App Store Connect API and Third Party Services

deploy
ios
#1

Hi there - I was going to set up automatic app provisioning via the App Store Connect API, but when attempting to get a key, the following message is displayed:

Would Bitrise fall into the category of a third party service? Are we not “supposed” to be sharing our keys for this purpose?

(I personally don’t care, but my boss and owner of the app store account doesn’t want to give me the keys because of this warning).

Thanks,
Mike

0 Likes

#2

Hello there @mikedesjardinswave :wave:

When managing code signing via Bitrise’s iOS Auto Provision App Store Connect API step, you are not considered providing services to third party services (quite the opposite, as Bitrise is providing service to you a s a tool to build applications).

I also wanted to let you know that due to concerns around sharing API keys, we have implemented security measures to ensure that your API key is safe, making it visible only to you: other members of a project you are working on are unable to see any information regarding API keys besides their own (this applies to Support personnel who have been granted support access — not even we at Bitrise can access this information!)

So just to confirm, you have nothing to worry about, this is a completely safe and legit way of handling Code Signing for your builds :slight_smile:

0 Likes