mcp-appstore-reviews
Enables reading Apple App Store customer reviews, publishing developer responses, and deleting them via the App Store Connect API with a narrow Customer Support role.
README
mcp-appstore-reviews
A small, reviews-only MCP server for the Apple App Store, backed by the App Store Connect API. It lets an agent read customer reviews and publish or delete developer responses — and deliberately nothing else.
Why so narrow?
The capability boundary is the trust guarantee. This server exposes only the three review tools below. There is intentionally no build, release, submission, pricing, in-app-purchase, certificate, profile, or beta-tester tool, so the App Store Connect key you give it can't be used to do any of those things. Scope the key itself narrowly too (the Customer Support role is enough).
It is also dependency-free — pure Node 18+ (fetch + built-in crypto),
no third-party packages — so there is no supply chain to audit beyond this one
file (index.mjs).
Tools
| Tool | Description |
|---|---|
list_reviews |
List reviews for an app (newest first by default), including any existing developer response and its id. Filters: territory, rating, sort (recent/favorable/critical), limit. |
respond_to_review |
Publish a developer response to a review (reviewId, responseBody). |
delete_review_response |
Delete a developer response by its responseId (from list_reviews). |
Authentication
Create an App Store Connect API key (Users and Access → Integrations → App Store Connect API). Use the Customer Support role — it can manage reviews without the broader powers of Admin. Then provide:
| Env var | What |
|---|---|
APP_STORE_CONNECT_ISSUER_ID |
Issuer ID shown at the top of the Integrations page |
APP_STORE_CONNECT_KEY_ID |
Key ID of the API key |
APP_STORE_CONNECT_PRIVATE_KEY_PATH |
Path to the downloaded .p8 private key file |
The private key is read only to sign a short-lived ES256 JWT for Apple; it is never logged, copied, or sent anywhere but Apple's API.
Run
# stdio MCP server
APP_STORE_CONNECT_ISSUER_ID=... \
APP_STORE_CONNECT_KEY_ID=... \
APP_STORE_CONNECT_PRIVATE_KEY_PATH=/path/to/AuthKey_XXXX.p8 \
npx -y github:ForgeHQ-Agents/mcp-appstore-reviews
The agent passes the app's numeric App Store ID as appId (find it in App Store
Connect → your app → App Information, or in the app's App Store URL).
Test
npm test # node --test, zero dependencies
License
MIT
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.