working with apple while developing apps
TRANSCRIPT
Outline
1. How Apple restricts apps that run on devices
2. How to get apps on devices for testing
3. Managing apps under development
4. Submitting an app to the App Store
Glossary
Other Resources
Tangential Topics
Code Signing
● Generally, the only way to put an app on an Apple mobile device such as
an iPhone or iPad is through the App Store
● Apple ensures that non-App Store apps will not run on devices using a
process called Code Signing
● All of the apps in the App Store have been code signed by Apple -- this is
like a digital signature embedded in the app when the app appears in the
App Store
● This code signing process is built directly into the operating system of
Apple mobile devices (iOS)
● Before an app starts on a device, iOS checks to make sure the app is
properly code signed -- if it is not, the app will not launch
● The code signing digital signature is generated using the app’s code itself,
so this process also ensures that the app has not been altered since it has
been signed
Running Apps on a Device
● If apps can only get on devices through the App Store, does that mean that
a developer building an app has to put it in the App Store and get it code
signed by Apple before he can test it on his own phone?
o This would mean he would also have to put it through the App Store again for every minor
code change as he continues to work on it, since code signing ensures that the app hasn’t
been changed between being signed and running
● Thankfully, no -- there is a process for developers to code sign apps
themselves, but it’s complicated
How Do Developers Do It?
● Developers who want to run apps on devices during development must
register themselves and their devices with Apple
● All registration happens at developer.apple.com (the “Developer Portal”)
● First, a developer joins Apple’s iOS Developer Program, which costs $99
per year, per developer
o A company with multiple developers must also register, for another $99
Code Signing by Developers
Registering Devices
● Then, the developer registers each device that he wants to run his app on
with Apple
o The area of the Developer Portal where a developer can complete this and the remaining
steps is only available to developers in the iOS Developer Program
o The developer specifies each device’s Unique Device Identifier (UDID), which can be
found by connecting the device to a computer and examining it in iTunes or Xcode
● There is a strict limit of 100 devices that can be registered for a particular
app
● Next, the developer requests a Code Signing Certificate from Apple, which
allows him to code sign the app he is developing
o This uses the mac’s Keychain system and public/private key encryption
● The developer also specifies an Identifier for his app with Apple
o Every app has a unique identifier, called a Bundle ID, Application ID, or Identifier
o The format typically looks something like “com.strava.run”
Register Everything with Apple
● Finally, the developer goes back to the Developer Portal once more to
create a Provisioning Profile, which combines:
o The developer’s Code Signing Certificate
o The App Identifier
o The UDID’s of all the devices registered for the app
● The developer downloads the Provisioning Profile to the computer he is
developing on and connects his device to the computer
The Provisioning Profile
● Now, finally, the developer can install the app on his device and run it
o The developer installs the app on the attached device through Xcode (code signing it in the
process), and specifies a Provisioning Profile to install with the app at the same time
● As always, before the app starts, iOS checks to see if the app has been
code signed by Apple
● But this time it sees that the app has been code signed by the developer --
● So it checks the Provisioning Profile, where it sees that Apple has been
notified that this device has been registered by this developer for testing
this particular app -- and with that confirmation, it launches the app
Running On a Device
● Code Signing, Provisioning Profiles -- all of this stuff is a source of
confusion and frustration, even for professional developers
● These things can easily get out of sync with each other when new
developers join a team or someone adds a new device to be used for
testing, and they will stop working until they are properly updated
● Many iOS developers may not even be clear on the details of how they
work
Nobody Likes this Stuff
● There is an alternative to specifying everything in a Provisioning Profile --
businesses can develop proprietary apps for internal use and distribute
them privately to employees
● This method avoids the burden of submitting the apps to the App Store or
even having the apps approved by Apple, and is not limited to 100 devices
● But there are restrictions --
o Businesses must join the iOS Developer Enterprise Program for $299 per year
o A device can only have enterprise apps from one employer installed at any time
● This method is not typically used outside of large corporations
Enterprise Distribution
● Developers submit apps to the App Store through an Apple website called
iTunes Connect (itunesconnect.apple.com)
● iTunes Connect is also how developers manage the way their apps appear
in the App Store
● First, a developer creates a iTunes Connect record for an app under
development
iTunes Connect
● Then, the developer then specifies basic information that will appear in the
app’s entry in the App Store
o The app name
o What category the app should appear under
o Keywords for searching
o Maturity rating
o Images of the app, such as screenshots
o App description for the app’s entry in the App Store
o Developer’s company name for payment (iTunes Connect is also where the developer
agrees to the necessary legal forms related to payment)
Basic App Information
● More complex features are also handled through iTunes Connect
o Providing promotional codes for certain users (e.g. press) to download the app for free
o Free trials for in-app purchases
o Manage Smart App Banners (those rows that appear at the top of mobile web sites that
encourage users to download the app)
● iTunes Connect also contains a few tools for analyzing an app’s
performance
o Charts showing downloads and sales over time
o Financial reports
Additional Functions
● When an app is ready for public distribution, the developer submits it to
Apple through iTunes Connect
● Xcode is integrated with iTunes Connect for this purpose
● The developer first downloads the record he created for the app in iTunes
Connect
● The developer then associates that record with the app in Xcode
● Finally, the developer saves a version of the app that includes the record
and uploads that to iTunes Connect directly from Xcode
Submission Process
● The app can’t appear in the App Store until Apple approves it, which
typically takes 1-5 days
● Once an app is approved, the developer can push it live to the App Store
o There is also an option to have it go live automatically as soon as Apple approves it, but
this option makes it harder to coordinate the release with website changes, marketing, PR,
etc.
Approval is Required
● When an app is submitted, Apple will perform a basic check to ensure
quality of the app, which includes:
o Features, functionality, user experience & interface all fit the product’s description
o Reliability -- reasonable data/battery usage, stable, doesn’t crash
o Conforms to Apple’s guidelines for usability (called the Human Interface Guidelines)
o Follows recommended programming practices, such as storage of data
o Is not bloated -- overall file size and load time are reasonable
Approval Standards
● Apple also has a long list of prohibitions -- too many to list here
● Some of the prohibitions are intuitive
o Cannot use Apple’s copyrighted imagery such as buttons elements from Apple apps
o Cannot circumvent Apple’s in-app payment system
o Must obtain user consent before accessing the user’s location data
Additional Reasons for Rejection
● Some other reasons for rejection are not so intuitive
o Too niche, too repetitive of existing apps, or duplicates built-in apps
o It can’t just be a mobile website, it must “feel” like a native app
o It can’t be a “test” or a “beta” version -- it must be a final product
o No porn or other content that Apple finds offensive
o It can’t use native elements in a way they weren’t intended -- e.g. vibration can only be
used in quick bursts for notification purposes
Even More Reasons for Rejection
● An app can be rejected even without violating a specific prohibition --
developers really are at Apple’s mercy
● Thankfully, rejected apps can be re-submitted after modifying the offending
elements
Dealing with Rejection
That’s it for content! The rest of the slides are further reading, glossary, etc.
Please submit feedback to [email protected] and tell me:
● Were these topics interesting? Useful at your job?
● Was this stuff too technical / too basic / just right?
● What other topics are you curious about (iPhone or otherwise)?
Fin.
● Application ID
● App Identifier
● Bundle ID
● Code Signing
● Code Signing Certificate
● Developer Portal
● Human Interface Guidelines (HIG)
● iOS
● iOS Developer Enterprise Program
● iOS Developer Program
● iTunes Connect
Terminology Introduced
● Provisioning Profile
● Smart App Banner
● Unique Device Identifier (UDID)
Other Resources
● developer.apple.com - the ultimate authority - somewhat technical - hard
to navigate - some portions are only available to developers - includes:
o App Distribution Quick Start Guide
o App Distribution Guide
● Escoz Inc. blog post on iOS Code Signing and Provisioning Profiles
● Flippa blog post on some reasons for App Store rejection
If any of these are particularly useful for you, let me know
Tangential Topics
● Code Signing - there is a lot more to it, it can get quite technical
● iTunes - developers use it to access certain files on devices
● Keychain - involved in code signing
● Public/Private Key Encryption - a technical topic, involved in code
signing
● Xcode - software used to write apps, will be covered elsewhere in the
course
Let me know if any of these topics are interesting to you