What am I doing wrong here? I get 401 status code for all my requests although something meaningful is printed for the serialized token.
from jwcrypto import jwk, jwt
import time
import os
import requests
kid = os.getenv("appstoreconnect_kid")
iss = os.getenv("appstoreconnect_iss")
url = "https://api.appstoreconnect.apple.com/v1/apps"
epoch_time = int(time.time())
with open("AuthKey_PGG7NQ624S.p8", "rb") as pemfile:
pem_content = pemfile.read()
key = jwk.JWK.from_pem(pem_content)
jwt_header = {"alg":"ES256", "kid":kid, "typ":"JWT"}
jwt_payload = {"iss":iss, "iat":epoch_time, "exp":epoch_time + (60*20), "aud": "appstoreconnect-v1"}
token = jwt.JWT(header=jwt_header, claims=jwt_payload)
token.make_signed_token(key)
serialized_token = token.serialize()
headers = {'Authorization': f'Bearer {serialized_token}'}
res = requests.get(url=url, headers=headers)
print('SerToken', serialized_token)
print('StatusCode', res.status_code)
I have found what was causing the error. You need to define "Admin" privileges for the key you will use to make API requests to "https://api.appstoreconnect.apple.com/v1/apps"