I'm using this code to get all apps in App Store Connect:
let jwt = ...
var request = URLRequest(url: URL(string: "https://api.appstoreconnect.apple.com/v1/apps")!)
request.setValue("Bearer \(jwt)", forHTTPHeaderField: "Authorization")
let session = URLSession(configuration: .ephemeral)
let task = session.dataTask(with: request) { data, response, error in
if let error = error {
print(error)
} else if let data = data {
print(String(data: data, encoding: .utf8))
}
}
task.resume()
But the response is an error status: 400, code: ENTITY_INVALID, title: JSON processing failed. What entity is this error referring to? And what JSON is invalid? The JWT token seems to be fine, since when using a random value I get an error 401 NOT_AUTHORIZED.
As per my comment in the question, if no scope is required, you need to omit it from the claim portion of the JWT, i.e. instead of (for example):
{
"iss": "57246542-96fe-1a63-e053-0824d011072a",
"iat": 1528407600,
"exp": 1528408800,
"aud": "appstoreconnect-v1",
"scope": [
]
}
Use:
{
"iss": "57246542-96fe-1a63-e053-0824d011072a",
"iat": 1528407600,
"exp": 1528408800,
"aud": "appstoreconnect-v1"
}