A feature-first web interface for interacting with the Apple App Store IPA files: search apps with configurable result limits (including tvOS), view versions and metadata, acquire free app licenses automatically, and download IPA files (including older and tvOS releases) with optional automatic license purchase. Supports Apple ID sign‑in with two‑factor authentication and exposes a REST API for programmatic use. Implemented as a clean, responsive frontend served by a Python Flask backend.
- Authentication: Sign in with your Apple ID (supports two-factor authentication)
- App Search: Search the App Store with customizable result limits including tvOS apps
- License Management: Acquire free app licenses automatically
- Version Control: List all available versions of an app
- Metadata Access: View version-specific metadata (display version, release date)
- IPA Downloads: Download IPA files with optional automatic license purchasing
- Modern UI: Clean, responsive interface for simple usage
- Python 3.8 or higher
- An Apple ID account
- Internet connection
-
Clone or download this repository
-
Install dependencies:
pip install -r requirements.txt
Run the Flask application:
python app.pyThe web interface will be available at http://127.0.0.1:5000
- Navigate to the web interface
- Enter your Apple ID email and password
- Click "Sign In"
- If two-factor authentication is enabled, a modal will appear:
- Enter the 6-digit verification code sent to your trusted device
- Click "Verify"
- After signing in, the search section will appear
- Enter a search term
- Optionally adjust the results limit (1-50) and choose whether to search tvOS apps vs just iOS/iPadOS apps
- Click "Search"
- Click on any app in search results, or use Direct Lookup to list versions to a specifc app id and optionally version id (to find related versions)
- View the latest version and complete version list
- Click on a version to expand its metadata
- In the expanded metadata view, click Download IPA
- It will first prepare (by downloading to the server cache), then pass that along to the browser to download
- Use a tool like iMazing or 3uTools to "officially" install the ipa. You cannot and do not need to "sideload" these as that tries to sign them and these are already signed as they are from the app store. They can be installed and will not expire.
- Some people have also had success simply Airdropping it from a macOS computer and it will actually install it without any prompt, although I've had inconsistent results.
- Another user also mentioned Sideloadly with Advanced Options > Signing Mode > Normal Install.
- In the UI we can only search for tvOS apps which doesn't give back the internal versionID needed for downloads or finding other versions
- To find that versionID, use iMazing to connect to your ATV, go to Manage Apps, right click or use option menu to Export to CSV, then use the StoreID as the App ID and the VersionID as the Version ID in this interface to both download and also find other tvOS versions
- Make sure you have the current version of the app downloaded on your Apple TV.
- Install iMazing on your Mac or PC
- Follow iMazing’s steps for connecting your Mac/PC to the Apple TV.
- In iMazing, go to Tools → Manage Apps.
- Right‑click (or use the options menu) and select Export List to CSV.
- Open the CSV file. For the app’s row:
- Store ID =
AppIDfor IPATool - Version ID =
External Version IDfor IPATool
- Store ID =
- Use those values to do a Direct Lookup
- Choose the version you want and download it
The application stores data in ~/.ipatool/:
keychain.json- Account credentialscookies.lwp- Session cookiesca-bundle.pem- Optional custom CA certificate
The application provides a REST API for programmatic access:
POST /api/auth/login- Sign in with Apple IDPOST /api/auth/logout- Sign outGET /api/account- Get current account info
GET /api/search- Search for appsPOST /api/purchase- Acquire app licensePOST /api/download- Download IPA fileGET /api/versions- List app versionsGET /api/version-metadata- Get version metadata
- Credentials are stored locally in
~/.ipatool/keychain.json - Session cookies are persisted in
~/.ipatool/cookies.lwp - The application uses password tokens for App Store authentication
- Two-factor authentication is fully supported
The application supports custom SSL certificates:
-
Disable SSL verification (not recommended):
export IPATOOL_SSL_NO_VERIFY=1 -
Use custom CA bundle:
export IPATOOL_CA_BUNDLE=/path/to/ca-bundle.pem -
Default CA bundle location: Place your certificate at
~/.ipatool/ca-bundle.pem
- Sign out and sign in again to refresh the authentication token
- A popup will prompt you to aquire the license
- This only works for free apps, if it is a paid app you must buy the app first in the App Store with the same account, then you can see it on here.
- Ensure you're entering the code correctly (spaces are automatically removed)
- Try requesting a new code if the current one expires
- Check that you have sufficient disk space
- Verify the app is available in your account's storefront
- Ensure you have the necessary license for the app
- Backend: Flask (Python)
- Frontend: Vanilla JavaScript with modern CSS
- Storage: File-based keychain and cookie persistence
- App Store Integration: Custom Python implementation of IPATool protocol
Based on the IPATool by Majd for interacting with the Apple App Store.