I’m using RevenueCat to add subscriptions to an existing app on the App Store.
The recommended path is to generate an App Store Connect API key and share it with RC. When you first enable this API, Apple requires you to agree never to share the secret keys outside your team. Uploading them to RevenueCat seems like a violation.
I’m assuming that in practice Apple doesn’t care. But is there any official word on this?
Hey
Apple’s terms generally caution against sharing secret keys outside your team, but uploading them to RevenueCat is considered a standard practice within the industry, and one used by many developers - this to say, that Apple has not disallowed our use case!
The App Store Connect API key is used to fetch product and pricing information from your App Store Connect account to help keep your RevenueCat dashboard accurate and up to date. It doesn’t perform any privileged or state-changing actions in your Apple account.
Let us know if you’d like help setting it up.
Thanks for the reply. I got it set up without problem; your instructions are excellent. I simply wanted to understand my risk here as a small business owner who is dependent on staying on Apple’s good side.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.