appcircleio · fuatguzel · Nov 22, 2025 · Nov 22, 2025 · Nov 28, 2025 · Nov 28, 2025
diff --git a/docs/_personal-api-token-reference.mdx b/docs/_personal-api-token-reference.mdx
@@ -1 +1 @@
-- For details on generating an Appcircle Personal API Token, visit [Generating/Managing Personal Access Keys](/account/my-organization/security/personal-access-key).
+- For details on generating an Appcircle Personal Access Key, visit [Generating/Managing Personal Access Keys](/account/my-organization/security/personal-access-key).
diff --git a/docs/marketplace/fastlane/enterprise-app-store/index.md b/docs/marketplace/fastlane/enterprise-app-store/index.md
@@ -53,7 +53,7 @@ After adding the plugin to your project, configure your Fastfile as follows:
 ```ruby
   lane :distribute_app_store do
     appcircle_enterprise_app_store(
-      personalAPIToken: "$(AC_PERSONAL_API_TOKEN)",
+      personalAccessKey: "$(AC_PERSONAL_ACCESS_KEY)",
       appPath: "$(APP_PATH)",
       summary: "$(SUMMARY)",
       releaseNotes: "$(RELEASE_NOTE)",
@@ -62,7 +62,13 @@ After adding the plugin to your project, configure your Fastfile as follows:
   end
 ```
 
-- `personalAPIToken`: The Appcircle Personal API token is utilized to authenticate and secure access to Appcircle services, ensuring that only authorized users can perform actions within the platform.
+#### Authentication Parameters
+
+The plugin supports two authentication methods. You can use either `personalAccessKey` (recommended) or `personalAPIToken` (legacy), but not both at the same time.
+
+- `personalAccessKey` (recommended): The Appcircle Personal Access Key used to authenticate and authorize access to Appcircle services. This is the recommended authentication method. The plugin will automatically generate a Personal Access Token (PAT) from your Personal Access Key using the Auth API.
+
+- `personalAPIToken` (legacy, optional): The legacy Personal API Token used for authentication. This parameter is maintained for backward compatibility. It is recommended to migrate to `personalAccessKey` for better security and future compatibility. If you use this parameter, the plugin will use it directly without generating a PAT. For more details, check out the **[release notes](https://docs.appcircle.io/release-notes#3-29-4)**.
 - `appPath`: Indicates the file path to the application package that will be uploaded to Appcircle Testing Distribution Profile.
 - `releaseNotes`: Contains the details of changes, updates, and improvements made in the current version of the app being published.
 - `summary`: Used to provide a brief overview of the version of the app that is about to be published.

diff --git a/docs/marketplace/fastlane/testing-distribution/index.md b/docs/marketplace/fastlane/testing-distribution/index.md
@@ -46,7 +46,7 @@ Currently, plugins are only compatible to use with **Appcircle Cloud**. **Self-h
 
 ### User Permission Requirements
 
-To perform operations such as generating a Personal API Token, creating a testing distribution profile, and managing testing groups, your user role must have the necessary permissions in the target organization. For more information about user roles and permissions, please refer to the relevant sections of the Role Management documentation below.
+To perform operations such as generating a Personal Access Key, creating a testing distribution profile, and managing testing groups, your user role must have the necessary permissions in the target organization. For more information about user roles and permissions, please refer to the relevant sections of the Role Management documentation below.
 
 - Access to organization or sub-organization and generating PAT: [Organization Management Permissions](/account/my-organization/profile-and-team/role-management#organization-management-permissions).
 - Testing distribution operations and profile management: [Testing Distribution Permissions](/account/my-organization/profile-and-team/role-management#testing-distribution-permissions).
@@ -62,7 +62,7 @@ fastlane add_plugin appcircle_testing_distribution
 
 ```ruby
   appcircle_testing_distribution(
-    personalAPIToken: ENV["AC_PERSONAL_API_TOKEN"],
+    personalAccessKey: ENV["AC_PERSONAL_ACCESS_KEY"],
     subOrganizationName: ENV["AC_SUB_ORGANIZATION_NAME"],
     profileName: ENV["AC_PROFILE_NAME"],
     createProfileIfNotExists: ENV["AC_CREATE_PROFILE_IF_NOT_EXISTS"],
@@ -77,8 +77,14 @@ fastlane add_plugin appcircle_testing_distribution
   )
 ```
 
-- `personalAPIToken`: The Appcircle Personal API token used to authenticate and authorize access to Appcircle services within this plugin.
-- `subOrganizationName` (optional): Required when the Root Organization's `personalAPIToken` is used, and you want to create the profile under a sub-organization. In this case, provide the name of the sub-organization in this field. If you directly used the sub-organization's `personalAPIToken`, this parameter is not needed.
+#### Authentication Parameters
+
+The plugin supports two authentication methods. You can use either `personalAccessKey` (recommended) or `personalAPIToken` (legacy), but not both at the same time.
+
+- `personalAccessKey` (recommended): The Appcircle Personal Access Key used to authenticate and authorize access to Appcircle services. This is the recommended authentication method. The plugin will automatically generate a Personal Access Token (PAT) from your Personal Access Key using the Auth API.
+
+- `personalAPIToken` (legacy, optional): The legacy Personal API Token used for authentication. This parameter is maintained for backward compatibility. It is recommended to migrate to `personalAccessKey` for better security and future compatibility. If you use this parameter, the plugin will use it directly without generating a PAT. For more details, check out the **[release notes](https://docs.appcircle.io/release-notes#3-29-4)**.
+- `subOrganizationName` (optional): Required when the Root Organization's `personalAccessKey` or `personalAPIToken` is used, and you want to create the profile under a sub-organization. In this case, provide the name of the sub-organization in this field. If you directly used the sub-organization's `personalAccessKey` or `personalAPIToken`, this parameter is not needed.
 - `profileName`: Specifies the profile that will be used for uploading the app.
 - `createProfileIfNotExists` (optional): Ensures that a testing distribution profile is automatically created if it does not already exist; if the profile name already exists, the app will be uploaded to that existing profile instead.
 - `profileCreationSettings` (optional): If `createProfileIfNotExists` is `true` and a new profile being created, the profile will be configured with these settings.
@@ -105,18 +111,21 @@ If multiple workflows start simultaneously, the order in which versions are shar
 
 To distribute your app to a sub-organization, you can use one of the following methods:
 
-#### 1. Using the Root Organization's Personal API Token
+#### 1. Using the Root Organization's Personal Access Key (Recommended)
 
-- Obtain the `personalAPIToken` for the Root Organization. This token is used to authenticate and authorize actions within Appcircle.
+- Obtain the `personalAccessKey` for the Root Organization. This key is used to authenticate and authorize actions within Appcircle.
 - Specify the `subOrganizationName` parameter in your configuration. This parameter indicates the target sub-organization where the profile will be created and the app will be distributed.
 
-#### 2. Using the Sub-Organization's Personal API Token
+#### 2. Using the Sub-Organization's Personal Access Key (Recommended)
 
-- Invite your user to the sub-organization and obtain the `personalAPIToken` for the sub-organization. This token directly authenticates and authorizes actions within the specific sub-organization.
-- Use the sub-organization's `personalAPIToken` in your configuration.
+- Invite your user to the sub-organization and obtain the `personalAccessKey` for the sub-organization. This key directly authenticates and authorizes actions within the specific sub-organization.
+- Use the sub-organization's `personalAccessKey` in your configuration.
 
 With this configuration, the profile will be created and the app will be distributed within the sub-organization.
 
+:::tip Authentication Method
+We recommend using `personalAccessKey` instead of the legacy `personalAPIToken` parameter. The Personal Access Key provides better security and automatically generates a Personal Access Token (PAT) through the Auth API. For more details, check out the **[release notes](https://docs.appcircle.io/release-notes#3-29-4)**.
+
 ### CLI Usage
 
 Recommended method of using the action is adding it to the `Fastfile` as described [above](#how-to-add-the-appcircle-distribute-action-to-your-pipeline).
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		- For details on generating an Appcircle Personal API Token, visit [Generating/Managing Personal Access Keys](/account/my-organization/security/personal-access-key).
		- For details on generating an Appcircle Personal Access Key, visit [Generating/Managing Personal Access Keys](/account/my-organization/security/personal-access-key).