Getting error "Need to acknowledge to Apple's Apple ID and Privacy statement."

Question

Hi we're getting this error when using fastlane sigh/get_provisioning_profile. I don't think it is a fastlane issue as it happened before case1 case2 and got fixed by accepting the agreement or other unknown reason..

Need to acknowledge to Apple's Apple ID and Privacy statement. Please manually log into https://appleid.apple.com (or https://appstoreconnect.apple.com) to acknowledge the statement.

We went to

• https://appleid.apple.com
• https://appstoreconnect.apple.com
• https://itunesconnect.apple.com

but there's nothing to approve there.

Any ideas?

Answer 1

Have you checked your 2FA settings?

Apple announced that: "Starting February 2021, additional authentication will be required for all users to sign in to App Store Connect."

Answer 2

I had the same exact issue using Bitrise (another CI/CD tool). The error message was misleading because it wasn't related to accepting some new policies, but to the new authentication system used by the App Store Connect API.

To fix the issue I logged in Bitrise and I had to switch to the new authentication method as shown in the image below.

The old auth method was based on the credentials of a single Apple Developer user, the new method instead is based on the generation of an API Key. As you see from the screenshot below, I had to create an API key under User and Access -> Keys and then upload it to Bitrise.

I hope my case can help someone else to fix the issue. I am pretty sure you have to follow more or less the same procedure even if you're using a different tool.

Answer 3

For those, who using Pilot there is a simple solution:

Just add this to Pilot:

skip_waiting_for_build_processing: true,
apple_id: "123456789"

You can find apple_id on AppStoreConnect in General > App information

Reference: https://dev.to/dumazy/upload-to-testflight-with-fastlane-and-2fa-11k8

Answer 4

Summary:

Case 1:

* You don't want 2FA enabled

1. Update Gemfile with fastlane 2.173.0 and run bundle install, bundle update fastlane, or bundle update
2. Use SPACESHIP_SKIP_2FA_UPGRADE=1 in your CI

Case 2:

* You have 2FA enabled

* You only need non-enterprise account

1. Generate APP_STORE_CONNECT_API_KEY from appstore connect using an Account Holder role.

It looks like

-----BEGIN PRIVATE KEY-----\nabcdef12345abcdef12345\n-----END PRIVATE KEY-----

2. Add it to your CI as APP_STORE_CONNECT_API_KEY environment variable

lane :get_app_store_connect_api_key do
  ensure_env_vars(
    env_vars: [
      'APP_STORE_CONNECT_API_KEY'
    ]
  ) 
  app_store_connect_api_key(
    key_id: "12345ABCDEF",
    issuer_id: "1234abcd-12ab-12ab-12ab-123456abcdef",
    key_content: "#{ENV["APP_STORE_CONNECT_API_KEY"]}".gsub('\n', '\\n'),
    in_house: false,
  )
end

3. Pass it to your lanes

get_provisioning_profile(api_key: get_app_store_connect_api_key)

sigh(api_key: get_app_store_connect_api_key)

pilot(api_key: get_app_store_connect_api_key)

Case 3:

* You have 2FA enabled

* You need enterprise account and fetch profiles

1. Run

fastlane spaceauth -u [email protected]

2. Use the output as FASTLANE_SESSION environment variable on your CI.

3. You still need to include FASTLANE_PASSWORD

Note that this only lasts for 8 hours

Case 4:

* You have 2FA enabled

* You need enterprise or non-enterprise account

* You need to upload to appstore

1. Create FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD from https://appleid.apple.com/account/manage

2. Set it as environment variable in your ci

Case 5:

* You have 2FA enabled

* You need to download dsyms from appstore connect

1. Run

fastlane spaceauth -u [email protected]

2. Use the output as FASTLANE_SESSION environment variable on your CI.

3. You still need to include FASTLANE_USER and FASTLANE_PASSWORD

Note that this only lasts for 8 hours

Answer 5

I was experiencing it with an Apple account to authenticate and authorize the fastlane actions.

Changing my CI to use Apple API key seems to solve the issue.

Fasltane should use app_store_connect_api_key

Here the docs: http://docs.fastlane.tools/actions/app_store_connect_api_key/#app_store_connect_api_key

Answer 6

In my case the following solution worked for uploading the ipa files

lane :upload_ipa do |options|
  api_key = app_store_connect_api_key(
    key_id: "xxxxx",
    issuer_id: "xxxxxx",
    key_filepath: "./fastlane/AuthKey_xxxxx.p8", #Mention the relative path
    duration: 1200, # optional
    in_house: false, # optional but may be required if using match/sigh
  )
  # The ipa and team_id are sent as options parameters to the method
  pilot(api_key: api_key, 
    ipa: options[:ipa],
    team_id: options[:team_id],
        skip_waiting_for_build_processing: true,
    wait_processing_interval: 120,
         app_platform: options[:app_platform])
end

Answer 7

For Azure DevOps users a temporary SPACESHIP_SKIP_2FA_UPGRADE=1 works while we wait for AppStoreConnect Api key support to be merged:

https://github.com/microsoft/app-store-vsts-extension/pull/189

---

EDIT

---

Pull request has been merged and API authentication now works and is the preferred way to authenticate.