Hello,
We are using automatic signing for a couple of projects, and we're struggling to get it to work in a CI with Xcode 16. It was working with Xcode 15 but with Xcode 16 we get the following errors :
error: The operation couldn’t be completed. Unable to log in with account ''. The login details for account '' were rejected. error: Provisioning profile "iOS Team Provisioning Profile: com.bundleid.my" doesn't include signing certificate "Apple Development: Foobar (TEAMID)".
Any ideas ?
Hello,
Please login to developer.apple.com and verify that your account does not include any pending agreements. Also, make sure you are logged into your account in Xcode's settings. Then, try a build after using Xcode's Product>Clean Build Folder... command.
I've been having the same issue. Again, was fine in Xcode 15, but very temperamental in Xcode 16.
I'm using Fastlane to build and upload iOS versions and then Catalyst versions of two targets.
The iOS versions always work perfectly.
The Catalyst versions sometimes work.
Sometimes one of the targets works and the other fails.
Sometimes they both fail.
I confirmed that there's nothing that needs agreeing to on the portal, and I've started cleaning the build folder every time just to check.
Even stranger is that sometimes, when I go back to Xcode there are many Unknown Apple ID accounts that have been added to the Accounts section. They're not always there after a failed upload.
Attaching the image of the failed accounts.
The errors I'm seeing in the Fastlane output are:
Multiple occurrences of this, presumably due to the extra accounts being created:
2024-10-02 23:55:26.239 xcodebuild[53833:26449828] IDEDistribution: Failed to log in with account "(null)" while checking for an App Store Connect account (Error Domain=DVTServicesAccountBasedSessionErrorDomain Code=0 "Unable to log in with account ''." UserInfo={NSLocalizedFailureReason=Unable to log in with account ''., NSLocalizedRecoverySuggestion=The login details for account '' were rejected., DVTDeveloperAccountErrorAccount=<DVTAppleIDBasedDeveloperAccount: 0x600002390b40; username=''>, NSUnderlyingError=0x6000035617d0 {Error Domain=DVTPortalServiceErrorDomain Code=1100 "Your session has expired. Please log in." UserInfo={payload={
creationTimestamp = "2024-10-02T22:55:26Z";
httpCode = 200;
protocolVersion = QH65B2;
requestUrl = "https://developerservices2.apple.com/services/QH65B2/viewDeveloper.action";
responseId = "2630ce6d-d3ef-4782-9aad-91d72813d8ee";
resultCode = 1100;
resultString = "Your session has expired. Please log in.";
userLocale = "en_US";
userString = "Your session has expired. Please log in.";
},
error: exportArchive The operation couldn’t be completed. Unable to log in with account ''.
Your session has expired. Please log in
When logging into Xcode Accounts setting, you'll need to re-authenticate from time to time.
I'm using Fastlane to build and upload iOS versions and then Catalyst versions of two targets. The iOS versions always work perfectly. The Catalyst versions sometimes work.
If you run your commands from the Terminal app, you can use authentication keys For more information, see Distribute apps in Xcode with cloud signing.
To learn about the keys, run in Terminal:
man xcodebuild
**-allowProvisioningUpdates**
Allow xcodebuild to communicate with the Apple Developer website.
For automatically signed targets, xcodebuild will create and update profiles, app IDs, and certificates.
For manually signed targets, xcodebuild will download missing or updated provisioning profiles.
Requires a developer account to have been added in Xcode's Accounts preference pane.
** -allowProvisioningDeviceRegistration**
Allow xcodebuild to register your destination device on the Apple Developer website if necessary. Requires -allowProvisioningUpdates.
**-authenticationKeyPath**
Specifies the path to an authentication key issued by App Store Connect. If specified, xcodebuild will authenticate with the Apple Developer website using this credential. Requires -authenticationKeyID and -authenticationKeyIssuerID.
**-authenticationKeyID**
Specifies the key identifier associated with the App Store Connect authentication key at -authenticationKeyPath. This string can be located in the users and access details for your provider at (URL: https://appstoreconnect.apple.com)
**-authenticationKeyIssuerID**
Specifies the App Store Connect issuer identifier associated with the authentication key at -authenticationKeyPath. This string can be located in the users and access details for your provider at (URL: https://appstoreconnect.apple.com)
For anyone else looking here, this is what I did based on the reply above...
It took me a moment to realise I needed to add the authentication keys to the Xcode args, and use something different for Fastlane.
For anyone else looking, I added this to the top of my Fastfile
before_all do
app_store_connect_api_key(
key_id: "YOURKEY",
issuer_id: "YOUR_ISSUER_ID",
key_filepath: "path/to/key.p8"
)
end
Then when building I have this
build_mac_app(xcargs: "-allowProvisioningUpdates -authenticationKeyID YOURKEY -authenticationKeyIssuerID YOUR_ISSUER_ID -authenticationKeyPath /Users/username/key.p8")
To get back on this, adding the keyID/issuerID/keyFilePath triplet to our xcodebuild commands helps, however the problem remains that even with -allowProvisioningUpdates added to all commands, exporting a built archive fails with a "no profile found for bundle xxxx" error.
The only way I've found to fix this to manually open the project in Xcode on the CI machine, go to the "Signing and capabilities" tab, let the spinner run until Xcode shows it has managed things, and only then the CI pipeline will work. It seems to me this is what the -allowProvisioningUpdates is for, but it doesn't seem to work.