View in English

Manage service configurations

Configure the Apps and Books for Organizations API

The Apps and Books for Organizations API allows MDM-enabled developer accounts to request information about apps and books they manage through available web services. If your Apple developer account is not enabled as an MDM vendor, you can request access to the MDM Vendor CSR Signing Certificate.

Configure a Services ID for Apps and Books for Organizations API

  1. In Certificates, Identifiers & Profiles, click Identifiers in the sidebar.
  2. On the top left, click the add button (+), select Services IDs, then click Continue.
  3. Enter the app name as the Description.
  4. Enter a reverse-domain name style string for the Identifier, then click Continue.
  5. Review the information, then click Register.
  6. Click Done.
  7. Once registered, click the identifier you registered.
  8. Select Apps and Books for Organizations on this identifier, then click Continue.
  9. Click Save.

Note: If you don’t see the Services IDs or Apps and Books for Organizations options, your account may not be enabled as an MDM vendor.

Configure an authorization key for Apps and Books for Organizations API

  1. Register a Services ID for each service that uses the Apps and Books for Organizations API.
  2. In Certificates, Identifiers & Profiles, click Keys in the sidebar, then click the add button (+) on the top left.
  3. Under Key Name, enter a unique name for the key.
  4. Select Apps and Books for Organizations, then click Continue.
  5. Click Configure and select the Services ID identifier registered and enabled for this feature. You can associate two keys with each identifier.
  6. Optionally, click Download to generate and download the key now.
  7. If you download the key, it’s saved as a text file with a .p8 file extension in the Downloads folder.
  8. Get the key identifier (kid) to create a JSON Web Token (JWT) that you’ll use to communicate with the capabilities you enabled and visit Generating Developer Tokens.
  9. Click Done.

Required role: Account Holder or Admin.

Key Management Notes

  • Save the authorization key in a secure place because the key is not saved in your developer account and you won’t be able to download it again. If the Download button is disabled, you previously downloaded the key.
  • If you suspect a private key is compromised, first create a new private key associated with the services identifier. Then, after transitioning to the new key, revoke the old private key.

Note: An authorization key can be enabled either for Media APIs or the Apps and Books for Organizations API.