I'm trying to understand the IAP development process. I created my first Product on App Store Connect and am trying to build my app to use it. However it keeps failing with "Invalid product ID.". From what I've read, this is because the product has not yet gone through review. But what I don't understand is, of course it hasn't gone through review yet, because trying to use it in any capacity fails, even though I'm using a real physical device and using a Sandbox User. Is this the correct workflow? It seems very backwards that I have to submit the product for review, even before I know how it's going to be used. I'm still building the screen for the product page, and haven't even started touching any backend APIs, yet it's asking for screenshots. Am I misunderstanding something here?

I'm using Expo EAS to try and submit a build to Test Flight. During the submission, there's two paths I've tried and both fail with the same error: "This request is forbidden for security reasons - The API key in use does not allow this request" The first way, it asks "Generate a new App Store Connect API Key" which I respond yes and it fails with the above message. The second way, I respond no to the above question and specify a path to the API Key that I manually created under "Individual API Key" in my Apple Connect account. Is this the correct place to have created this API Key? Is there a different type of API Key I should be using? Or is this a permission issue with my Apple account? I am not the account owner but it looks like I have the correct permissions as far as I can tell. TIA!