starred/App-Store-Connect-CLI
1
0
Fork 0
mirror of https://github.com/rudrankriyam/App-Store-Connect-CLI.git synced 2026-04-25 15:45:48 +03:00
Code Issues 2 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #762] feat: add raw API passthrough command for arbitrary ASC API requests #207

New issue
Closed
opened 2026-02-26 21:34:00 +03:00 by kerem · 1 comment
kerem commented 2026-02-26 21:34:00 +03:00
Owner
Copy link

Originally created by @mithileshchellappan on GitHub (Feb 24, 2026).
Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/762

Summary

Add a generic API passthrough command (asc api) that allows sending arbitrary authenticated requests to the App Store Connect API, similar to gh api in the GitHub CLI.

Problem

The asc CLI has excellent coverage of common ASC workflows, but agents occasionally need to hit endpoints that do not yet have dedicated subcommands, or need to use specific query parameters/relationships not yet exposed as flags.

During a recent TestFlight distribution workflow, I needed to add a build to a beta group. The asc testflight beta-groups subcommand had no add-builds action, and asc builds add-groups was the correct path — but discovering this required trial and error across multiple subcommand trees. A raw API escape hatch would have resolved this immediately:

# Hypothetical — would have worked immediately
asc api POST /v1/betaGroups/GROUP_ID/relationships/builds \
  --body '{"data":[{"type":"builds","id":"BUILD_ID"}]}'

Every major CLI tool provides this escape hatch:

  • GitHub CLI: gh api
  • AWS CLI: aws <service> --cli-input-json
  • Google Cloud CLI: gcloud alpha api-gateway ... / raw REST
  • Stripe CLI: stripe get /v1/...

Proposal

# GET request
asc api GET /v1/apps --query "filter[bundleId]=com.example.app"

# POST with JSON body
asc api POST /v1/betaGroups/GROUP_ID/relationships/builds \
  --body '{"data":[{"type":"builds","id":"BUILD_ID"}]}'

# PATCH
asc api PATCH /v1/betaBuildLocalizations/LOC_ID \
  --body '{"data":{"type":"betaBuildLocalizations","id":"LOC_ID","attributes":{"whatsNew":"notes"}}}'

# DELETE
asc api DELETE /v1/builds/BUILD_ID/relationships/betaGroups \
  --body '{"data":[{"type":"betaGroups","id":"GROUP_ID"}]}'

# Pipe body from stdin
echo '{"data":{...}}' | asc api POST /v1/... --body -

# With pagination
asc api GET /v1/builds --query "filter[app]=APP_ID" --paginate

Flags

Flag Description
--body JSON request body (string or - for stdin)
--query Query string parameters (repeatable)
--header Additional headers (repeatable)
--paginate Follow links.next and collect all pages
--output Output format: json (default), table
--pretty Pretty-print JSON output
--jq Apply jq expression to output (like gh api --jq)

Authentication

Reuse the existing asc auth credential resolution — the command should automatically attach the JWT bearer token from the configured API key.

Scope

  • internal/cli/api/api.go: new top-level api command
  • Reuse existing HTTP client and auth token generation from internal/asc
  • Support all HTTP methods (GET, POST, PATCH, DELETE)
  • Optional: --jq flag for inline JSON filtering

Acceptance Criteria

  • asc api GET /v1/apps returns authenticated JSON response
  • asc api POST /v1/... --body '{...}' sends authenticated POST with body
  • Authentication uses existing asc auth configuration (API key, issuer, key ID)
  • --paginate follows links.next and merges data arrays
  • --pretty formats JSON output
  • Exit code reflects HTTP status (0 for 2xx, non-zero otherwise)
  • Tests pass with ASC_BYPASS_KEYCHAIN=1

Use Case

This is the single most impactful feature for agent workflows. Agents frequently encounter edge cases where they need a specific API call that either:

  1. Has no dedicated subcommand yet
  2. Requires specific filter/relationship parameters not exposed as flags
  3. Needs a newer API endpoint added after the CLI release

Rather than blocking on a CLI release for each new endpoint, asc api lets agents self-serve immediately while dedicated commands are built over time. It also serves as an excellent debugging and exploration tool for developers building on the ASC API.

Originally created by @mithileshchellappan on GitHub (Feb 24, 2026). Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/762 ## Summary Add a generic API passthrough command (`asc api`) that allows sending arbitrary authenticated requests to the App Store Connect API, similar to `gh api` in the GitHub CLI. ## Problem The `asc` CLI has excellent coverage of common ASC workflows, but agents occasionally need to hit endpoints that do not yet have dedicated subcommands, or need to use specific query parameters/relationships not yet exposed as flags. During a recent TestFlight distribution workflow, I needed to add a build to a beta group. The `asc testflight beta-groups` subcommand had no `add-builds` action, and `asc builds add-groups` was the correct path — but discovering this required trial and error across multiple subcommand trees. A raw API escape hatch would have resolved this immediately: ```bash # Hypothetical — would have worked immediately asc api POST /v1/betaGroups/GROUP_ID/relationships/builds \ --body '{"data":[{"type":"builds","id":"BUILD_ID"}]}' ``` Every major CLI tool provides this escape hatch: - **GitHub CLI**: `gh api` - **AWS CLI**: `aws <service> --cli-input-json` - **Google Cloud CLI**: `gcloud alpha api-gateway ...` / raw REST - **Stripe CLI**: `stripe get /v1/...` ## Proposal ```bash # GET request asc api GET /v1/apps --query "filter[bundleId]=com.example.app" # POST with JSON body asc api POST /v1/betaGroups/GROUP_ID/relationships/builds \ --body '{"data":[{"type":"builds","id":"BUILD_ID"}]}' # PATCH asc api PATCH /v1/betaBuildLocalizations/LOC_ID \ --body '{"data":{"type":"betaBuildLocalizations","id":"LOC_ID","attributes":{"whatsNew":"notes"}}}' # DELETE asc api DELETE /v1/builds/BUILD_ID/relationships/betaGroups \ --body '{"data":[{"type":"betaGroups","id":"GROUP_ID"}]}' # Pipe body from stdin echo '{"data":{...}}' | asc api POST /v1/... --body - # With pagination asc api GET /v1/builds --query "filter[app]=APP_ID" --paginate ``` ### Flags | Flag | Description | |------|-------------| | `--body` | JSON request body (string or `-` for stdin) | | `--query` | Query string parameters (repeatable) | | `--header` | Additional headers (repeatable) | | `--paginate` | Follow `links.next` and collect all pages | | `--output` | Output format: `json` (default), `table` | | `--pretty` | Pretty-print JSON output | | `--jq` | Apply jq expression to output (like `gh api --jq`) | ### Authentication Reuse the existing `asc auth` credential resolution — the command should automatically attach the JWT bearer token from the configured API key. ## Scope - `internal/cli/api/api.go`: new top-level `api` command - Reuse existing HTTP client and auth token generation from `internal/asc` - Support all HTTP methods (GET, POST, PATCH, DELETE) - Optional: `--jq` flag for inline JSON filtering ## Acceptance Criteria - `asc api GET /v1/apps` returns authenticated JSON response - `asc api POST /v1/... --body '{...}'` sends authenticated POST with body - Authentication uses existing `asc auth` configuration (API key, issuer, key ID) - `--paginate` follows `links.next` and merges `data` arrays - `--pretty` formats JSON output - Exit code reflects HTTP status (0 for 2xx, non-zero otherwise) - Tests pass with `ASC_BYPASS_KEYCHAIN=1` ## Use Case This is the single most impactful feature for agent workflows. Agents frequently encounter edge cases where they need a specific API call that either: 1. Has no dedicated subcommand yet 2. Requires specific filter/relationship parameters not exposed as flags 3. Needs a newer API endpoint added after the CLI release Rather than blocking on a CLI release for each new endpoint, `asc api` lets agents self-serve immediately while dedicated commands are built over time. It also serves as an excellent debugging and exploration tool for developers building on the ASC API.
kerem closed this issue 2026-02-26 21:34:00 +03:00
kerem commented 2026-02-26 21:34:01 +03:00
Author
Owner
Copy link

@rudrankriyam commented on GitHub (Feb 24, 2026):

As discussed, there are no new ones, and the tradeoff for the model to web search the endpoint is not worth it vs trying to figure it out itself

<!-- gh-comment-id:3954304523 --> @rudrankriyam commented on GitHub (Feb 24, 2026): As discussed, there are no new ones, and the tradeoff for the model to web search the endpoint is not worth it vs trying to figure it out itself
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
1.2.6
1.2.5
1.2.4
1.2.3
1.2.2
1.2.1
1.2.0
1.1.1
1.1.0
1.0.1
1.0.0
0.49.1
0.49.0
0.48.1
0.48.0
0.47.1
0.47.0
0.46.2
0.46.1
0.46.0
0.45.4
0.45.3
0.45.2
0.45.1
0.45.0
0.44.2
0.44.1
0.44.0
0.43.0
0.42.0
0.41.4
0.41.3
0.41.2
0.41.1
0.41.0
0.40.1
0.40.0
0.39.1
0.39.0
0.38.3
0.38.2
0.38.1
0.38.0
0.37.3
0.37.2
0.37.1
0.37.0
0.36.3
0.36.2
0.36.1
0.36.0
0.35.3
0.35.2
0.35.1
0.35.0
0.34.1
0.34.0
0.33.2
0.33.1
0.33.0
0.32.0
0.31.3
0.31.2
0.31.1
0.31.0
0.30.0
0.29.3
0.29.2
0.29.1
0.29.0
0.28.14
0.28.13
0.28.12
0.28.11
0.28.10
0.28.9
0.28.8
0.28.7
0.28.6
0.28.5
0.28.4
0.28.3
0.28.2
0.28.1
0.28.0
0.27.0
0.26.4
0.26.3
0.26.2
0.26.1
0.26.0
0.25.4
0.25.3
0.25.1
0.25.0
0.24.3
0.24.2
0.24.1
0.24.0
0.23.5
0.23.4
0.23.3
0.23.2
0.23.1
0.23.0
0.22.1
0.22.0
0.21.0
0.20.2
0.20.1
0.20.0
0.19.3
0.19.2
0.19.1
0.19.0
0.18.2
0.18.1
0.18.0
0.17.0
0.16.0
0.15.0
0.14.0
0.13.0
0.12.4
0.12.3
0.12.2
0.12.1
0.12.0
0.11.0
0.10.2
0.10.1
0.10.0
0.9.0
0.8.1
0.8.0
0.7.0
0.6.0
0.5.0
0.3.1
0.3.0
0.2.0
0.1.6
0.1.5
0.1.4
0.1.3
0.1.2
0.1.1
0.1.0
Labels
Clear labels   
bug

   
bug

   
documentation

   
enhancement

   
pull-request

Mirrored from GitHub Pull Request

No labels
bug
bug
documentation
enhancement
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/App-Store-Connect-CLI#207
No description provided.