31

Problem

While I'm trying to send my application via Fastlane I face with this error:

Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com (-22938)

Transporter transfer failed.Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com (-22938)Your account has 2 step verification enabled. Please go to https://appleid.apple.com/account/manage and generate an application specific password for the iTunes Transporter, which is used to upload builds. To set the application specific password on a CI machine using an environment variable, you can set the FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD variable.

Please provide your Apple Developer Program account credentials The login information you enter will be stored in your macOS Keychain Password (application-specific for xxx@yyy.com)

MGY
  • 7,245
  • 5
  • 41
  • 74

5 Answers5

28

Solution

As the error message says, we need to create an app-specific password at the:

http://appleid.apple.com

address. Go to the security section and use the Generate Password.

Generate Password

Use the Generate Password link to create a new password. Copy and paste the password and don't forget you won't be able to find the password again after you click on the Done button.

FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD

Then, set the FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD environment variables at your bash or your .bash_profile file. This file could be different depending on your choice for the bash on your terminal. For example, if your bash of choice is ZSH like mine, you need to edit the .zshrc file.

Then re-run your Fastlane with:

bundle exec fastlane beta --verbose

Note: When you can not enter the security code manually, as on a Continuous Integration system, you have to use other ways to log in. The application-specific password will not work if your action usage does anything else than uploading the binary, e.g. updating any metadata like setting release notes or distributing to testers, etc.

Generating a login session for Apple ID

As your CI machine will not be able to prompt you for your two-factor authentication or two-step verification information, you need to generate a login session for Apple ID in advance. You can get on your local machine this by running:

fastlane spaceauth -u user@email.com

What Else?

⚠️ If you've Apple ID without 2FA

Apple ID without 2FA is deprecated! Apple announced that as of February 27th 2019, it would enforce 2-factor authentication on developer Apple IDs with the "Account Holder" role. Since then, they extended this rule to all roles, and then later throughout 2020 they slowly enforced all existing accounts to register 2FA. As of March 3rd, 2021, no accounts without 2FA registered are able to login until they register a 2FA method, essentially breaking all "non-2FA compliant Apple IDs" that still existed. For this reason, when using fastlane in your CI, you will have to work your way with 2FA.

for more, please check the fastlane documentation .

Hope this helps!

MGY
  • 7,245
  • 5
  • 41
  • 74
  • Does that password has to be visible in clear in it the bash profile? Isn't it a security issue? – Larme Jan 30 '19 at 11:21
  • Of course, you can set at the environment variables too... I believe it's a secure server machine that specifically used for your CI process. Best. – MGY Jan 31 '19 at 10:55
  • I have an "app-specific password"... I need to sign in... where now? – Gerry Apr 09 '21 at 15:38
  • Sorry, I didn't understand your question, please read carefully. Best – MGY Apr 11 '21 at 16:24
  • @mgyky I am using the spaceauth but still getting an error to set FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD. Can you help me here ? – ankitjaiswal Jan 14 '23 at 14:21
  • @ankitjaiswal If you're using your AppleID without 2FA you can have the same error. Apple ID without 2FA is deprecated. Please check this page: https://docs.fastlane.tools/getting-started/ios/authentication/ – MGY Jan 17 '23 at 09:34
  • @mgyky Thanks I was able to set Fastlane_session on bitrise. But cookie is getting expired in every 8 hours instead of 30 days. Any idea about it ? – ankitjaiswal Jan 17 '23 at 10:16
  • No idea why dear @ankitjaiswal – MGY Feb 10 '23 at 20:58
13

I met the issue, but set the FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD environment variables at .zshrc (I'm using ZSH) didn't work.

Instead, I set that var in Fastfile:

before_all do
  ...
  ENV['FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD']= 'xxxx-xxxx-xxxx-xxxx'
  ...
end
Dharman
  • 30,962
  • 25
  • 85
  • 135
phuongtm
  • 379
  • 3
  • 9
8

Here is a screnshot of the error enter image description here

and here is where to create the app-specific password enter image description here

Jonathan Sanchez
  • 7,316
  • 1
  • 24
  • 20
8

Easy way to fix this issue
Question: enter image description here Answer:
step1
enter image description here step2
enter image description here step3
enter image description here
step4
enter image description here

  1. https://appleid.apple.com
  2. create App-Specific Password
  3. enter a string like an example
  4. got your App-Specific Password

Done:
enter image description here

Willie Cheng
  • 7,679
  • 13
  • 55
  • 68
1

I had issues trying to use pilot/upload_to_testflight along side FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD. It was always giving me error on the 2FA step. Turns out that in order for pilot to use that env variable 2 arguments must to be passed on, apple_id and skip_waiting_for_build_processing, otherwise normal username and password auth will be used.

pilot(apple_id: ENV["YOUR_ID"],
        skip_submission: true,
        skip_waiting_for_build_processing: true)

Note that this only works only for upload, for any other interactions the recommended approach is to use api_key.

SergioM
  • 1,595
  • 1
  • 15
  • 27