Key ID

Private keys allow you to access and authenticate communication with some app services — such as APNs, DeviceCheck, MusicKit, and WeatherKit.

Create Key ID

In this example, we will create a key for an app to allow Sign in with Apple functionality. https://developer.apple.com/help/account/configure-app-capabilities/create-a-sign-in-with-apple-private-key

In Certificates, Identifiers & Profiles, click Keys in the sidebar, then click the add button (+) on the top left.
Under Key Name, enter a unique name for the key.
Select the checkbox Sign in with Apple and click Configure next to it. You can use any other service you want to enable. (Sign in with Apple is used just for demo purposes).
On the next page, choose the app identifier you want to use and press the Save button.
Click Continue
Review the key configuration, then click Register.
Download the key; it’s saved as a text file with a .p8 file extension.
Click Done.

Key file .p8

The key file can only be downloaded once during the creation process. Once the key has been created, it cannot be downloaded again. It is important to keep the .p8 key file in a secure location, as it is used to verify the authenticity of the Sign in with Apple service and protect user data.

If you lose the .p8 key file or need to download it again, you will need to create a new one.

Extract the public key from the Key file

To extract the public key from the .p8 key file, you will need to use a command line tool called "openssl". This tool is included with most Unix-based operating systems, such as Linux and macOS, and can also be installed on Windows.

To extract the public key from the .p8 key file using openssl, follow these steps:

Open a terminal window.
Navigate to the directory where the .p8 key file is located.
Enter the following command:

openssl ec -in [key file name] -pubout

Replace [key file name] with the name of your .p8 key file. For example:

openssl ec -in mykey.p8 -pubout

The public key will be printed on the terminal window. You can copy and paste the key into your desired location.

Find the Key ID using Apple Developer Portal

In Certificates, Identifiers & Profiles, click Keys in the sidebar, then click the add button (+) on the top left.
Select the private key to view details
The key identifier appears below the key name

PreviousService ID NextTriggers

Last updated 1 year ago

Create Key ID

In Certificates, Identifiers & Profiles, click Keys in the sidebar, then click the add button (+) on the top left.

Under Key Name, enter a unique name for the key.

Select the checkbox Sign in with Apple and click Configure next to it. You can use any other service you want to enable. (Sign in with Apple is used just for demo purposes).

On the next page, choose the app identifier you want to use and press the Save button.

Click Continue

Review the key configuration, then click Register.

Download the key; it’s saved as a text file with a .p8 file extension.

Click Done.

Key file .p8

If you lose the .p8 key file or need to download it again, you will need to create a new one.

Extract the public key from the Key file

To extract the public key from the .p8 key file using openssl, follow these steps:

Open a terminal window.

Navigate to the directory where the .p8 key file is located.

Enter the following command:

openssl ec -in [key file name] -pubout

Replace [key file name] with the name of your .p8 key file. For example:

openssl ec -in mykey.p8 -pubout

The public key will be printed on the terminal window. You can copy and paste the key into your desired location.