This Model Context Protocol (MCP) server lets AI agents interact with Xcode Cloud via the App Store Connect API. It can discover workflows, trigger builds, monitor progress, and pull logs, warnings, errors, and UI test artifacts.
- Discover products and workflows
- Bootstrap workflows for projects that are missing them
- Trigger builds with optional git references
- Monitor build status and actions
- Retrieve build issues and logs
- Fetch test results and UI test artifacts
- Apple Developer Account with Xcode Cloud access
- App Store Connect API key with appropriate permissions
- bun installed
- Sign in to App Store Connect.
- Open Users and Access → Integrations → App Store Connect API.
- Request access if needed, then generate an API key.
- Choose a name and role (recommended: App Manager or Developer).
- Download the
.p8private key file (only available once). - Note the Key ID and Issuer ID.
Add this to .vscode/.mcp.json in your workspace or home directory:
{
"servers": {
"XcodeCloud": {
"type": "stdio",
"command": "npx",
"args": ["-y", "xcode-cloud-mcp"],
"env": {
"APP_STORE_KEY_ID": "your-key-id",
"APP_STORE_ISSUER_ID": "your-issuer-id",
"APP_STORE_PRIVATE_KEY": "-----BEGIN PRIVATE KEY-----\n...your private key content...\n-----END PRIVATE KEY-----"
}
}
}
}You can also store the environment variables in a .env file in your workspace
folder.
Add this to your MCP configuration under Copilot -> Coding Agent in your GitHub repository's settings:
{
"mcpServers": {
"XcodeCloud": {
"type": "local",
"command": "npx",
"args": ["-y", "xcode-cloud-mcp"],
"env": {
"APP_STORE_KEY_ID": "COPILOT_MCP_APP_STORE_KEY_ID",
"APP_STORE_ISSUER_ID": "COPILOT_MCP_APP_STORE_ISSUER_ID",
"APP_STORE_PRIVATE_KEY": "COPILOT_MCP_APP_STORE_PRIVATE_KEY"
},
"tools": ["*"]
}
}
}Then, add COPILOT_MCP_APP_STORE_KEY_ID, COPILOT_MCP_APP_STORE_ISSUER_ID, and
COPILOT_MCP_APP_STORE_PRIVATE_KEY Github Actions secrets to your copilot
environment under Environments in your repository settings. If this does not
exist, try starting a copilot agent in your repository to create it.
Now you can build apps for the Apple platform in a Linux Copilot Cloud Agent!
Add this to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"XcodeCloud": {
"command": "npx",
"args": ["-y", "xcode-cloud-mcp"],
"env": {
"APP_STORE_KEY_ID": "your-key-id",
"APP_STORE_ISSUER_ID": "your-issuer-id",
"APP_STORE_PRIVATE_KEY": "-----BEGIN PRIVATE KEY-----\n...your private key content...\n-----END PRIVATE KEY-----"
}
}
}
}This can be useful to manage your workflows directly, without involving a coding agent.
list_products— see available productslist_workflows— list workflows for a productstart_build— kick off a build for a workflowget_build_run— check build statusget_test_failures— surface failed tests
"Start a build for workflow abc-123, then monitor it and
show me any warnings or errors when it completes"
"Get the test failures from build xyz-789 and show me
the screenshots from any failed UI tests"
"Show me the last 5 builds for workflow abc-123 and
summarize their status"
list_products(optionallimit)list_workflows(productId, optionallimit)create_workflow(productId,name,containerFilePath,repositoryId,gitReferenceId,description,isEnabled,clean,forceCreate)get_workflow(workflowId)
start_build(workflowId, optionalgitReferenceId)cancel_build(buildRunId)
get_build_run(buildRunId)list_build_runs(workflowId, optionallimit)get_build_actions(buildRunId)
get_build_logs(buildActionId)get_build_issues(buildRunId, optionalissueType)
get_test_results(buildRunId, optionalstatus)get_test_failures(buildRunId)get_test_artifacts(testResultId)
- Discover:
list_products,list_workflows - Start:
start_build - Monitor:
get_build_run,get_build_actions - Inspect:
get_build_issues,get_test_failures - Artifacts:
get_test_artifacts,get_build_logs
src/api/auth.ts— JWT token generation and cachingsrc/api/client.ts— App Store Connect API client with authenticationsrc/api/types.ts— API response typessrc/tools/discovery.ts— product and workflow discovery toolssrc/tools/builds.ts— build trigger toolssrc/tools/status.ts— build status toolssrc/tools/results.ts— build logs and issues toolssrc/tools/tests.ts— test results and artifacts tools
- Tokens are generated from your
.p8private key at startup. - Tokens are cached for 20 minutes with automatic renewal.
- All requests use Bearer authentication.
- Missing env vars: ensure
APP_STORE_KEY_ID,APP_STORE_ISSUER_ID, andAPP_STORE_PRIVATE_KEY/APP_STORE_PRIVATE_KEY_PATHare set. - Private key errors: check the path and permissions
(
chmod 600 /path/to/AuthKey_*.p8). - 401 Unauthorized: confirm Key ID, Issuer ID, and private key all match and the key is not revoked.
- 403 Forbidden: ensure the API key role has sufficient permissions (typically App Manager or Admin).
- Store the
.p8private key securely with restricted permissions. - Never commit private keys; prefer environment variables or secure storage.
- Rotate keys periodically and use the minimum required role.
- GitHub Actions secrets are encrypted during workflow execution.
- Linting with ESLint
- Formatting checks with Prettier
- Unit and integration tests
Required secrets: APP_STORE_KEY_ID, APP_STORE_ISSUER_ID,
APP_STORE_PRIVATE_KEY (full .p8 contents including BEGIN/END lines).
Local checks:
# Run all CI checks locally
bun run ci
# Or run individually
bun run lint # Check code quality
bun run format # Check formatting
bun test # Run unit tests- Review error messages first—they usually indicate the problem.
- Verify API credentials and workflow configuration in App Store Connect.
- See
src/for implementation details.
UNLICENSED - Private project