I'm trying automated signing suggested in WWDC21 session with xcodebuild and authenticationKey. I have unsigned xcarchive, .p8 key generated on portal as suggested in WWDC session, and trying to sign it with:
xcodebuild -exportArchive -archivePath ./myapp.xcarchive -exportPath ./1 -exportOptionsPlist exportoptions.plist -authenticationKeyIssuerID <removed> -authenticationKeyID <removed> -authenticationKeyPath <full path to p8> -allowProvisioningUpdates
However it fails, and I can see in IDEDistributionProvisioning.log the following response from Apple:
Payload:
{"urlEncodedQueryParams":"teamId=<removed>&filter%5BcertificateType%5D=DISTRIBUTION_MANAGED&limit=200"}
2021-09-23 10:19:23 +0000 2021-09-23 10:19:23 +0000 IDEProvisioningRepair(<removed>): 2021-09-23 10:19:23 +0000 IDEProvisioningRepair(<removed>): Received response for B50672C5-10E6-40CF-996A-097BADBD0EEF @ <https://appstoreconnect.apple.com/xcbuild/v1/certificates>. Code = 0
2021-09-23 10:19:23 +0000 2021-09-23 10:19:23 +0000 IDEProvisioningRepair(<removed>): 2021-09-23 10:19:23 +0000 IDEProvisioningRepair(<removed>): Response payload: {
"errors" : [ {
"id" : "8f50dfff-8ca6-442b-aa64-92f0a91730ec",
"status" : "403",
"code" : "FORBIDDEN_ERROR",
"title" : "This request is forbidden for security reasons",
"detail" : "You are not allowed to perform this operation. Please check with one of your Team Admins, or, if you need further assistance, please contact Apple Developer Program Support. https://developer.apple.com/support"
} ]
}
If I'm trying to sign with my Dev account logged in into XCode, xcodebuil uses it instead and signing completes with no issues.
Did I miss something?