Overview
Encore connects to App Store Connect and Google Play on your behalf to read your existing subscription catalog, verify your subscription configuration, and (optionally) create new products for you. To do this, you upload a store credential once — an App Store Connect API key for iOS or a Google Play service account for Android. You upload these credentials in the Entitlements phase of the Integration Progress tracker (the step labelled Connect store). Once a credential is verified, Encore syncs your catalog automatically and you pick your subscription product from a dropdown instead of typing a Product ID by hand.These store credentials are read-and-manage credentials for your product catalog and pricing — they are scoped so Encore can list your subscriptions, verify their configuration, and create products you ask it to. They are a separate credential from the In-App Purchase signing key used for promotional offers.
iOS — App Store Connect API key
Encore reads your subscription catalog and pricing through an App Store Connect API key. Generating the key takes three values: a Key ID, an Issuer ID, and a .p8 private key file.Link your App Store ID first
Encore needs your app’s numeric App Store ID before it will accept a credential. If you added your app by pasting its App Store URL during onboarding this is already set. Otherwise, paste your App Store URL (e.g.
https://apps.apple.com/us/app/.../id123456789) or the numeric ID when prompted.Generate an API key in App Store Connect
Go to App Store Connect → Users and Access → Integrations and generate a new API key.Select the App Manager role with single-app scope (scoped to the one app you’re connecting). Encore only needs to read and manage that app’s subscription catalog — don’t grant broader access than necessary.
Copy the Key ID and Issuer ID
After generating the key, copy:
- The Key ID — a 10-character identifier (e.g.
ABCD1234EF). - The Issuer ID — a UUID shown at the top of the Integrations page (e.g.
69a6de70-...).
Download the .p8 file
Download the .p8 private key file. Apple lets you download it only once — store it securely.
Android — Google Play service account
Encore reads your Google Play catalog through a service account from the Play Developer API.Create a service account
Go to Play Console → API access and create (or reuse) a service account, then download its JSON key file.
Grant the three required permissions
In Users and permissions, grant the service account these three app-specific permissions on this app:
- View app information (read-only)
- View financial data
- Manage store presence
Security
How Encore stores your credentials. Uploaded credentials are encrypted at rest. The iOS .p8 is encrypted with a domain-separated master key and is only ever decrypted inside Encore’s credential-accessor — used to refresh your catalog and to create products you explicitly ask for. The Google Play service-account JSON is held continuously (Real-Time Developer Notifications depend on it) and its scope is enforced server-side. You can remove either credential at any time from the same Entitlements step.
After connecting
Once your credential is verified and the catalog has synced, head to the subscription product step for your platform to pick the product that gates entitlements:iOS: Add Subscription Product
Pick your subscription from the auto-synced App Store Connect catalog.
Android: Add Subscription Product
Pick your subscription from the auto-synced Google Play catalog.