This article will give you an overview of the actions we perform with our access to your account.
To submit the app we need to complete multiple steps:
Create a PushKey to send Push Notifications.
Create an API Key to connect to the AppStoreConnectApi
Create the app on the Apple Developer Center
Create the app on the App Store Connect
Create a distribution certificate
Create a provisioning profile
Create an application signed with provisioning profile and distribution certificate
Deliver the app to your account
Update all required metadata for the app
Send the app for review
Resolve review questions/problems if there any
Submit to the App Store
User roles
There are several user roles available on App Store Connect.
ℹ️ More info about user roles: https://developer.apple.com/support/roles/
We require to have at least the AppManager role as it gives us a decent amount of rights to execute most of the steps from the section above.
However, having an Admin-level of access is preferable as it gives us more flexibility in terms of managing our applications. With AppManager access, we will need to ask you to do some things manually on your own as we simply won’t have access.
* No current support for p12 push key
For example with a AppManager access, we can’t create an API Key.
ℹ️ More info about ApiKey: https://developer.apple.com/documentation/appstoreconnectapi
This means that we will need to ask you to generate an API Key (.p8 file) on your own and then share such API Key with us.
Protection
You are an account holder. So you are the boss in your account. This means that:
You can restrict user access only to Swapcard Application
⚠️ When you invite SwapcardDeveloper
into your account you won’t have a SwapcardApp
in the list of apps to be able to restrict access. By default, AppStore proposes the AllApps
access. To avoid that you can create an Empty Application that you will restrict access to.
You can always deactivate the user that you’ve added to your profile. No matter if it’s an AppManager, Admin or Others
You can always deactivate an ApiKey no matter what access it gives
You can always deactivate a certificate or a provisioning profile
And the best part is that all of the points above won’t affect your application. It will be still available on the store.
⚠️ You can also deactivate PushKey but be careful because it will block us from sending push notifications to your app.