MCPcopy Index your code
hub / github.com/rorkai/App-Store-Connect-CLI

github.com/rorkai/App-Store-Connect-CLI @2.5.0 sqlite

repository ↗ · DeepWiki ↗ · release 2.5.0 ↗
19,799 symbols 84,109 edges 1,743 files 6,191 documented · 31%
README

App Store Connect CLI

Latest Release GitHub Stars Go Version License Homebrew

asc -- App Store Connect CLI

A fast, lightweight, and scriptable CLI for the App Store Connect API. Automate iOS, macOS, tvOS, and visionOS release workflows from your terminal, IDE, or CI/CD pipeline.

Table of Contents

asc skills

Agent Skills for automating asc workflows including builds, TestFlight, metadata sync, submissions, and signing: https://github.com/rorkai/app-store-connect-cli-skills

Install them globally so they are available across projects:

asc install-skills

Direct install:

npx skills add rorkai/app-store-connect-cli-skills --global --agent codex

Quick Start

If you want to confirm the binary works before configuring authentication:

asc version
asc --help

1. Install

# Homebrew (recommended)
brew install asc

# Install script (macOS/Linux)
curl -fsSL https://asccli.sh/install | bash
# Windows (WinGet, once the package is accepted)
winget install asc

# Exact fallback when scripting
winget install --id Rorkai.ASC --exact

The WinGet package is tracked in GitHub Discussion #1552. Until it appears in winget search asc, Windows users can download the signed release binaries directly from the GitHub releases page.

For source builds and contributor setup, see CONTRIBUTING.md.

2. Authenticate

asc auth login \
  --name "MyApp" \
  --key-id "ABC123" \
  --issuer-id "DEF456" \
  --private-key /path/to/AuthKey.p8 \
  --network

Generate API keys at: https://appstoreconnect.apple.com/access/integrations/api

If you are running in CI, a headless shell, or a machine where keychain access is not available, use config-backed auth instead:

asc auth login \
  --bypass-keychain \
  --name "MyCIKey" \
  --key-id "ABC123" \
  --issuer-id "DEF456" \
  --private-key /path/to/AuthKey.p8

3. Validate auth

asc auth status --validate
asc auth doctor

4. First command

asc apps list --output table
asc apps list --output json --pretty

Output defaults (TTY-aware)

asc chooses a default --output based on where stdout is connected:

  • Interactive terminal (TTY): table
  • Non-interactive output (pipes/files/CI): json

You can still set a global preference:

export ASC_DEFAULT_OUTPUT=markdown

And explicit flags always win:

asc apps list --output json

Stability labels

asc uses visible lifecycle labels so you can judge support expectations before depending on a command in CI or scripts:

  • No label: stable public CLI contract for normal use
  • [experimental]: useful, but still evolving; expect sharper edges and faster iteration
  • DEPRECATED: or deprecation warnings: compatibility path kept during migration, but not the long-term home

Troubleshooting

Homebrew

  • Refresh Homebrew first: brew update && brew upgrade asc
  • Check which binary you are running: which asc
  • Confirm the installed version: asc version
  • If Homebrew is behind the latest GitHub release, use the install script from https://asccli.sh/install

WinGet

  • Refresh WinGet sources first: winget source update
  • Prefer the short install once available: winget install asc
  • If the short name ever becomes ambiguous, use the package identifier: winget install --id Rorkai.ASC --exact
  • Confirm the installed command resolves: Get-Command asc and asc version

Authentication

  • Validate the active profile: asc auth status --validate
  • Run the auth health check: asc auth doctor
  • If keychain access is blocked, retry with ASC_BYPASS_KEYCHAIN=1 or re-run asc auth login --bypass-keychain
  • Use asc auth login --local --bypass-keychain ... when you want repo-local credentials in ./.asc/config.json

Output

  • asc defaults to table in an interactive terminal and json in pipes, files, and CI
  • Use an explicit format when scripting or sharing repro steps: --output json, --output table, or --output markdown
  • Use --pretty with JSON when you want readable output in terminals or bug reports
  • Set a personal default with ASC_DEFAULT_OUTPUT, but remember --output always wins

Privacy and telemetry

asc sends pseudonymous command-level usage telemetry by default to help maintainers understand which commands are used and where reliability work is needed. Local events include a random installation ID, which lets events from one installation be grouped over time; it is not derived from an Apple account or machine identifier.

Telemetry includes the CLI version, operating system and architecture, registered command path, duration and exit outcome, runtime context, invocation source, low-cardinality invocation shape and failure classifications, and random event and session IDs. It does not include raw arguments, stderr, error messages, or flag values, credentials, private keys, Apple account, team, or issuer IDs, app or bundle IDs, API responses, usernames, hostnames, repository names, or file paths.

Review or change telemetry at any time:

asc telemetry status
asc telemetry disable
asc telemetry reset-id

ASC_TELEMETRY_DISABLED=1 and DO_NOT_TRACK=1 also disable telemetry. See the telemetry reference for the exact event payload, runtime handling, collector endpoint, and all controls.

Support

  • Use GitHub Discussions for install help, authentication setup, workflow advice, and "how do I...?" questions
  • Use GitHub Issues for reproducible bugs and concrete feature requests
  • See SUPPORT.md for the support policy and bug-report checklist
  • Before filing an auth or API bug, retry with ASC_BYPASS_KEYCHAIN=1; if it is safe to do so, include redacted output from ASC_DEBUG=api asc ... or asc --api-debug ...

Wall of Apps

See the Wall of Apps →

Want to add yours? asc apps wall submit --app "1234567890" --confirm

The command uses your authenticated gh session to fork the repo and open a pull request that updates docs/wall-of-apps.json. It resolves the public App Store name, URL, and icon from the app ID automatically. For manual entries that are not on the public App Store yet, use --link with --name. Use asc apps wall submit --dry-run to preview the fork, branch, and PR plan before creating anything.

Common Workflows

TestFlight feedback and crashes

asc testflight feedback list --app "123456789" --paginate
asc testflight crashes list --app "123456789" --sort -createdDate --limit 10
asc testflight crashes log --submission-id "SUBMISSION_ID"

Builds and distribution

asc builds upload --app "123456789" --ipa "/path/to/MyApp.ipa"
asc builds list --app "123456789" --output table
asc testflight groups list --app "123456789" --output table

For macOS TestFlight distribution, upload the exported .pkg first, then add the processed build to a beta group:

asc builds upload --app "123456789" --pkg "./build/MyMacApp.pkg" --version "1.2.3" --build-number "42" --wait --output json
asc builds add-groups --app "123456789" --build-number "42" --version "1.2.3" --platform MAC_OS --group "Internal Testers"

--app is the App Store Connect app ID. If you use local Xcode build flags such as --archive-path, also pass exactly one of --workspace or --project plus --scheme; otherwise use a pre-exported .ipa or .pkg upload. Add --submit --confirm to asc builds add-groups when distributing to an external TestFlight group that needs beta app review submission.

Release (high-level App Store publish flow)

# Optional: preview the staging plan before submission
asc release stage --app "123456789" --version "1.2.3" --build "BUILD_ID" --copy-metadata-from "1.2.2" --dry-run

# Canonical upload + attach + submit command
asc publish appstore --app "123456789" --ipa "/path/to/MyApp.ipa" --version "1.2.3" --submit --confirm

# Monitor status after submission
asc status --app "123456789" --watch

Lower-level submission lifecycle commands (for debugging or partial workflows):

# Canonical readiness check
asc validate --app "123456789" --version "1.2.3"
asc submit status --version-id "VERSION_ID"
asc submit cancel --version-id "VERSION_ID" --confirm

Review status and blockers

asc review status --app "123456789"
asc review doctor --app "123456789"

Metadata and localization

asc localizations list --app "123456789" --type app-info
asc metadata init --dir "./metadata" --version "1.2.3" --locale "en-US"
asc metadata apply --app "123456789" --version "1.2.3" --dir "./metadata" --dry-run
asc metadata keywords audit --app "123456789" --version "1.2.3" --blocked-terms-file "./blocked-terms.txt"
asc apps info view --app "123456789" --output json --pretty

Use asc metadata keywords audit before sync or apply when you want an ASO-focused review of live keyword metadata across locales. It reports duplicate phrases, repeated terms across locales, overlap with localized app name or subtitle, byte-budget usage, and optional blocked terms from repeated --blocked-term flags or a text file.

Screenshots and media

asc screenshots plan --app "123456789" --version "1.2.3" --review-output-dir "./screenshots/review"
asc screenshots apply --app "123456789" --version "1.2.3" --review-output-dir "./screenshots/review" --confirm
asc screenshots list --version-localization "VERSION_LOCALIZATION_ID"
asc video-previews list --app "123456789"

Uploading screenshots for a single locale:

asc apps list
asc versions list --app "APP_ID"
asc localizations list --version "VERSION_ID" --output json --locale "en-US" | jsonpp
asc screenshots upload --version-localization "VERSION_LOCALIZATION_ID" --path "./screenshots/en-US" --device-type "IPHONE_65" --replace --max-screenshots 10

VERSION_LOCALIZATION_ID is the App Store version localization resource ID from data[].id, not the locale code from attributes.locale.

Signing and bundle IDs

asc certificates list
asc profiles list
asc bundle-ids list

Workflow automation

asc workflow validate
asc workflow run --dry-run testflight_beta VERSION:1.2.3

Verified local Xcode -> TestFlight workflow

See docs/WORKFLOWS.md for a copyable .asc/deployment.json, .asc/workflow.json, and ExportOptions.plist that use asc builds next-build-number, asc xcode inject, asc xcode archive, asc xcode export --timeout 10m, and asc publish testflight --group ... --wait. Add --submit --confirm when distributing to an external TestFlight group that needs beta app review submission.

asc workflow validate
asc xcode inject --manifest .asc/deployment.json --set version=1.2.3 --set build_number=42 --dry-run --output json
asc workflow run --dry-run testflight_beta VERSION:1.2.3
asc workflow run testflight_beta VERSION:1.2.3

Xcode Cloud workflows and build runs

# Trigger from a pull request
asc xcode-cloud run --workflow-id "WORKFLOW_ID" --pull-request-id "PR_ID"

# Rerun from an existing build run with a clean build
asc xcode-cloud run --source-run-id "BUILD_RUN_ID" --clean

# Fetch a single build run by ID
asc xcode-cloud build-runs get --id "BUILD_RUN_ID"

Apple Ads campaign management

Apple Ads uses separate OAuth credentials from App Store Connect:

asc ads auth login --name "Marketing" --client-id "SEARCHADS_CLIENT_ID" --team-id "SEARCHADS_TEAM_ID" --key-id "KEY_ID" --private-key ./ads-key.pem --org "123456"
asc ads auth discover --output json
asc ads campaigns --org "123456" --limit 100 --output json
asc ads reports campaigns --org "123456" --file reporting-request.json --output json

See guides/apple-ads-playbooks.mdx for operator playbooks covering credential safety, org inspection, read-only smoke tests, reporting, raw API usage, and guarded mutations.

StoreKit Retention Messaging

Retention Messaging uses a dedicated In-App Purchase API key, separate from App Store Connect API credentials:

asc storekit auth login --name Production --key-id "KEY_ID" --issuer-id "ISSUER_ID" --private-key ./SubscriptionKey.p8 --bundle-id com.example.app
asc storekit auth doctor --environment sandbox --network
asc storekit retention-messaging messages list --environment sandbox --output json
asc storekit retention-messaging endpoint view --environment production

See [d

Extension points exported contracts — how you extend this code

PaginatedResponse (Interface)
PaginatedResponse represents a response that supports pagination. [24 implementers]
internal/asc/types/resources.go
Provider (Interface)
Provider captures a single screenshot and returns the path to the PNG. [3 implementers]
internal/screenshots/capture.go
SessionState (Interface)
(no doc) [3 implementers]
internal/appleauth/twofactor.go
ReportedError (Interface)
ReportedError marks an error as already reported to the user. The main entrypoint should exit non-zero without duplicati [1 …
internal/cli/shared/errors.go
ClientOption (FuncType)
ClientOption configures a Client.
internal/appleads/client.go
Position (Interface)
(no doc)
apps/studio/frontend/wailsjs/runtime/runtime.d.ts
ClientOption (FuncType)
(no doc)
internal/storekit/client.go
MigrationSuggestionResolver (FuncType)
(no doc)
internal/auth/doctor_migration.go

Core symbols most depended-on inside this repo

String
called by 3064
internal/cli/snitch/snitch.go
MissingRequiredUsageError
called by 1448
internal/cli/shared/errors.go
Cleanup
called by 1421
internal/signing/gitstore.go
PrintOutput
called by 1176
internal/cli/shared/shared.go
Is
called by 1153
internal/cli/shared/shared.go
do
called by 1104
internal/asc/client_http.go
ContextWithTimeout
called by 1065
internal/cli/shared/shared.go
BindOutputFlags
called by 999
internal/cli/shared/shared.go

Shape

Function 14,299
Struct 2,847
Method 2,156
FuncType 258
TypeAlias 119
Class 91
Interface 29

Languages

Go97%
TypeScript2%
Python1%

Modules by API surface

internal/asc/client_options.go520 symbols
internal/asc/client_http_test.go389 symbols
internal/asc/xcode_cloud.go246 symbols
internal/asc/client_queries.go208 symbols
apps/studio/frontend/wailsjs/go/models.ts168 symbols
internal/asc/client_app_clips.go129 symbols
internal/cli/shared/shared.go120 symbols
internal/auth/keychain.go102 symbols
internal/asc/client_test.go101 symbols
internal/asc/client.go98 symbols
internal/cli/cmdtest/commands_test.go94 symbols
internal/xcode/xcode.go84 symbols

Dependencies from manifests, versioned

github.com/1Password/srpv0.2.0 · 1×
github.com/99designs/go-keychainv0.0.0-2019100805025 · 1×
github.com/99designs/keyringv1.2.2 · 1×
github.com/AlecAivazis/survey/v2v2.3.7 · 1×
github.com/bep/debouncev1.2.1 · 1×
github.com/cespare/xxhash/v2v2.3.0 · 1×
github.com/clipperhouse/displaywidthv0.11.0 · 1×
github.com/clipperhouse/uax29/v2v2.7.0 · 1×
github.com/creack/ptyv1.1.24 · 1×
github.com/danieljoos/wincredv1.2.3 · 1×
github.com/dvsekhvalnov/jose2gov1.8.0 · 1×

For agents

$ claude mcp add App-Store-Connect-CLI \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact