This article will give you an overview of the actions we perform with our access to your account.
To submit the app we need to complete multiple steps:
- Create a PushKey to send Push Notifications.
- Create an API Key to connect to the AppStoreConnectApi
- Create the app on the Apple Developer Center
- Create the app on the App Store Connect
- Create a distribution certificate
- Create a provisioning profile
- Create an application signed with provisioning profile and distribution certificate
- Deliver the app to your account
- Update all required metadata for the app
- Send the app for review
- Resolve review questions/problems if there any
- Submit to the App Store
User roles
There are several user roles available on App Store Connect.
ℹ️ More info about user roles: https://developer.apple.com/support/roles/
We require to have at least the AppManager role as it gives us a decent amount of rights to execute most of the steps from the section above.
However, having an Admin-level of access is preferable as it gives us more flexibility in terms of managing our applications. With AppManager access, we will need to ask you to do some things manually on your own as we simply won’t have access.
* No current support for p12 push key
For example with a AppManager access, we can’t create an API Key.
ℹ️ More info about ApiKey: https://developer.apple.com/documentation/appstoreconnectapi
This means that we will need to ask you to generate an API Key (.p8 file) on your own and then share such API Key with us.
Protection
You are an account holder. So you are the boss in your account. This means that:
- You can restrict user access only to Swapcard Application
⚠️ When you invite SwapcardDeveloper
into your account you won’t have a SwapcardApp
in the list of apps to be able to restrict access. By default, AppStore proposes the AllApps
access. To avoid that you can create an Empty Application that you will restrict access to.
- You can always deactivate the user that you’ve added to your profile. No matter if it’s an AppManager, Admin or Others
- You can always deactivate an ApiKey no matter what access it gives
- You can always deactivate a certificate or a provisioning profile
And the best part is that all of the points above won’t affect your application. It will be still available on the store.
⚠️ You can also deactivate PushKey but be careful because it will block us from sending push notifications to your app.