Hello again,
just to confirm I understood it correctly. I got this answer on the Feedback Assistant:
It looks like the Enterprise Program API Key is only valid for the Enterprise Program API, and will not work with other services such as the App Store Connect API. In that sense, the HTTP 401 Unauthorized response is expected. “Enterprise Program API keys are unique to the Enterprise Program API and you can’t use them for other Apple services.” https://developer.apple.com/documentation/enterpriseprogramapi/creating-api-keys-for-enterprise-program-api
The 'unexpected token at ' failure the user has reported appears to be unrelated, but we suspect that it’s related to the way notarytool is parsing the Enterprise Program API Private Key. We are looking into this, and will release a fix in the future that returns a more useful error message if it happens to be the case.
The current recommendation is to try generating an app-specific password following these instructions: https://support.apple.com/en-us/102654. Please let us know if this works for you! Here is the relevant snippet from the notarytool manpage:
(redacted instructions on how to create it)
If the issue is resolved, you can close this feedback by selecting “Close Feedback” via the Actions button found above. Thank you.
As of now, the way to go with Enterprise accounts is the App-specific Passwords. It is not the only best option, but also the only option?
Trying to understand it perfectly so I can update the team and the guidelines on how we should be working.
tl;dr; -> It seems there will be improvements on the error messages, but not the ability to Notarize with Enterprise API Keys, correct?
Thanks again and again.
Topic:
Code Signing
SubTopic:
Notarization
Tags: