App Store Connect is Apple's developer portal for managing iOS, macOS, tvOS, watchOS, and visionOS apps on the App Store. The App Store Connect API exposes the platform's resources as a JSON:API REST service, allowing teams to programmatically manage app metadata and localizations, App Store and TestFlight builds, bundle IDs, provisioning profiles, certificates, screenshots and previews, app analytics, sales and finance reports, users and invitations, and webhook subscriptions.
Power end-to-end data operations for your App Store Connect API with Nexla. Our bi-directional App Store Connect connector is purpose-built for App Store Connect, making it simple to ingest data, sync it across systems, and deliver it anywhere — all with no coding required. Nexla turns API-sourced data into ready-to-use, reusable data products and makes it easy to send data to App Store Connect or any other destination. With comprehensive monitoring, lineage tracking, and access controls, Nexla keeps your App Store Connect workflows fast, secure, and fully governed.
Features
Type: API
SourceDestination
Seamless API Integration: Connect to any endpoint as source or destination without coding, with automatic data product creation
Visual Composition & Chaining: Build complex integrations using visual templates, chain API calls, and compose workflows with data validation and filtering
API Proxy: Expose curated slices of your data securely with a secure and customizable API proxy that validates and transforms data on the fly
Request optimization with intelligent batching, retry, and caching to minimize API calls and costs
App Store Connect API requests are authenticated with a short-lived JSON Web Token (JWT) signed with the ES256 algorithm. The token is generated from an API key (a .p8 private key, a Key ID, and an Issuer ID) that an Account Holder or Admin creates in App Store Connect. Nexla sends the JWT in the Authorization: Bearer <token> header on every request.
From the navigation, open Users and Access, then select the Integrations tab.
In the App Store Connect API section, select the Team Keys sub-tab. (Use Individual Keys instead if you want a key scoped to a single user account.)
Click the + (plus) button next to Active to begin creating a new key.
In the Generate API Key dialog, enter a descriptive Name for the key (for example, Nexla Integration), and select the role that grants the access level your integration requires:
Admin: Full read/write access across resources, comparable to the Admin user role. Required for managing users, certificates, bundle IDs, and most write endpoints.
App Manager, Developer, Marketing, Sales, Customer Support, Finance: Scoped roles that restrict the key to the resources accessible to that role. Use the most restrictive role that still grants the endpoints your integration will call.
Click Generate. App Store Connect creates the key and returns to the key list.
Note the Issuer ID shown above the key table — this value is the same for every key on your team and is required when generating each JWT.
Note the new key's Key ID in the table (a 10-character identifier).
Click Download API Key next to the new key to download the private key file (AuthKey_<KeyID>.p8).
Important
The .p8 private key file can be downloaded only once. Store it in a secure secret manager immediately after download — Apple does not allow re-downloading the same key. If the file is lost, the key must be revoked and a new one generated.
Save the Issuer ID, Key ID, and the contents of the .p8 file. These three values are required to generate JWTs for the API.
Nexla expects an already-signed JWT in the credential field, so the token is generated outside of Nexla and pasted in. JWTs for App Store Connect must follow Apple's exact structure:
Header:
alg: ES256
kid: Your Key ID (from the previous section)
typ: JWT
Payload:
iss: Your Issuer ID (from the previous section)
iat: The current time as a UNIX timestamp
exp: Expiration time, no more than 20 minutes after iat (a UNIX timestamp)
aud: appstoreconnect-v1
scope(optional): A list of HTTP method and URL paths the token is restricted to (for example, GET /v1/apps). Omit to grant the role's full access.
Signing: Sign the token with the ES256 (ECDSA using P-256 and SHA-256) algorithm, using the contents of your .p8 private key.
Use a library or short script in your secret manager or CI environment to generate a fresh JWT before each credential refresh. App Store Connect rejects tokens older than 20 minutes, so long-running Nexla flows should periodically regenerate and update the credential value, or use an external token-refresh process.
Many Apple-maintained and third-party libraries can generate this token, including the official App Store Connect API sample code and language-specific JWT libraries such as PyJWT (Python), jsonwebtoken (Node.js), and JJWT (Java). For details on the exact token structure, see Generating tokens for API requests.
Important
The .p8 private key, Key ID, and Issuer ID together grant API access at the role level assigned to the key. Store them in a secure secret manager, never commit them to source control, and revoke a compromised key immediately from Users and Access > Integrations in App Store Connect.
After selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.
Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.
Generate a fresh ES256-signed JWT using your App Store Connect Key ID, Issuer ID, and .p8 private key, following the structure described under Generate the JWT Bearer Token above. The token must have an expiration no more than 20 minutes after the issue time, and aud set to appstoreconnect-v1.
Paste the full JWT (the three base64url-encoded segments joined by periods) into the JWT Bearer Token field. Nexla sends this value verbatim in the Authorization header as Bearer <jwt> on every App Store Connect API call.
Because each JWT is valid for at most 20 minutes, this credential is best suited to environments where the JWT is rotated by an external process — for example, a scheduled job in your secret manager that regenerates the token and updates the Nexla credential via the Nexla API. For long-running flows, consider generating a token with the longest allowed lifetime (20 minutes) immediately before activation, and rotating it on a recurring schedule.
Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.
To create a new data flow, navigate to the Integrate section, and click the New Data Flow button. Then, select the desired flow type from the list, and click the Create button. Select the App Store Connect connector tile from the list of available connectors, then select the credential that will be used to connect to the App Store Connect instance, and click Next; or, create a new App Store Connect credential for use in this flow.
Nexla provides pre-built templates that can be used to rapidly configure data sources to ingest data from common App Store Connect endpoints. Each template is designed specifically for the corresponding App Store Connect endpoint, making data source setup easy and efficient. Select the endpoint from which this source will fetch data from the Endpoint pulldown menu. Available endpoint templates are listed in the expandable boxes below. Click on an endpoint to see more information about it and how to configure your data source for this endpoint.
List Builds
This endpoint returns a paginated list of all builds across your team, with extensive filtering and sparse-fieldset support. Use it to sync TestFlight and App Store build history into a warehouse, build release dashboards, or monitor build processing state.
All filter, sort, fields, and limit parameters on this template are optional. Leave them blank to return the default response, or set specific values to narrow and shape the result.
To restrict results to a specific app, enter the app's Apple ID in the Filter by App field. App IDs can be obtained from the App Store Connect UI or from the /v1/apps endpoint.
To filter by build state, set Filter by Processing State (PROCESSING, FAILED, INVALID, or VALID), Filter by Beta Review State, or Filter by Expiration (true or false).
To filter by version, enter the build version string in Filter by Version, or the pre-release version string in Filter by Pre-Release Version Number. Use Filter by Platform (IOS, MAC_OS, TV_OS, VISION_OS, or WATCH_OS) to scope by platform.
To narrow by relationship, enter IDs in Filter by App Store Version, Filter by Beta Groups, Filter by Pre-Release Version ID, or Filter by ID.
Control the response shape by entering comma-separated field lists in the various Fields parameters (for example, Builds Fields, App Store Versions Fields), and by entering comma-separated relationship names in Include Related Resources (for example, app,preReleaseVersion,buildBetaDetails).
Use Sort Order to order the result set (for example, -uploadedDate for newest builds first). Use Limit (max 200) to control page size, and the related-resource limit fields (Beta Build Localizations Limit, Icons Limit, Individual Testers Limit) to cap included relationships per build.
Apple's App Store Connect API paginates using cursor-based links returned in the response's links.next field. For complete reference, see List Builds.
Get Build
This endpoint returns a single build resource by ID, with rich sparse-fieldset and relationship-include support. Use it to drill into a specific build identified by a parent flow (for example, after List Builds), or to fetch the latest details for a known build ID.
Enter the build's identifier in the Id field. Build IDs can be obtained from the List Builds endpoint or from any relationship that references a build.
Use Include Related Resources to request related resources in a single call (comma-separated, for example app,buildBetaDetails,betaAppReviewSubmission,preReleaseVersion,appStoreVersion).
Use the sparse-fieldset parameters (Builds Fields, Apps Fields, App Store Versions Fields, Pre-Release Versions Fields, Build Beta Details Fields, Build Icons Fields, Beta App Review Submissions Fields, Encryption Declarations Fields, Performance Power Metrics Fields, Diagnostic Signatures Fields, Beta Testers Fields, Beta Build Localizations Fields) to request only the attributes you need on the build and each included relationship.
Use the limit parameters (Beta Build Localizations Limit, Icons Limit, Individual Testers Limit) to cap the number of items returned for the corresponding related relationships.
When all sparse-fieldset and include parameters are left blank, App Store Connect returns the build's default attribute set. For the full attribute and relationship reference, see Read Build Information.
Get App Store Version
This endpoint retrieves a specific App Store version (the release record for a particular version string and platform of an app), with optional sparse fieldsets and relationship includes. Use it to inspect the metadata, build link, localizations, age-rating declarations, and submission state for a release in progress or already-published version.
Enter the App Store version's identifier in the Version ID field. Version IDs can be obtained from the /v1/apps/{'{id}'}/appStoreVersions endpoint or from any relationship that references an App Store version.
Use Include Related Resources to request related resources in a single call (comma-separated, for example build,appStoreVersionLocalizations,ageRatingDeclaration,appStoreReviewDetail,appStoreVersionSubmission,appStoreVersionPhasedRelease).
Use the sparse-fieldset parameters (App Store Version Fields, Build Fields, Localization Fields, Age Rating Declaration Fields, Review Detail Fields, Submission Fields, Phased Release Fields, IDFA Declaration Fields, Routing App Coverage Fields) to restrict the attributes returned.
Use Localization Limit to cap the number of included localizations returned with the version.
Create App Store Version
This endpoint creates a new App Store version for an app. It is exposed as a source template (rather than a destination) so that it can be chained inside a Nexla flow — for example, to create a new version before patching its localizations or attaching a build.
Enter the JSON request body in the Version Data field. The value must be the contents of the data envelope expected by App Store Connect — including type: "appStoreVersions", attributes.versionString and attributes.platform (IOS, MAC_OS, TV_OS, VISION_OS, or WATCH_OS), and a relationships.app entry pointing at the target app.
The endpoint wraps the value in a top-level data property automatically, so the field should contain the inner object only.
For the complete request schema and the list of optional attributes (for example, copyright, releaseType, earliestReleaseDate), see Create an App Store Version.
Update App Store Version
This endpoint updates the attributes of an existing App Store version — useful for changing the version string, copyright, release type, or attaching a different build.
Enter the existing version's identifier in the Version ID field.
Enter the JSON request body in the Version Data field. The value must be the data envelope contents, including type: "appStoreVersions", the matching id, and the attributes (and/or relationships) to change.
Only fields present in the request body are modified; omitted fields are left untouched.
Update App Info
This endpoint updates a single appInfo resource — the editable container for an app's primary and secondary categories and other top-level metadata that is editable for the version under review.
Enter the appInfo resource's identifier in the Id field. App Info IDs can be retrieved through the app's appInfos relationship.
Enter the JSON request body in the App Info Data field. The value must be the data envelope contents — typically relationships.primaryCategory, relationships.primaryCategoryV1, or relationships.secondaryCategory set to the corresponding appCategories resource.
List App Categories
This endpoint returns the list of App Store categories available for app metadata (Games, Productivity, etc.), with optional platform and parent filters. Use it to populate a lookup table of valid category IDs for Update App Info.
To restrict to a specific platform, enter the platform code (IOS, MAC_OS, TV_OS, VISION_OS, or WATCH_OS) in Filter by Platforms.
Use Filter by Parent Category with true to return only subcategories, or false to return only top-level categories.
Use Include Related Resources to include parent and/or subcategories, and Subcategories Limit to cap the number of subcategories returned per parent.
Use Fields to Include to control which category fields are returned, and Limit (max 200) to control page size.
List App Encryption Declarations
This endpoint returns the encryption declarations associated with your team's apps, optionally filtered by app, build, or platform. Use it to audit which apps and builds have a valid declaration on file.
To restrict results, enter values in Filter by App (an app ID), Filter by Builds (a comma-separated list of build IDs), or Filter by Platform (IOS, MAC_OS, TV_OS, VISION_OS, or WATCH_OS).
Use Include Related Resources with app or builds to return related resources inline.
Use Encryption Declaration Fields and App Fields to control which fields are returned, and Limit (max 200) to control page size.
List App Previews for Preview Set
This endpoint returns all app previews (video assets) in a specific preview set. Use it to audit which device families have completed preview uploads for a given App Store version localization.
Enter the parent preview set's identifier in the Preview Set Id field. Preview Set IDs can be obtained through the App Store version localization's appPreviewSets relationship.
Use Fields[Apppreviews] and Fields[Apppreviewsets] to restrict the returned attributes, and Include to inline related resources (for example, appPreviewSet).
Use Limit to control page size.
Commit an App Screenshot Reservation
Screenshot uploads to App Store Connect use a three-step asset reservation flow: reserve, upload bytes to the returned upload operations, and commit. This endpoint performs the final commit step by sending uploaded: true and the file's sourceFileChecksum to the screenshot resource.
Enter the reserved screenshot's identifier in the Screenshot ID field. The ID is returned from the Make an App Screenshot Asset Reservation destination endpoint.
Enter the commit JSON envelope in the Screenshot Commit Data field — typically type: "appScreenshots", the same id, and attributes with uploaded: true and sourceFileChecksum set to the MD5 hash of the uploaded file.
This endpoint registers a new bundle ID resource on your developer account — the persistent identifier that links an app's binary, profiles, and certificates. Exposed as a source template so it can be chained into Nexla flows that provision identifiers programmatically.
Enter the JSON request body in the Data field. The value must be the data envelope contents — type: "bundleIds" and attributes containing identifier (the reverse-DNS bundle ID), name, platform (IOS, MAC_OS, or UNIVERSAL), and an optional seedId.
Get Bundle ID
This endpoint retrieves a single bundle ID resource with optional related capabilities, profiles, and apps.
Enter the bundle ID's resource identifier (the API-internal identifier, not the reverse-DNS string) in the Id field.
Use Include Related Resources with bundleIdCapabilities, profiles, and/or app to return related resources inline.
Use the sparse-fieldset parameters (Bundle ID Fields, Capability Fields, Profile Fields, App Fields) and the limit parameters (Capability Limit, Profile Limit) to shape the response.
Update Bundle ID
This endpoint updates the attributes of an existing bundle ID resource — most commonly to rename the bundle ID display name.
Enter the bundle ID's resource identifier in the Id field.
Enter the JSON request body in the Data field. The value must be the data envelope contents — type: "bundleIds", the matching id, and attributes.name set to the new display name.
Get Certificate
This endpoint returns a single signing certificate resource (development, distribution, push, or pass type) by ID.
Enter the certificate's resource identifier in the Id field.
Use Certificate Fields with a comma-separated list of attributes (for example, certificateContent,displayName,expirationDate,certificateType,serialNumber) to limit the response payload.
List Certificates
This endpoint returns a paginated list of all certificates on the developer account, with filtering and sorting. Use it to audit upcoming certificate expirations or inventory by type.
To restrict the result set, enter values in Certificate Type (for example IOS_DEVELOPMENT, IOS_DISTRIBUTION, MAC_APP_DEVELOPMENT, DEVELOPER_ID_APPLICATION), Display Name, Serial Number, or Certificate ID.
Use Sort Order to order results (prefix the field with - for descending — for example, -expirationDate for certificates closest to expiration first).
Use Certificate Fields to limit returned attributes, and Result Limit (max 200) to control page size.
List Pass Type IDs for a Certificate
This endpoint returns the pass type IDs (Apple Wallet identifiers) associated with a specific certificate. Use it to map Wallet signing certificates to the pass types they sign.
Enter the certificate's resource identifier in the Certificate ID field.
List All Certificates for a Pass Type ID
This endpoint returns all certificates associated with a specific Wallet pass type ID — the inverse of List Pass Type IDs for a Certificate.
Enter the pass type ID's resource identifier in the Pass Type ID field.
List Certificates for a Merchant ID
This endpoint returns the Apple Pay merchant identity certificates associated with a specific merchant ID. Use it to audit which certificates are currently bound to each Apple Pay merchant ID.
Enter the merchant ID's resource identifier in the Merchant ID field.
List All Certificates in a Profile
This endpoint returns the certificate resources linked to a specific provisioning profile.
Enter the provisioning profile's resource identifier in the Profile ID field.
List All Devices in a Profile
This endpoint returns the registered test devices linked to a specific provisioning profile.
Enter the provisioning profile's resource identifier in the Profile ID field.
Read the Bundle ID in a Profile
This endpoint returns the single bundle ID resource that a provisioning profile is bound to. Use it to map provisioning profiles back to their bundle IDs when auditing the provisioning state of an app.
Enter the provisioning profile's resource identifier in the Profile ID field.
List Analytics Report Requests for an App
This endpoint returns the analytics report requests that have been created for a specific app. Each request is the parent record for a stream of reports the team has opted into through the App Store Connect Analytics API.
Enter the app's Apple ID in the App ID field.
To restrict the result set, set Access Type to ONGOING (for recurring report streams) or ONE_TIME_SNAPSHOT (for a single-day backfill request).
Use Result Limit to control page size.
Each app can have at most one ONGOING analytics report request. The recurring report files are then exposed through the request's reports relationship. For the full Analytics API model, see Downloading analytics reports.
Read an Analytics Report Request
This endpoint returns a single analytics report request by ID. Use it to confirm the access type and stoppedDueToInactivity status of a request before consuming its reports.
Enter the analytics report request's identifier in the Report Request ID field. Request IDs can be obtained from the List Analytics Report Requests for an App endpoint or from the response of the Create an Analytics Report Request destination.
Delete an Analytics Report Request
This endpoint cancels and removes an analytics report request. Use it to stop a previously created ONGOING request when the team no longer needs the recurring reports.
Enter the analytics report request's identifier in the Report Request ID field.
Deletion is permanent — the underlying historical reports remain accessible only as long as Apple retains them, so download anything still needed before deleting the request.
Get Power and Performance Metrics for an App
This endpoint returns aggregated Xcode-style power and performance metrics for the most recent App Store version of an app — including launch time, hangs, memory, disk usage, and battery. The response uses Apple's application/vnd.apple.xcode-metrics+json media type.
Enter the app's Apple ID in the App ID field.
To narrow the data set, use Device Type (for example, IPHONE, IPAD, MAC), Platform (IOS, MAC_OS, TV_OS, WATCH_OS), and/or Metric Type (DISK, HANG, LAUNCH, MEMORY, BATTERY).
Because the response is the Xcode metrics media type, this endpoint is best paired with a Path to Data in Response that targets the inner productData array (see Configure Manually).
Download Sales and Trends Reports
This endpoint downloads Sales and Trends reports for the given vendor, frequency, and report type/subtype. The response is a gzipped TSV file rather than JSON.
Enter your vendor number from Payments and Financial Reports in the Vendor Number field. Vendor numbers are typically 8 digits.
Set Frequency to DAILY, WEEKLY, MONTHLY, or YEARLY.
Set Report Type to one of SALES, PRE_ORDER, NEWSSTAND, SUBSCRIPTION, SUBSCRIPTION_EVENT, SUBSCRIBER, or SUBSCRIPTION_OFFER_CODE_REDEMPTION.
Set Report Sub Type to SUMMARY, DETAILED, or OPT_IN as required by the selected report type.
Enter the report period in Report Date. The format depends on frequency: YYYY-MM-DD for DAILY, YYYY-MM-DD (any day in the week) for WEEKLY, YYYY-MM for MONTHLY, or YYYY for YEARLY.
For report types and subtypes that require a version (for example, SUBSCRIBER), enter the version in Report Version (for example, 1_3).
Date/Time macros (see Configure Manually) can be used in the Report Date field to schedule rolling daily, weekly, or monthly downloads — for example, {'{now-1}'} with a Day time unit and YYYY-MM-DD date format. For the full sales report reference, see Download Sales and Trends Reports.
Download Finance Reports
This endpoint downloads finance reports for a given fiscal period and region — the official payout-level records that Apple publishes monthly. The response is a gzipped report file.
Enter your vendor number in the Vendor Number field.
Set Region Code to a two-letter ISO region code, or ZZ for the consolidated report across all regions.
Enter the fiscal period in Report Date in YYYY-MM format. The period follows Apple's fiscal calendar rather than the standard calendar month.
Set Report Type to FINANCIAL (the default, summary by SKU) or FINANCE_DETAIL (line-item detail).
Finance reports are not published in real time — Apple makes them available roughly 30 days after the end of each fiscal month. For the full region list and field reference, see Download Finance Reports.
List Users
This endpoint returns a paginated list of users in the App Store Connect account, with optional filters by role, username, and visible apps. Use it to feed a user-access audit or to keep an external identity store in sync.
To restrict the result set, set Filter by Roles (comma-separated, for example ADMIN,DEVELOPER,FINANCE), Filter by Username, or Filter by Visible Apps (comma-separated app IDs).
Use Sort Order to order results (prefix with - for descending — for example, -lastName).
Use Users Fields and Apps Fields to restrict the returned attributes, and Include Related Resources with visibleApps to inline the apps each user can access.
Use Results Limit (max 200) to control page size, and Visible Apps Limit to cap the number of related apps per user.
List User Invitations
This endpoint returns the team's pending user invitations — users who have been invited but have not yet completed sign-up. Use it to audit outstanding invites for renewal or revocation.
No configuration is required for this endpoint beyond selecting it. All pending invitations on the team are returned automatically.
List All Apps Visible to an Invited User
This endpoint returns the apps that a pending user invitation will be able to see once accepted. Use it to validate an outstanding invitation's app-level scope before it is accepted.
Enter the user invitation's identifier in the User Invitation ID field. Invitation IDs can be obtained from the List User Invitations endpoint.
Read the Deliveries for a Webhook
This endpoint returns the delivery records for a specific App Store Connect webhook subscription — each record describes one attempted delivery to your endpoint, including timestamps, HTTP status, and retry state. Use it to monitor webhook health or build a delivery audit log.
Enter the webhook's identifier in the Webhook ID field. Webhook IDs can be obtained through the /v1/webhooks endpoint or from the App Store Connect Webhooks UI.
Once the selected endpoint template has been configured, click the Test button to the right of the endpoint selection menu to retrieve a sample of the data that will be fetched. Sample data will be displayed in the Endpoint Test Result panel on the right, allowing you to verify that the source is configured correctly before saving.
App Store Connect data sources can also be manually configured to ingest data from any valid App Store Connect API endpoint, including endpoints not covered by the pre-built templates (for example, beta groups, TestFlight testers, in-app purchases, or customer reviews), chained API calls, or custom request parameters. Select the Advanced tab at the top of the configuration screen, and follow the instructions in Connect to Any API to configure the API method, endpoint URL, date/time and lookup macros, path to data, metadata, and request headers.
All App Store Connect API URLs use the base https://api.appstoreconnect.apple.com/v1/ followed by the resource path (for example, https://api.appstoreconnect.apple.com/v1/apps). App Store Connect follows the JSON:API specification: for list endpoints (such as /v1/builds), set the Path to Data to $.data[*]; for single-resource endpoints (such as /v1/builds/{'{id}'}), use $.data. Sales and Finance report endpoints return a gzipped TSV file, so no path is needed. Set the Path to Metadata to $.meta to capture paging information or $.links for cursor URLs. The Authorization bearer JWT header is added automatically from your credential; add Accept: application/vnd.apple.xcode-metrics+json when calling the perfPowerMetrics endpoint, or Accept: application/a-gzip when downloading sales or finance reports. Date/Time macros can populate report-date filters — for example, {'{now-1}'} with a Day time unit and YYYY-MM-DD date format to always fetch yesterday's daily sales report (App Store Connect expects YYYY-MM-DD for daily report dates, YYYY-MM for monthly/finance report dates, and YYYY for yearly report dates).
Once all of the relevant settings have been configured, click the Create button in the upper right corner of the screen to save and create the new App Store Connect data source. Nexla will now begin ingesting data from the configured endpoint and will organize any data that it finds into one or more Nexsets.
Click the + icon on the Nexset that will be sent to the App Store Connect destination, and select the Send to Destination option from the menu. Select the App Store Connect connector from the list of available destination connectors, then select the credential that will be used to connect to the App Store Connect account, and click Next; or, create a new App Store Connect credential for use in this flow.
Nexla provides pre-built templates that can be used to rapidly configure destinations to send data to common App Store Connect endpoints. Each template is designed specifically for the corresponding App Store Connect endpoint, making destination setup easy and efficient. Select the endpoint to which data will be sent from the Endpoint pulldown menu. Then, click on the template in the list below to expand it, and follow the instructions to configure additional endpoint settings.
Create an Analytics Report Request
This endpoint creates an analytics report request — the parent record that opts an app into either a recurring (ONGOING) or single-day (ONE_TIME_SNAPSHOT) stream of analytics reports. Use it to programmatically subscribe new apps to the App Store Connect Analytics API.
Each record in the upstream Nexset must contain the full JSON request body expected by App Store Connect: a data envelope with type: "analyticsReportRequests", attributes.accessType set to ONGOING or ONE_TIME_SNAPSHOT, and a relationships.app.data entry that points at the target app (type: "apps", id: "<appleId>").
Each combination of (app, accessType) is unique — a duplicate request returns a conflict error. Use the List Analytics Report Requests for an App source endpoint upstream to filter records to apps that do not already have an active request.
Enable the Response Webhook option (in the Configure Manually section) to capture the newly created request's ID for downstream branching. For the full payload reference, see Create an Analytics Report Request.
Make an App Screenshot Asset Reservation
This endpoint reserves an upload slot for an app screenshot asset and returns the URLs to which the raw image bytes should be PUT. It is the first step of App Store Connect's three-step asset upload pattern (reserve, upload, commit).
Each record in the upstream Nexset must contain the full JSON request body: a data envelope with type: "appScreenshots", attributes including fileSize (in bytes) and fileName (the filename Apple stores), and relationships.appScreenshotSet.data set to type: "appScreenshotSets" and the parent screenshot set's id.
The response contains an uploadOperations array with the URLs, headers, and byte ranges to use when uploading the file. Enable the Response Webhook option (in the Configure Manually section) to capture this response into a downstream Nexla webhook source for use by the upload step.
Once the bytes have been uploaded to each uploadOperations URL, finalize the asset with the Commit an App Screenshot Reservation source-template endpoint, supplying the MD5 checksum of the uploaded file. For the full upload sequence, see Uploading assets to App Store Connect.
Create App Preview
This endpoint reserves an upload slot for an app preview (a video asset shown on the App Store listing). The reservation pattern mirrors Make an App Screenshot Asset Reservation — reserve here, PUT the bytes to the returned upload operations, then commit by patching the resource with uploaded: true.
Each record in the upstream Nexset must contain the JSON request body: a data envelope with type: "appPreviews", attributes including fileSize, fileName, and (optionally) previewFrameTimeCode and mimeType, and relationships.appPreviewSet.data set to the parent app preview set.
Enable the Response Webhook option (in the Configure Manually section) to capture the response's uploadOperations array into a downstream Nexla webhook source for the upload step.
Create Certificate
This endpoint creates a new signing certificate from a Certificate Signing Request (CSR). Use it to programmatically provision development, distribution, push, pass type, or Apple Pay merchant identity certificates from a CI or device-management pipeline.
Each record in the upstream Nexset must contain the JSON request body: a data envelope with type: "certificates", attributes.certificateType set to one of IOS_DEVELOPMENT, IOS_DISTRIBUTION, MAC_APP_DEVELOPMENT, MAC_APP_DISTRIBUTION, DEVELOPER_ID_APPLICATION, APPLE_PAY, PASS_TYPE_ID, or one of the other supported values, and attributes.csrContent set to the PEM-encoded CSR (without the -----BEGIN/END CERTIFICATE REQUEST----- markers).
Apple returns the newly issued certificate in the response under data.attributes.certificateContent as a base64-encoded DER blob. Enable the Response Webhook option to capture the response and store the certificate downstream.
App Store Connect destinations can also be manually configured to send data to any valid App Store Connect API endpoint not covered by the pre-built templates — including PATCH-based updates, DELETE actions, asset commit calls, and relationship-modification endpoints. Select the Advanced tab at the top of the configuration screen, and follow the instructions in Connect to Any API to configure the API method, data format, endpoint URL, request headers, attribute exclusions, record batching, and response webhooks.
The App Store Connect API requires application/json for all write endpoints, so JSON is the appropriate Content Format for every destination. All URLs use the base https://api.appstoreconnect.apple.com/v1/ followed by the resource path; for PATCH or DELETE operations, include the resource ID at the end of the URL, using a Nexla macro to substitute the ID from each upstream record (for example, {'https://api.appstoreconnect.apple.com/v1/appStoreVersions/{id}'}). The Authorization bearer JWT and Content-Type: application/json headers are added automatically. The API operates on one JSON:API resource per request — there is no batched-create or bulk-update endpoint — so record batching is best left disabled. Enabling the Response Webhook option is essential for chained flows: the response from a screenshot or preview reservation contains the uploadOperations URLs needed to PUT the bytes, and the response from Create Certificate contains the issued certificate content, which must be captured before the request is closed.
Important
Test payloads sent to write endpoints (such as Create App Store Version, Create Certificate, or Create an Analytics Report Request) make real changes in your App Store Connect account. Some operations — for example, certificate issuance — consume a finite team quota and cannot be cleanly undone. Use a non-production team account, or carefully curate test data, before sending test requests against a production App Store Connect account.
Once all endpoint settings have been configured, click the Done button in the upper right corner of the screen to save and create the destination. To begin sending data to App Store Connect, open the destination resource menu, and select Activate.
The Nexset data will not be sent to App Store Connect until the destination is activated. Destinations can be activated immediately or at a later time, providing full control over data movement.