401 Error after 20 Minutes

App Store Distribution & Marketing App Store Connect
ebrowkin OP
Created Oct ’21
Replies 3
Boosts 0
Views 1.4k
Participants 3

I´ve build an app that gets metrics (amount of downloads) from Appstore Connect, every time a website is opened (this will happen every hour when own build endpoint /metrics is opened). Everything is working, except one thing. The Token has an max duration of 20 Minutes. Which is no problem because my app is creating a new one every time the site is called. But I get an 401 Error not authorized, even though a new token is generated after 20 minutes when the app is running and is calling for data again. I am assuming the app is using the old token to verify and ends up in a loop. how to force the app to use the new token when the function is called again (/metrics is opened) instead of the old token?

Replies  3
Boosts  0
Views  1.4k
Participants  3
ChuckMN OP
Oct ’21

Hey @ebrowkin,

Would it be possible to share a code sample so that we can see how you are generating and replacing the token? Just enough to let the community help you find the problem?

One way to test this locally in a debug environment is to disable the API calls to Apple and log your token every time you run the application so that you can see when it changes (if it does). Depending on your implementation you might want to unset / delete / undefined the variable before trying to store a new value in it depending on its scope. This will also help make it abundantly clear if you are able to remove the value and not generate a new token for some reason.

Hopefully this helps!

0
ebrowkin OP
Oct ’21 
const appstoreDownloadsCall = () => {
.....
let payload = {
  "iss": issuerId,
  "exp": nowPlus20,
  "aud": "appstoreconnect-v1"
}

let signOptions = {
  "algorithm": "ES256",
  header : {
    "alg": "ES256",
    "kid": apiKeyId,
    "typ": "JWT"
  }
};

token = jwt.sign(payload, privateKey, signOptions);
console.log('@token: ', token);

var options = {
  host: 'api.appstoreconnect.apple.com',
  path: 'xxxx',
  method: 'GET',
  headers: {
    'Accept': 'application/a-gzip, application/json',
    'Authorization' : 'Bearer ' + token
  }
};
.......
}
0
sylviasindhu OP
Sep ’22

Hi @ebrowkin, Could you please let me know how you solved this issue? I also have the same code for generating tokens, but somehow I get a 401 error. And also, what endpoint do you use for getting metrics like the amount of downloads?

0
401 Error after 20 Minutes
First post date Last post date
 
 
Q