Always get "METHOD_NOT_ALLOWED" from App Store Connect API Post Requests

193 views Asked by At

I am working with App Store Connect API for the first time, from NodeJS (if that matters, but I also tried with curl).

I was able to authenticate and send GET requests with no problem, but when trying to send POST request I always get "METHOD_NOT_ALLOWED" error.

Is anyone able to send post request? specifically to "https://api.appstoreconnect.apple.com/v1/certificates", but I also tried the Profiles endpoint, and I got the same problem.

The docs claim its possible, but this error makes me feel something is not updated over there.

Any help will be very much appreciated!

Some extra information:

JWT Playload:

{
  iss:"KEY ISSUER",
  iat:Math.floor(Date.now() / 1000),
  exp:Math.floor(Date.now() / 1000) + (60 * 10),
  aud:'appstoreconnect-v1',
  scope:[
    'POST /v1/certificates'
  ]
}

JWT Options:

{
  algorithm:'ES256',
  header:{
    alg:'ES256',
    kid:"KEY ID",
    typ:'JWT'
  }
}

Request Body(Before Stringify):

{
  data:{
    type:'certificates',
    attributes:{
      certificateType:'IOS_DISTRIBUTION',
      csrContent:"PEM CERT"
    }
  }
}
1

There are 1 answers

1
kooskoos On BEST ANSWER

The issue seems to be with the scope. It doesn't support POST. If you remove the scope key it should work fine.

enter image description here

Reference: https://developer.apple.com/documentation/appstoreconnectapi/generating_tokens_for_api_requests