Below is the all methods I have tried to create JWT but [https://jwt.io] (https://jwt.io) always giving me No valid signature error Please have a look at the code and let me know if you find anything suspicious here - 1. Python method import jwt import time import uuid def generate_jwt(private_key, key_id, team_id): headers = { "alg": "ES256", "kid": key_id, } payload = { "iss": team_id, "iat": int(time.time()), "exp": int(time.time()) + 3600, # Token valid for 1 hour } token = jwt.encode(payload, private_key, algorithm="ES256", headers=headers) return token # Load your private key with open('AuthKey_abc.p8', 'r') as key_file: private_key = key_file.read() key_id = "########" # Replace with your Key ID team_id = "#########" # Replace with your Team ID jwt_token = generate_jwt(private_key, key_id, team_id).decode('utf-8') transaction_id = str(uuid.uuid4()) timestamp = int(time.time() * 1000) print("JWT Token:", jwt_token) print("Transaction ID:", transaction_id) print("Timestamp:", timestamp) 2. Node JS const privateKey = fs.readFileSync('AuthKey_abc.p8, 'utf8'); const payload = { iss: teamId, iat: curTime, exp: curTime + 3600 // 1 hour expiration }; // Prepare the JWT headers const headers = { kid: keyId, alg: 'ES256' }; // Create and sign the JWT var jwToken = jwt.sign(payload, privateKey, { header: headers }); console.log(jwToken) 3. Swift import SwiftJWT func createJWTToken(privateKey: String, keyID: String, teamID: String) -> String? { // Set up the JWT header var jwtHeader = Header() jwtHeader.kid = keyID // Set up the JWT claims let jwtClaims = MyClaims(iss: teamID, iat: Date()) // Create the JWT var jwt = JWT(header: jwtHeader, claims: jwtClaims) // Convert the private key to Data guard let privateKeyData = Data(base64Encoded: privateKey) else { print("Invalid private key") return nil } // Sign the JWT let jwtSigner = JWTSigner.es256(privateKey: privateKeyData) do { let signedJWT = try jwt.sign(using: jwtSigner) return signedJWT } catch { print("Failed to sign JWT: \(error)") return nil } } func readFileFromBundle(fileName: String, fileType: String) -> String? { if let fileURL = Bundle.main.url(forResource: fileName, withExtension: fileType) { do { // Read the file contents let privateKey = try String(contentsOf: fileURL, encoding: .utf8) // Clean the private key by removing header, footer, and whitespace/newlines let cleanedKey = privateKey .replacingOccurrences(of: "-----BEGIN PRIVATE KEY-----", with: "") .replacingOccurrences(of: "-----END PRIVATE KEY-----", with: "") .replacingOccurrences(of: "\n", with: "") .replacingOccurrences(of: "\r", with: "") .trimmingCharacters(in: .whitespacesAndNewlines) return cleanedKey } catch { print("Error reading private key: \(error)") return nil } } else { print("Private key file not found") return nil } }

I have another question as somebody who develop SDKs on top of above questions and that is - What if my SDK doesn't listing there in the Apple's 3rd party SDK list? Do I also have to provide/ship my SDK with all these changes?