can i generate an App Store Connect API Key by apple specific password

Hello @blackvision,

Thanks for posting on the Apple Developer Forums!

When you say "command line tools", is there a specific command line tool that you are referring to? Maybe something included in the Xcode Command Line tools?

From what I have been able to find in the Apple documentation, I have not found a way to create an API Key outside of the web interface. If I understand your question, what you are essentially asking for is an API Key that can generate additional API Keys. While Apple can introduce a new service at any time, I cant think of another existing Apple service with this model as it does not fall within their current authentication model.

However, it might be worth looking into something like what this other poster on the forums is doing.

https://developer.apple.com/forums/thread/707271

In this post they are dynamically creating JWTs with an expiration that can be provided to other teams and have specific scopes set for the applications they may be responsible for or the resources they would like for the end user to have access to. This certainly would not solve ALL of the challenges of being able to hand out an API Key itself, but building a proxy service for authentication internally would be more secure and provide better flexibility in the long run if you are needing to have managed access.

One thing that I try to remind myself of when providing authentication information to users for Apple resources is that there are no logs of who did what or when which is the biggest driver for building a proxy service to control access instead of providing authentication information directly. Just some ideas even though I know this does not directly answer your question.

Hopefully this helps and happy coding!