API keys let CI, scripts and the GitHub Action authenticate as you without signing in interactively. Instead of your login, an automated release carries a scoped token that you create in the app and can revoke at any time. Publishing a release from CI needs exactly one of these, passed as AMORE_TOKEN.
Create a key
- Open
Amore→Settings…(⌘,) and scroll toAPI Keys. You need to be signed in to Amore to manage keys. - Click
New Key. - Give it a
Nameyou'll recognize later, e.g.GitHub Actions. It's just a label. - Pick a
Scope(see below).Releaseis the default and the right choice for CI. - Click
Create.
The secret token appears once. Copy it right then: for your security, Amore never shows it again. If you lose it, delete the key and create a new one.
A token looks like amore_ followed by a long string. Treat it like a password.
Scopes
Release: upload releases and read your account. Best for CI.Full access: every endpoint, including licenses and products.
Give a key the least it needs. Release is enough to build and publish, so use it for any release pipeline. Reach for Full access only when a script also has to manage licenses or products.
Use it in GitHub Actions
Add the token as a repository secret named AMORE_TOKEN under Settings → Secrets and variables → Actions → New repository secret, then pass it into the release step:
amore-token: ${{ secrets.AMORE_TOKEN }}
That's the only Amore-specific secret the action needs. See GitHub Actions for the full workflow and the Apple signing secrets.
Use it with the CLI
Set AMORE_TOKEN in the environment and the CLI authenticates with it instead of your local sign-in, so there's no amore login step:
export AMORE_TOKEN=amore_your_token_here
amore release --scheme MyApp
This is what any CI runner or server-side script should do. When AMORE_TOKEN is set the CLI runs in token mode and won't read or write your login keychain.
Manage and rotate keys
The API Keys list shows each key's Name, Scope and Last used. Last used reads Never until the key's first request, so you can spot one that isn't being used.
To rotate a key, create a new one, update AMORE_TOKEN wherever it's stored, then delete the old key. Deleting takes effect immediately: any CI or script still using that token stops working at once. Use a separate key per pipeline or machine so you can revoke one without breaking the others.