Authentication
StorePush uses the App Store Connect API to communicate with Apple. You need to create an API key and provide your credentials to StorePush.
Creating an API Key
- Go to App Store Connect and sign in
- Navigate to Users and Access > Integrations > App Store Connect API
- Click the + button to create a new key
- Give it a name (e.g., "StorePush") and select the Admin role
- Click Generate
After generation, you'll see:
- Key ID — A short alphanumeric identifier (e.g.,
ABC123DEF4) - Issuer ID — Your team's UUID (shown at the top of the page)
- Private Key — Download the
.p8file (you can only download it once)
Required Permissions
StorePush requires the Admin role to:
- Read and write app metadata (descriptions, keywords, release notes)
- Manage screenshots and previews
- Read build information and submit builds for review
- Read and respond to customer reviews
- Access analytics data
Providing Credentials to StorePush
When adding an app in StorePush, paste the following:
- Key ID — The key identifier from App Store Connect
- Issuer ID — Your team's issuer ID
- Private Key — The full contents of your
.p8file, including the-----BEGIN PRIVATE KEY-----and-----END PRIVATE KEY-----lines - App Store ID — Your app's numeric Apple ID (found in App Store Connect under General > App Information)
Security
- Credentials are stored encrypted in the database
- JWT tokens are generated on-demand and expire after 10 minutes
- Tokens are automatically refreshed before expiry during long-running operations
- StorePush never stores Apple user passwords — only API keys
Rotating Keys
To rotate your API key:
- Create a new key in App Store Connect
- Update the credentials in StorePush under your app's Settings > Credentials
- Revoke the old key in App Store Connect
StorePush will start using the new key immediately on the next operation.