Post

Replies

Boosts

Views

Activity

Reply to Notarize with Enterprise API Key
Hello again, just to confirm I understood it correctly. I got this answer on the Feedback Assistant: It looks like the Enterprise Program API Key is only valid for the Enterprise Program API, and will not work with other services such as the App Store Connect API. In that sense, the HTTP 401 Unauthorized response is expected. “Enterprise Program API keys are unique to the Enterprise Program API and you can’t use them for other Apple services.” https://developer.apple.com/documentation/enterpriseprogramapi/creating-api-keys-for-enterprise-program-api The 'unexpected token at ' failure the user has reported appears to be unrelated, but we suspect that it’s related to the way notarytool is parsing the Enterprise Program API Private Key. We are looking into this, and will release a fix in the future that returns a more useful error message if it happens to be the case. The current recommendation is to try generating an app-specific password following these instructions: https://support.apple.com/en-us/102654. Please let us know if this works for you! Here is the relevant snippet from the notarytool manpage: (redacted instructions on how to create it) If the issue is resolved, you can close this feedback by selecting “Close Feedback” via the Actions button found above. Thank you. As of now, the way to go with Enterprise accounts is the App-specific Passwords. It is not the only best option, but also the only option? Trying to understand it perfectly so I can update the team and the guidelines on how we should be working. tl;dr; -> It seems there will be improvements on the error messages, but not the ability to Notarize with Enterprise API Keys, correct? Thanks again and again.
Topic: Code Signing SubTopic: Notarization Tags:
Feb ’25
Reply to Notarize with Enterprise API Key
Hello!! I am copying the answer and posting here in case comments don't get the same visibility. I believe this is the bug number: FB15939005. One thing I forgot to add in the post but I added to the bug is, the Enterprise Key is much smaller than the Developer key, something like half the characters between ---begin key--- and ---end key---. Please let me know if I can be of more support or if I missed something. Thanks again for the help.
Topic: Code Signing SubTopic: Notarization Tags:
Nov ’24
Reply to Notarize with Enterprise API Key
I followed this other documentation: https://developer.apple.com/documentation/enterpriseprogramapi/generating-tokens-for-api-requests and generated a JWT token manually. With it, I could curl -v -H 'Authorization: Bearer ' "https://api.enterprise.developer.apple.com/v1/certificates" with success, but for https://appstoreconnect.apple.com/notary/v2/submissions? it fails with 401. Failed for both keys, Developer and Admin access. I also tried changing "aud": from apple-developer-enterprise-v1 to appstoreconnect-v1, just for the sake of trying.
Topic: Code Signing SubTopic: Notarization Tags:
Nov ’24