Another yet article about JWT-based authentication for Apple APIs

If you came across this article, you most likely found several more before discovered mine and possibly even tried to implement Apple’s JWT-based auth as per their official docs.

I decided to write another one because I was one of the many other developers (1, 2 etc.) who spent hours struggling with 401 http response.

A short preface. I was playing around with Music API and I wanted to try out Apple music API. In order to do that I needed to authenticate all my requests with a developer token which is basically two json objects (header and body) encrypted using a quite specific algorithm with a private key that needs to be generated by Apple after finishing some button clicks in the Apple Dev Portal (or whatever it’s called).

The confusing part here is that Apple doesn’t provide a ready solution for lazy people so all that encrypting stuff needs to most likely be Googled. Here’s where I got into that very common trap: use first or second search result, copy-paste the solution without understanding what it is doing, fail and repeat searching for a next quick solution and get into the same trap again.

Here I am going to post the solution written in Ruby I came to (using solutions of other people in the internet obviously) and try to break it down so it becomes clear why it works. Note that all written here is how I processed the info so if I am wrong somewhere, just let me know in the comments. Also note that I mostly use…