Dear @ChuckMN, Thank you for your reply. Certainly there are concerns about flexible scopes. I am convinced by what you said. I was hoping to avoid having to spend time generating Tokens each time, but perhaps that is something we should accept. would it be possible for you to share your full JWT composure code so that we can see what it looks like? I was able to generate Token with this code func generateAppStoreConnectToken(scopes []string) string { p8bytes, _ := os.ReadFile(os.Getenv("API_KEY_FILE_PATH")) decoded, _ := pem.Decode(p8bytes) parsedKey, _ := x509.ParsePKCS8PrivateKey(decoded.Bytes) ecdsaPrivateKey, _ := parsedKey.(*ecdsa.PrivateKey) claims := jwt.MapClaims{ "iss": os.Getenv("API_KEY_ISSUER_ID"), "iat": time.Now().Unix(), "exp": time.Now().Add(20 * time.Minute).Unix(), "aud": "appstoreconnect-v1", "scope": scopes, } token := jwt.NewWithClaims(jwt.SigningMethodES256, claims) token.Header["kid"] = os.Getenv("API_KEY_KEY_ID") tokenString, _ := token.SignedString(ecdsaPrivateKey) return tokenString } token := generateAppStoreConnectToken( []string{ "GET /v1/apps", }, ) Since this is an experimental code, error handling is omitted. As a test, I excluded /v1 from the request Scope and the API call failed. The error message is as follows "The request RequestData(method=GET, path=/v1/apps, query=null) does not match any authorized scope: [RequestData(method=GET, path=/apps, query=null)]" Wildcards continued to be unavailable, but your advice helpful for me. I will be aware of the safe Token scope. Thank you!

Dear @ChuckMN, Thanks for your reply. It is worked if not contain the path parameter in my environment. For example, this is worked. "scope": [ "GET /v1/apps", ] But this is not work. "scope": [ "GET /v1/builds/{id}/app" ] I've tried some patterns, but it’s not work at all. I have not fully tested if the API accepts wildcards I was able to allow it by getting specific IDs and making them explicit for each scope, as you recomend. However, I would like to allow paths that include a path parameter, e.g., using wildcards. I haven't found a solution yet. If you know how to use wildcards that would be great!