App Store

    Transporter Transfer Failed: App-Specific Password Error

    Apple ID account page generating an app-specific password to fix a Transporter transfer failed upload error.

    The Transporter transfer failed error about an app-specific password means the credentials you used to upload were not accepted, almost always because your Apple ID has two-factor authentication and you tried to use your normal password instead of an app-specific password. Two-factor accounts, which is now effectively all of them, cannot authenticate command-line or Transporter uploads with the regular Apple ID password. Generate an app-specific password at appleid.apple.com and use it in Transporter, or in Fastlane through the app-specific-password environment variable. For continuous integration, the more reliable option is an App Store Connect API key, which avoids app-specific passwords entirely.

    Short answer

    The error means your upload credentials were rejected, and the fix is to use an app-specific password instead of your Apple ID password. Per Apple's app-specific password guidance, accounts with two-factor authentication require an app-specific password for tools like Transporter and altool, which you generate at appleid.apple.com under Sign-In and Security. In Fastlane, provide it through the FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD environment variable, per the Fastlane authentication docs. For CI and automation, prefer an App Store Connect API key, which uses a key file rather than a password and avoids two-factor prompts entirely. Never use your plain Apple ID password for these uploads.

    Why the app-specific password error happens

    The error happens because Apple requires two-factor authentication on developer accounts, and tools that upload builds, such as Transporter and the command-line altool, cannot complete a two-factor challenge the way a browser can. To let these tools authenticate, Apple provides app-specific passwords, which are single-purpose credentials tied to your account but usable without an interactive second factor. If you supply your normal Apple ID password instead, it is rejected, producing the transfer failure.

    So the message is really telling you the wrong kind of credential was used. It is not that your account is broken or your password is wrong in general; it is that a two-factor account needs an app-specific password for this path. An expired or revoked app-specific password produces the same failure, which is why regenerating one is often the fix even if you thought you were already using it.

    How to generate an app-specific password

    Generate the password from your Apple ID account page, not from App Store Connect. Sign in at appleid.apple.com, open the Sign-In and Security section, and find App-Specific Passwords. Create a new one, give it a recognizable name like Transporter or CI, and Apple shows you a password in a grouped format. Copy it immediately, because it is displayed only once.

    Treat that value as a secret. It grants upload access to your account, so store it the way you would any credential, in your CI secret store or a password manager, not in a file in your project. If you lose it or suspect it leaked, revoke it from the same page and generate a new one. You can hold several app-specific passwords at once, so using a separate, clearly named one per tool or machine makes them easy to rotate and revoke.

    Using it with Transporter

    In the Transporter app, sign in with your Apple ID and, when prompted for the password, enter the app-specific password rather than your normal one. That is the whole fix for the interactive case: Transporter accepts the app-specific password, the two-factor requirement is satisfied, and the transfer proceeds. If it still fails, the most common reasons are a mistyped password or one that has been revoked, so regenerate and try again.

    The same principle applies to altool on the command line, where you pass the app-specific password in place of your account password. Whether you upload through the Transporter app or a script, the credential that works is the app-specific password, and the credential that fails is your plain Apple ID password, because the account uses two-factor authentication.

    Fastlane environment variables

    Fastlane authenticates through environment variables, and the one that carries the app-specific password is FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD. Set that to the app-specific password you generated, along with your Apple ID in FASTLANE_USER, and Fastlane's upload actions can then authenticate without an interactive second factor. This is the direct equivalent of typing the app-specific password into Transporter, expressed as configuration.

    Keep these values in your CI secret store rather than in the Fastfile or the repository, since they are credentials. Setting FASTLANE_USER and the app-specific-password variable is enough for the common upload flow, but if you see repeated session or two-factor issues in automation, that is usually the signal to move to the App Store Connect API key instead, which Fastlane also supports and which is more robust for unattended builds.

    Better for CI: the App Store Connect API key

    For continuous integration, an App Store Connect API key is the more reliable choice than an app-specific password. Instead of a password, you create an API key in App Store Connect, which gives you a key ID, an issuer ID, and a downloadable .p8 key file, and tools authenticate with those. Because it is designed for programmatic access, it does not involve your personal password or trigger two-factor prompts, which makes unattended CI far more stable.

    Fastlane supports this directly through its App Store Connect API key configuration, and once set up it replaces the Apple ID and app-specific password entirely for uploads. The trade-off is a little more initial setup, but for any automated pipeline it is worth it, because you avoid the session and password issues that make app-specific passwords fragile in CI. For a one-off local upload, the app-specific password is fine; for a pipeline, prefer the API key.

    Authentication options compared

    The available credentials suit different situations. The table below compares them.

    MethodHow you provide itBest for
    App-specific passwordGenerated at appleid.apple.comTransporter and simple local uploads
    App Store Connect API keyA .p8 key file with key and issuer IDsCI, automation, unattended builds
    Plain Apple ID passwordNot accepted with two-factorNever for these uploads

    Read the table by where you are uploading from. For a manual upload through Transporter, the app-specific password is the quick answer, and for a pipeline, the API key is the durable one, while the plain Apple ID password is not an option for either because of two-factor authentication.

    Fix checklist

    A short sequence resolves the error and prevents it recurring. The checklist below covers it.

    CheckActionDone?
    Generate passwordCreate an app-specific password at appleid.apple.com[ ]
    Use itEnter it in Transporter or altool in place of your password[ ]
    Fastlane variableSet FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD in CI secrets[ ]
    Prefer the API keyUse an App Store Connect API key for automated pipelines[ ]
    Retry the uploadRe-attempt the transfer with the correct credential[ ]

    The step that resolves most cases immediately is simply generating a fresh app-specific password and using it in place of your Apple ID password. If the failure is in CI and recurs, moving to the App Store Connect API key is the more permanent fix.

    After upload: scan before you submit

    Fixing authentication gets your build uploaded, but a build that transfers successfully still has to pass review, and a preventable security or privacy issue can cause a rejection unrelated to how you uploaded. Those issues are cheaper to catch before submission than after.

    A scanner like PTKD.com analyzes your .ipa and reports findings ordered by severity and mapped to OWASP MASVS, so you catch issues like unjustified permissions, cleartext traffic, or embedded secrets before you submit. To be clear about the boundary: PTKD does not manage your credentials, generate an app-specific password, or configure an API key. It checks the uploaded build's security, which is a separate concern from the authentication that got it there.

    What to take away

    • The app-specific password error means your upload credential was rejected because a two-factor account cannot use the plain Apple ID password.
    • Generate an app-specific password at appleid.apple.com under Sign-In and Security, and use it in Transporter or altool in place of your password.
    • In Fastlane, provide it through FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD, and keep it in your CI secret store, not the repository.
    • For CI and automation, prefer an App Store Connect API key, which uses a key file, avoids two-factor prompts, and is more reliable than a password.
    • Treat these credentials as secrets, and after uploading, scan the build with PTKD.com for the separate matter of review-blocking security issues.
    • #transporter
    • #app-specific password
    • #fastlane
    • #app store connect api
    • #code signing

    Frequently asked questions

    Why does Transporter fail with an app-specific password error?
    Because Apple requires two-factor authentication, and tools like Transporter and altool cannot complete a two-factor challenge interactively. They need an app-specific password, a single-purpose credential usable without a second factor. Supplying your normal Apple ID password, or an expired or revoked app-specific password, is rejected and produces the transfer failure.
    How do I generate an app-specific password?
    Sign in at appleid.apple.com, open Sign-In and Security, and find App-Specific Passwords. Create one, name it something recognizable like Transporter or CI, and copy the grouped-format password Apple shows, since it is displayed only once. Store it as a secret in a password manager or CI secret store, and revoke and regenerate it if it leaks.
    How do I use the app-specific password in Fastlane?
    Set the FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD environment variable to the password you generated, along with your Apple ID in FASTLANE_USER, and Fastlane's upload actions authenticate without an interactive second factor. Keep both values in your CI secret store rather than the Fastfile or repository, since they are credentials.
    Should I use an app-specific password or an API key for CI?
    For CI, prefer an App Store Connect API key. You create it in App Store Connect and get a key ID, an issuer ID, and a downloadable .p8 file, and tools authenticate with those. Because it is built for programmatic access, it does not use your personal password or trigger two-factor prompts, making unattended pipelines far more stable than an app-specific password.
    Can I still use my regular Apple ID password to upload?
    No. With two-factor authentication, which is required on developer accounts, the plain Apple ID password is not accepted by Transporter or altool. You must use either an app-specific password or an App Store Connect API key. This is why the transfer fails when the regular password is supplied, regardless of it being correct for signing into the website.
    Does fixing authentication mean my build will pass review?
    No. Fixing the credential only gets the build uploaded; it can still be rejected in review for reasons unrelated to authentication, such as security or privacy issues. A scanner like PTKD.com (https://ptkd.com) checks your .ipa for unjustified permissions, cleartext traffic, and embedded secrets, mapped to OWASP MASVS, which is separate from the upload credential.

    Keep reading

    Scan your app in minutes

    Upload an APK, AAB, or IPA. PTKD returns an OWASP-aligned report with copy-paste fixes.

    Try PTKD free