performed through the Apple Developer website and App Store Connect.

It's a REST API that enables us to automate tasks like managing provisioning, beta builds, in-app purchases, app metadata and more. Let's look at how to do that.

Sponsorship logo
Preparing for a technical iOS job interview
Check out my new book on preparing for a technical iOS job interview with over 200 questions & answers. Test your knowledge on iOS topics such as Swift & Objective-C, SwiftUI & UIKit, Combine, HTTP Networking, Authentication, Core Data, Concurrency with async/await, Security, Automated Testing and more.
LEARN MORE

App Store Connect API overview

The App Store Connect API provides a single unified REST resource model, which means that the same patterns are applied throughout the whole API.

To construct an App Store Connect API URL, we can always apply the following pattern:

{base url}/{version number}/{resource type name}

whereas:

The API provides standard REST methods:

  • GET to get a resource or a list of resources
  • POST to create a resource
  • PATCH to change a resource
  • DELETE to delete a resource

Let's look at some examples.

GET requests

Let's start with a GET request. Understanding the example below will allow us to apply the knowledge to all other requests of the API.

For example, to list all apps available in App Store Connect, we could send the following request:

GET https://api.appstoreconnect.apple.com/v1/apps

The returned JSON follows a pattern. A successful response always contains a data property. In our case, it contains an array of app objects:

{
"data": [
{
"attributes":
{
"bundleId": "tanaschita.com.exampleApp",
"name": "ExampleApp",
"primaryLocale": "en",
...
},
"id": "16fksv98-3j6d-39ok-12dh",
"relationships": []
...
}
]
...
}

Each resource has an attributes, an id and a relationships property.

In case of an app object, the attributes property contains values like the app's bundle ID, name, primary locale etc.

The relationships property contains references to different parts of the API which we'll discuss closely later on.

The id value is a unique id, which identifies the resource and which we can use to form other requests, for example to fetch a specific resource.

GET https://api.appstoreconnect.apple.com/v1/{resourceName}/{resourceId}

In case of our example:

GET https://api.appstoreconnect.apple.com/v1/apps/16fksv98-3j6d-39ok-12dh

POST, PATCH and DELETE requests

Just like GET requests, POST, PATCH and DELETE requests also follow a pattern. As an example, we'll use the users resource which allows us to change or delete users.

Just like in App Store Connect itself, we have to invite the user to our team and they can accept that invitation. To do that, the API provides the userInvitations resource.

A request might look like this:

POST /v1/userInvitations
{
"data": {
"type": "userInvitations",
"attributes": {
"firstName": "Natascha",
"lastName": "Fadeeva",
"email": "tanaschita@gmail.com",
"roles": ["DEVELOPER"],
"allAppsVisible": true
}
}
}

As we can see above, the user object follows the same principles we already saw in the app object.

As a JSON response to our POST request, we get the same object enriched with some values like the user's id, which we can then use to modify or delete a user.

To modify a user, we can send a PATCH request including the attributes we'd like to change. For example, to change the roles of a user, we could send the following request:

PATCH /v1/users/userId
{
"data": {
"type": "users",
"attributes": {
"roles": ["ADMIN"],
}
}
}

To delete a user, we can just do the following:

DELETE /v1/users/userId

Relationships

To understand the relationships property we already saw earlier, let's look at the betaTesters and the betaGroups resource and how they relate to each other.

The betaTesters resource represents users who can install and test prerelease builds. The betaGroups resource represents a group of testers who can access builds for testing.

The relationships object of a group looks as follows:

{
"apps": ...,
"betaTesters": {
"links": {
"related": "/v1/betaGroups/16fksv98-3j6d-39ok-12dj/betaTesters",
"self": "/v1/betaGroups/16fksv98-3j6d-39ok-12dj/relationships/betaTesters"
},
...
},
builds: ...
}

As we can see above, a beta tester has 3 relationships: apps, betaGroups and builds.

Each relationship again follows the same pattern, for example providing a links property. Each links object consists of the following two links:

  • related: a url which we can use to get all testers from this group
  • self: a url which represents the relationship between a beta tester and and a beta group

To connect testers and groups, we modify the relationship. For example, to add a user to a group, we would use the self link with the following request:

POST /v1/betaGroups/16fksv98-3j6d-39ok-12dj/relationships/betaTesters
{
"data": [
{
"type": "betaTesters",
"id": "19fksv98-3j6d-39ok-12dj"
},
...
]
}

To delete the tester, we just use the same request as above with a DELETE method instead of a POST method.

Query parameters

Each API endpoint provides query parameters we can use for example to filter, limit, sort or specify the results we need. Let's look at the following request:

GET /v1/betaGroups?include=betaTesters&fields[betaTesters]=email

The request sends two query parameters:

Authorizing API requests

All App Store Connect API requests require authorization. The API expects a JSON Web Token (JWT) to authorize each request we make. The JWT is an open standard that defines a way to securely transmit information. Checkout this guide on how to authorize App Store Connect API requests to learn more.

All available API endpoints are documented at Apple's official App Store Connect API documentation.

Sponsorship logo
Preparing for a technical iOS job interview
Check out my new book on preparing for a technical iOS job interview with over 200 questions & answers. Test your knowledge on iOS topics such as Swift & Objective-C, SwiftUI & UIKit, Combine, HTTP Networking, Authentication, Core Data, Concurrency with async/await, Security, Automated Testing and more.
LEARN MORE

Newsletter

Image of a reading marmot
Subscribe

Like to support my work?

Say hi

Related tags

Articles with related topics

continuous integration

networking

ios

Authorizing App Store Connect API requests

Learn how to create and use a JSON Web Token when communicating with the App Store Connect API.

26 Dec 2022 · 4 min read

Latest articles and tips

© 2023 tanaschita.com

Privacy policy

Impressum