We're deprecating the old session-based authorization to Apple Developer Connection with the official one using JSON Web Tokens.
Bitrise uses a step called iOS Auto Provision (will be renamed to: iOS Auto Provision with Apple ID) for Automatic Code Signing (more info here and here), and this new authentication is used by that step only. Fastlane, Deploy to iTunes Connect with Deliver, etc. will still use the session-based authentication.
Now there is a new way to connect your Bitrise account to Apple Developer Connection: the authorization will happen via a JSON Web Token. AppStore Connect API was introduced last year, and we'll also use the official solution only calling API endpoints. The good news is that now you don't have to use the whole account for authentication and you'll be able to set access levels for the keys.
The reason for the change is that the old way of connecting your Bitrise account with Apple Developer Connection is a workaround: it is session-based, and you need to enter your username and password and go through 2FA. This login is only valid for a month and it used the whole account, which was problematic for some users who didn't want to enter their credentials at all or again and again. This method will be deprecated, but you'll still be able to decide which method you'd like to use for each of your projects.
To set it up
Generate a new API key on App Store Connect under Users and Access.
Add a new one:
On Bitrise: Add an Account.
Then connect your API key.
In your workflow, remove the old iOS Auto Provision (with Apple ID) step and add the new iOS Auto Provision with App Store Connect API instead.
You can choose to add authentication methods, for example, if you want to use Fastlane, you'll need both. Go to your app on Bitrise and click the Team tab. Under the Connected Apple Developer Portal Account choose the API key (learn more about Creating API keys for App Store Connect from the official Apple docs). For more details check out our DevCenter article.