eas build and expo build:ios both fail due to authentication issue with Apple Developer Portal

Running either expo build:ios or eas build -p ios both fail due to an authentication with Apple, despite using the correct credentials.


expo build:ios has been superseded by eas build. Learn more: https://blog.expo.dev/turtle-goes-out-to-sea-d334db2a6b60

Run the following:

› npm install -g eas-cli
› eas build -p ios https://docs.expo.dev/build/setup/

expo build:ios will be discontinued on January 4, 2023 (359 days left).

✔ Choose the build type you would like: › archive
Checking if there is a build in progress...

Accessing credentials for owencm in project fabbears
✔ Do you have access to the Apple account that will be used for submitting this app to the App Store? … yes

› Log in to your Apple Developer account to continue
✔ Apple ID: … **************
› The password is only used to authenticate with Apple and never stored on EAS servers
  Learn more: https://bit.ly/2VtGWhU
✔ Password (for **************): … ***********
› Saving Apple ID password to the local Keychain
  Learn more: https://docs.expo.dev/distribution/security#keychain
✖ Logging in...
Authentication with Apple Developer Portal failed!
Received an internal server error from Apple's App Store Connect / Developer Portal servers, please try again later
Error: Received an internal server error from Apple's App Store Connect / Developer Portal servers, please try again later
    at Object.getAppleResponseError (/usr/local/share/.config/yarn/global/node_modules/expo-cli/node_modules/@expo/apple-utils/build/index.js:1:1004908)
    at block (/usr/local/share/.config/yarn/global/node_modules/expo-cli/node_modules/@expo/apple-utils/build/index.js:1:1012486)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    at retryRequestAsync (/usr/local/share/.config/yarn/global/node_modules/expo-cli/node_modules/@expo/apple-utils/build/index.js:1:1013224)
    at sendRequestAsync (/usr/local/share/.config/yarn/global/node_modules/expo-cli/node_modules/@expo/apple-utils/build/index.js:1:1012261)
    at postItunesLoginRequestAsync (/usr/local/share/.config/yarn/global/node_modules/expo-cli/node_modules/@expo/apple-utils/build/index.js:1:873899)
    at attemptLoginRequestAsync (/usr/local/share/.config/yarn/global/node_modules/expo-cli/node_modules/@expo/apple-utils/build/index.js:1:872257)
    at Object.loginWithUserCredentialsAsync (/usr/local/share/.config/yarn/global/node_modules/expo-cli/node_modules/@expo/apple-utils/build/index.js:1:871709)
    at loginWithUserCredentialsAsync (/usr/local/share/.config/yarn/global/node_modules/expo-cli/src/appleApi/authenticate.ts:133:22)
    at loginAsync (/usr/local/share/.config/yarn/global/node_modules/expo-cli/src/appleApi/authenticate.ts:92:12)

(I have actually solved this now, but creating issue and will post solution below for other people’s future reference)

It turns out that Apple have blacklisted my hosting provider (DigitalOcean) from making network requests to them, so it is not possible to run eas build etc with credentials from certain hosting providers.

This was determined by eventually managing to get more details on the error, discovering it’s a 502 error from Apple’s servers and reading online about people getting 502 errors from Apple for similar scenarios.

I do not have a workaround yet, but things that come to mind for people to try are:

  1. Generating the certs (e.g. .p12 file) elsewhere and then using them when building instead of using flows where you provide credentials that are sent to Apple.
  2. Proxying requests through another server on a hosting provider that is not blacklisted.
  3. Switching hosting providers (which is very inconvenient, and the other hosting provider could then get blocked).