Apple Music API Developer Token JWT how-to

Does anyone know how to create and sign an Apple Music API Developer Token in JWT format?

I have the Key Identifier, (kid).

I have the Team ID - the issuer (iss)

I have the MusicKit private key.

I have been programming in swift for a little over a year now and I have been stuck at this point for about a week. I understand the format the token is supposed to be in. I have searched everywhere for how to make it, I have been unsuccessful. So now I am here hoping someone can help or point me in the right direction.


I have read up and down https://developer.apple.com/documentation/applemusicapi/getting_keys_and_creating_tokens


It simply states to create the token and sign it with your musickit private key. It seems apple provides no instruction on how to do this. Is this common knowledge that I just do not have/can't find?

The closest item of help I could find online was https://github.com/pelauimagineering/apple-music-token-generator

However, I do not know how to program in python/write a script. I am currently trying to learn.

Is this the only way to create a Developer Token?

I may just be in way too over my head for the apple music api.


Please help/point me in the right direction on how to construct the Apple Music API developer token if you can.

Up vote post of jsvand Down vote post of jsvand
4.9k views
Posted by
jsvand
Reply
Add a Comment

Replies

Hey mate - I was in the exact same position you were for the past few days but have just managed to get it working. Do you still need help?

Posted by
seanWilliams85
Up vote reply of seanWilliams85 Down vote reply of seanWilliams85
Add a Comment

here's the node js script i use!

bin $ cat generate_jwt.js
"use strict";

const fs = require("fs");
const jwt = require("jsonwebtoken");

const privateKey = fs.readFileSync("AuthKey.p8").toString();
const teamId = "<teamid>";
const keyId = "<keyid>";

const jwtToken = jwt.sign({}, privateKey, {
  algorithm: "ES256",
  expiresIn: "180d",
  issuer: teamId,
  header: {
    alg: "ES256",
    kid: keyId
  }
});

console.log(jwtToken);
Posted by
marstall
Post not yet marked as solved Up vote reply of marstall Down vote reply of marstall
Add a Comment
We are still getting 401, even though we use the node script and when we decode our JWT token, it looks fine to us. Please post any input that fixed it for you.
Posted by
kaspertik
Up vote reply of kaspertik Down vote reply of kaspertik
Add a Comment
Hi kaspertik,

Are you using MusicKitJs or are you using the token to query the APIs directly?

Is the token being added as a header to network requests with Authorization: Bearer {token}?

In addition, can you ensure you are using the correct teamId and keyId for that private key you are signing your tokens with?
Posted by
_jb
Up vote reply of _jb Down vote reply of _jb
Add a Comment
I use CupertinoJWT. While there are many libraries that support JWT, last I checked (~2 years ago) only this one supported ES256 which Apple requires.

Hope this helps someone.
Posted by
addy239
Post not yet marked as solved Up vote reply of addy239 Down vote reply of addy239
Add a Comment