API: DeviceCheck, statusCode: 401, message: Unable to verify authorization token

I am submitting the JWT with required payload to https://api.development.devicecheck.apple.com/v1/validate_device_token. However Apple's development devicecheck server always returns http response 401 - Unable to verify authorization token. 

I generated the token following the instructions in
https://developer.apple.com/documentation/appstoreconnectapi/generating_tokens_for_api_requests and check token by
Code Block
curl -v -H 'Authorization: Bearer [signed token]'
"https://api.appstoreconnect.apple.com/v1/apps"
I can use that token to call this API successfully. However, when I tried to use exactly the same token to verify a device ID, I got a 401 response here is my payload for the request
Code Block
https://api.devicecheck.apple.com/v1/validate_device_token

It's my code:
Code Block
now = int(time.time())
expire_time = now + 20 * 60
HEADERS = {
"alg": "ES256",
"kid": kid,
"typ": "JWT"
}
PAYLOAD = {
'exp': expire_time,
'iss': iss,
'aud': "appstoreconnect-v1"
}
jwt_token = jwt.encode(PAYLOAD, private_key, algorithm='ES256', headers=HEADERS).decode('utf-8')
auth = 'Bearer {}'.format(jwt_token)
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': auth
}
response = requests.get(
'https://api.appstoreconnect.apple.com/v1/apps',
headers=headers
)
print(response.status_code)
print(response.text)
request_file = '.../ValidateDeviceTokenRequest.json'
data = None
with open(request_file) as json_file:
data = json.load(json_file)
data['timestamp'] = (now) * 1000
response = requests.post(
'https://api.devicecheck.apple.com/v1/validate_device_token',
data=json.dumps(data).encode(),
headers=headers
)
print(response.status_code)
print(response.text)


Hello, Did you get it to work??

I have received the same error code 401 and it turned out that you need to wait up to 12-24 hours (in my case it was approximately 7 hours) after the creation of the private key until the verification succeeded with 200. Beyond this, you need to create a key for DeviceCheck and not for APN as stated by some examples. APN keys didn't work for me!

API: DeviceCheck, statusCode: 401, message: Unable to verify authorization token
 
 
Q