Working with

AppleAll the hoops Apple makes developers jump

through when developing iOS apps

Outline

1. How Apple restricts apps that run on devices

2. How to get apps on devices for testing

3. Managing apps under development

4. Submitting an app to the App Store

Glossary

Other Resources

Tangential Topics

1. How Apple restricts apps that

run on devices

Code Signing

● Generally, the only way to put an app on an Apple mobile device such as

an iPhone or iPad is through the App Store

● Apple ensures that non-App Store apps will not run on devices using a

process called Code Signing

● All of the apps in the App Store have been code signed by Apple -- this is

like a digital signature embedded in the app when the app appears in the

App Store

● This code signing process is built directly into the operating system of

Apple mobile devices (iOS)

● Before an app starts on a device, iOS checks to make sure the app is

properly code signed -- if it is not, the app will not launch

● The code signing digital signature is generated using the app’s code itself,

so this process also ensures that the app has not been altered since it has

been signed

Running Apps on a Device

2. How to get apps on devices for

testing

● If apps can only get on devices through the App Store, does that mean that

a developer building an app has to put it in the App Store and get it code

signed by Apple before he can test it on his own phone?

o This would mean he would also have to put it through the App Store again for every minor

code change as he continues to work on it, since code signing ensures that the app hasn’t

been changed between being signed and running

● Thankfully, no -- there is a process for developers to code sign apps

themselves, but it’s complicated

How Do Developers Do It?

● Developers who want to run apps on devices during development must

register themselves and their devices with Apple

● All registration happens at developer.apple.com (the “Developer Portal”)

● First, a developer joins Apple’s iOS Developer Program, which costs $99

per year, per developer

o A company with multiple developers must also register, for another $99

Code Signing by Developers

Registering Devices

● Then, the developer registers each device that he wants to run his app on

with Apple

o The area of the Developer Portal where a developer can complete this and the remaining

steps is only available to developers in the iOS Developer Program

o The developer specifies each device’s Unique Device Identifier (UDID), which can be

found by connecting the device to a computer and examining it in iTunes or Xcode

● There is a strict limit of 100 devices that can be registered for a particular

app

● Next, the developer requests a Code Signing Certificate from Apple, which

allows him to code sign the app he is developing

o This uses the mac’s Keychain system and public/private key encryption

● The developer also specifies an Identifier for his app with Apple

o Every app has a unique identifier, called a Bundle ID, Application ID, or Identifier

o The format typically looks something like “com.strava.run”

Register Everything with Apple

● Finally, the developer goes back to the Developer Portal once more to

create a Provisioning Profile, which combines:

o The developer’s Code Signing Certificate

o The App Identifier

o The UDID’s of all the devices registered for the app

● The developer downloads the Provisioning Profile to the computer he is

developing on and connects his device to the computer

The Provisioning Profile

● Now, finally, the developer can install the app on his device and run it

o The developer installs the app on the attached device through Xcode (code signing it in the

process), and specifies a Provisioning Profile to install with the app at the same time

● As always, before the app starts, iOS checks to see if the app has been

code signed by Apple

● But this time it sees that the app has been code signed by the developer --

● So it checks the Provisioning Profile, where it sees that Apple has been

notified that this device has been registered by this developer for testing

this particular app -- and with that confirmation, it launches the app

Running On a Device

● Code Signing, Provisioning Profiles -- all of this stuff is a source of

confusion and frustration, even for professional developers

● These things can easily get out of sync with each other when new

developers join a team or someone adds a new device to be used for

testing, and they will stop working until they are properly updated

● Many iOS developers may not even be clear on the details of how they

work

Nobody Likes this Stuff

● There is an alternative to specifying everything in a Provisioning Profile --

businesses can develop proprietary apps for internal use and distribute

them privately to employees

● This method avoids the burden of submitting the apps to the App Store or

even having the apps approved by Apple, and is not limited to 100 devices

● But there are restrictions --

o Businesses must join the iOS Developer Enterprise Program for $299 per year

o A device can only have enterprise apps from one employer installed at any time

● This method is not typically used outside of large corporations

Enterprise Distribution

3. Managing apps under

development

● Developers submit apps to the App Store through an Apple website called

iTunes Connect (itunesconnect.apple.com)

● iTunes Connect is also how developers manage the way their apps appear

in the App Store

● First, a developer creates a iTunes Connect record for an app under

development

iTunes Connect

● Then, the developer then specifies basic information that will appear in the

app’s entry in the App Store

o The app name

o What category the app should appear under

o Keywords for searching

o Maturity rating

o Images of the app, such as screenshots

o App description for the app’s entry in the App Store

o Developer’s company name for payment (iTunes Connect is also where the developer

agrees to the necessary legal forms related to payment)

Basic App Information

● More complex features are also handled through iTunes Connect

o Providing promotional codes for certain users (e.g. press) to download the app for free

o Free trials for in-app purchases

o Manage Smart App Banners (those rows that appear at the top of mobile web sites that

encourage users to download the app)

● iTunes Connect also contains a few tools for analyzing an app’s

performance

o Charts showing downloads and sales over time

o Financial reports

Additional Functions

4. Submitting an app to the App

Store

● When an app is ready for public distribution, the developer submits it to

Apple through iTunes Connect

● Xcode is integrated with iTunes Connect for this purpose

● The developer first downloads the record he created for the app in iTunes

Connect

● The developer then associates that record with the app in Xcode

● Finally, the developer saves a version of the app that includes the record

and uploads that to iTunes Connect directly from Xcode

Submission Process

● The app can’t appear in the App Store until Apple approves it, which

typically takes 1-5 days

● Once an app is approved, the developer can push it live to the App Store

o There is also an option to have it go live automatically as soon as Apple approves it, but

this option makes it harder to coordinate the release with website changes, marketing, PR,

etc.

Approval is Required

● When an app is submitted, Apple will perform a basic check to ensure

quality of the app, which includes:

o Features, functionality, user experience & interface all fit the product’s description

o Reliability -- reasonable data/battery usage, stable, doesn’t crash

o Conforms to Apple’s guidelines for usability (called the Human Interface Guidelines)

o Follows recommended programming practices, such as storage of data

o Is not bloated -- overall file size and load time are reasonable

Approval Standards

● Apple also has a long list of prohibitions -- too many to list here

● Some of the prohibitions are intuitive

o Cannot use Apple’s copyrighted imagery such as buttons elements from Apple apps

o Cannot circumvent Apple’s in-app payment system

o Must obtain user consent before accessing the user’s location data

Additional Reasons for Rejection

● Some other reasons for rejection are not so intuitive

o Too niche, too repetitive of existing apps, or duplicates built-in apps

o It can’t just be a mobile website, it must “feel” like a native app

o It can’t be a “test” or a “beta” version -- it must be a final product

o No porn or other content that Apple finds offensive

o It can’t use native elements in a way they weren’t intended -- e.g. vibration can only be

used in quick bursts for notification purposes

Even More Reasons for Rejection

● An app can be rejected even without violating a specific prohibition --

developers really are at Apple’s mercy

● Thankfully, rejected apps can be re-submitted after modifying the offending

elements

Dealing with Rejection

That’s it for content! The rest of the slides are further reading, glossary, etc.

Please submit feedback to harris.jay@gmail.com and tell me:

● Were these topics interesting? Useful at your job?

● Was this stuff too technical / too basic / just right?

● What other topics are you curious about (iPhone or otherwise)?

Fin.

Glossary

● Application ID

● App Identifier

● Bundle ID

● Code Signing

● Code Signing Certificate

● Developer Portal

● Human Interface Guidelines (HIG)

● iOS

● iOS Developer Enterprise Program

● iOS Developer Program

● iTunes Connect

Terminology Introduced

● Provisioning Profile

● Smart App Banner

● Unique Device Identifier (UDID)

Other Resources

Other Resources

● developer.apple.com - the ultimate authority - somewhat technical - hard

to navigate - some portions are only available to developers - includes:

o App Distribution Quick Start Guide

o App Distribution Guide

● Escoz Inc. blog post on iOS Code Signing and Provisioning Profiles

● Flippa blog post on some reasons for App Store rejection

If any of these are particularly useful for you, let me know

Tangential Topics

Tangential Topics

● Code Signing - there is a lot more to it, it can get quite technical

● iTunes - developers use it to access certain files on devices

● Keychain - involved in code signing

● Public/Private Key Encryption - a technical topic, involved in code

signing

● Xcode - software used to write apps, will be covered elsewhere in the

course

Let me know if any of these topics are interesting to you