App Store and Ad-Hoc: a distribution certificate. These are for when you're ready to give the app to other people - first for testing (the 'Ad-Hoc' bit) and then for general distribution via TestFlight or the App Store. When you join an iOS development team, you're either a 'Member' or an 'Admin'.
February 16, 2017Hari Sriskantha5 min read
If you've spent any time developing an app for iOS, then you've probably stumbled across the bit of the Developer Console called 'Certificates, Identifiers & Profiles'.
This is not a blog post about how to do anything in that section.
- Bulletins & Industry Letters Updates to, reminders, and restatements of the Single-Family Seller/Servicer Guide requirements.; Directory Contact information for specific Guide questions, requests, and documentation.; Forms Forms for Freddie Mac-approved Sellers and Servicers.; Uniform Instruments Freddie Mac and Fannie Mae/Freddie Mac Notes, Riders, Security Instruments, and other documents.
- Developed to help financial professionals plan for their clients, Columbus Life’s Tax Guide App is simple to use on the go. Based on our popular tax reference sheet, this app puts important tax rates and information at your fingertips. It includes valuable tables and easy-to-use tax calculators that.
Instead, it's a rough guide to what everything means -- in the hope of providing some relief/context when you've just seen the error 'No code signing identities' for the millionth time and feel like throwing your laptop out the window while shouting 'Code sign this!'
(Note: this article focuses on App Store apps, rather than in-house apps, which you can create through the Apple Developer Enterprise Program.)
Why Provisioning Profiles?
Good question. The key thing is that, unlike Android, you can't install any old app on an iOS device: it has to be signed by Apple first.1 However, when you're developing an app, you probably want to test it before sending it to Apple for approval. Provisioning profiles are simply a way for you to do that: they're like a 'temporary visa' that lets you run and test your app on a physical device. And like all good visa schemes, this means dealing with some bureaucracy..
The Components
Provisioning profiles always require the following components:2
- A certificate
- A unique app identifier (an 'App ID')
In some cases, they also require: How to unlock apple mac keyboard.
- A list of devices the app can run on
The Certificate
This is a public/private key-pair, which identifies who developed the app.3 (Without such certificates, I could e.g. create an app called 'Facebook' and pretend that it's an update to the actual Facebook -- and hence trick you into giving me your login credentials.)
When you try to create a new certificate, you'll be presented with several options. For provisioning profiles, the key ones are:
- iOS App Development: a development certificate. These are for developers who want to test the app on a physical device while writing code.
- App Store and Ad-Hoc: a distribution certificate. These are for when you're ready to give the app to other people -- first for testing (the 'Ad-Hoc' bit) and then for general distribution via TestFlight or the App Store.
When you join an iOS development team, you're either a 'Member' or an 'Admin'. Anyone can create development certificates, but only those with admin privileges can create distribution certificates.
The App ID
This is a unique identifier for your app. Apple recommends using a 'reverse-domain name style string' of the form: com.yourcompanyname.yourappname. You can then associate 'entitlements' to your App ID, such as iCloud, Push Notifications, Apple Pay, etc.
It's also possible to create 'wildcard' App IDs, e.g. com.yourcompanyname.*, which can be used for multiple apps. While these can be useful in some cases, note that you can't associate entitlements to them.
Extra tip: if you're planning on releasing an Android app as well, then you should avoid using hyphens (-) in your App ID -- otherwise you won't be able to use the same one on both platforms.
The List of Devices
This is a list of devices.
This is perhaps the most annoying part of the process: if you want to distribute your app to testers (without using TestFlight), then they need to send you their device's 'Unique Device Identifier' or UDID. Unfortunately, you can't find it within iOS itself: they'll need to connect their device to a computer.
I heartily recommend the website whatsmyudid.com, which provides clear, illustrated instructions about what to do. However, you should still mentally prepare yourself for people sending you all kinds of random, irrelevant strings with the question: 'Is this it?' (Hint: if it's not a 40-character, hexadecimal string, then the answer is no.4)
Creating a Provisioning Profile
Congratulations, you're now ready to build your provisioning profile! Again, there are quite a few options, but the main ones are: How to prioritize open apps on mac.
- iOS App Development: for testing the app on a physical device while developing.
- Ad Hoc: for distributing the app to non-TestFlight testers (e.g. via HockeyApp).
- App Store: for distributing the app via TestFlight or the App Store. (Note that this one doesn't work on its own: your app will still need signing by Apple.)
Here are the key differences between them:
Provisioning Profile
Certificate
App ID
List of Devices
iOS App Development
iOS App Development
Yes
Yes
Ad Hoc
App Store and Ad-Hoc
Yes
Yes
App Store
App Store and Ad-Hoc
Yes
No
So when iOS attempts to install an app, it checks the following things:
- That the private key used to sign the app matches the public key in the certificate;
- That the App ID is correct;
- That the entitlements required are associated with the App ID;
- That the device itself is in the list of devices.
If anyone of these conditions fail, then the app will not install -- and you'll see a greyed-out app icon with no error message or clue for how to proceed. But at least now you have somewhere to start: you can go through those four bullet points manually, and make sure everything is as it should be. (We've found it's usually an issue with the list of devices.)
The End
I hope this post helped demystify what's going on when you create a provisioning profile. If not, then please feel free to leave a question in the comments below!
Footnotes
1 This doesn't apply to the iOS simulator or a jailbroken device. [back]
2 Note that these correspond to the sections of the left-hand menu within 'Certificates, Identifiers & Profiles'. [back]
3 Although this is all a lot more elaborate than Android's system, one of the great advantages is that you can recreate certificates. On Android, if you lose the original private key then you're screwed: you won't be able to update your original app, and you'll have to convince all your existing users to download a new one. [back]
4 I once even got sent a 40-character, hexadecimal string that wasn't a valid UDID, and looked nothing like the actual one they eventually sent me. To this day, I still have no idea where they got it from. [back]
2 Note that these correspond to the sections of the left-hand menu within 'Certificates, Identifiers & Profiles'. [back]
3 Although this is all a lot more elaborate than Android's system, one of the great advantages is that you can recreate certificates. On Android, if you lose the original private key then you're screwed: you won't be able to update your original app, and you'll have to convince all your existing users to download a new one. [back]
4 I once even got sent a 40-character, hexadecimal string that wasn't a valid UDID, and looked nothing like the actual one they eventually sent me. To this day, I still have no idea where they got it from. [back]
Hari Sriskantha
Web Developer at Theodo
Mac App Distribution Guide Pdf
-->App Center Distribute will let your users install a new version of the app when you distribute it via App Center. With a new version of the app available, the SDK will present an update dialog to the users to either download or postpone the new version. Once they choose to update, the SDK will start to update your application.
Note
There are a few things to consider when using in-app updates:
- If you have released your app in the App Store, in-app updates will be disabled.
- If you are running automated UI tests, enabled in-app updates will block your automated UI tests as they will try to authenticate against the App Center backend. We recommend to not enable App Center Distribute for your UI test target.
Important
App Center SDK doesn't support multiple window apps that were introduced in iOS 13.
Add in-app updates to your app
Follow the Get started section if you haven't configured the SDK in your application.
1. Add the App Center Distribute module
The App Center SDK is designed with a modular approach – you only need to integrate the modules of the services that you're interested in.
Integration via Cocoapods
If you are integrating App Center into your app via Cocoapods, add the following dependency to your podfile and run
pod install
.Integration via Carthage
- Add the following dependency to your
Cartfile
to include App Center Distribute. - Run
carthage update
. - Open your application target's General settings tab. Drag and drop the AppCenterDistribute.framework file from the Carthage/Build/iOS folder to the Linked Frameworks and Libraries section in XCode.
- Drag and drop AppCenterDistributeResources.bundle from AppCenterDistribute.framework into XCode's Project Navigator.
- A dialog will appear, make sure your app target is checked. Then click Finish.
Integration by copying the binaries into your project
If you wish to manually integrate the module, follow this documentation link.
2. Start App Center Distribute
Mac App Distribution Guide App
App Center only uses the specific modules you invoke in your application. You must explicitly call each of them when starting the SDK.
2.1 Add the import for App Center Distribute
Open the project's AppDelegate.m file in Objective-C or AppDelegate.swift file in Swift and add the following import statements:
2.2 Add the start:withServices:
method
Add
MSDistribute
to your start:withServices:
method to start App Center Distribute service.Insert the following line to start the SDK in the project's AppDelegate.m class for Objective-C or AppDelegate.swift class for Swift in the
didFinishLaunchingWithOptions
method.Make sure you have replaced
{Your App Secret}
in the code sample above with your App Secret. Also check out the Get started section if you haven't configured the SDK in your application.2.3 Modify the project's Info.plist
- In the project's Info.plist file, add a new key for
URL types
by clicking the '+' button next to 'Information Property List' at the top. If Xcode displays your Info.plist as source code, refer to the tip below. - Change the key type to Array.
- Add a new entry to the array (
Item 0
) and change the type to Dictionary. - Under
Item 0
, add aURL Schemes
key and change the type to Array. - Under your
URL Schemes
key, add a new entry (Item 0
). - Under
URL Schemes
>Item 0
, change the value toappcenter-{APP_SECRET}
and replace{APP_SECRET}
with the App Secret of your app.
Tip
If you want to verify that you modified the Info.plist correctly, open it as source code. It should contain the following entry with your App Secret instead of
{APP_SECRET}
:Use private distribution group
By default, Distribute uses a public distribution group. If you want to use a private distribution group, you will need to explicitly set it via
updateTrack
property.Note
The default value is
MSUpdateTrackPublic
. This property can only be updated before the MSAppCenter.start
method call. Changes to the update track are not persisted when the application process restarts, thus if the property is not always updated before the MSAppCenter.start
call, it will be public, by default.After this call, a browser window will open up to authenticate the user. All the subsequent update checks will get the latest release on the private track.
If a user is on the private track, it means that after the successful authentication, they will get the latest release from any private distribution groups they are a member of.If a user is on the public track, it means that they will get the latest release from any public distribution group.
Disable Automatic Check for Update
By default, the SDK automatically checks for new releases:
- When the application starts.
- When the application goes into background then in foreground again.
- When enabling the Distribute module if previously disabled.
If you want to check for new releases manually, you can disable automatic check for update.To do this, call the following method before the SDK start:
Note
This method must be called before the
AppCenter.start
method call.Then you can use the
checkForUpdate
API which is described in the following section.Manually Check for Update
This will send a request to App Center and display an update dialog in case there is a new release available.
Note
A manual check for update call works even when automatic updates are enabled. A manual check for update is ignored if another check is already being performed. The manual check for update will not be processed if the user has postponed updates (unless the latest version is a mandatory update).
Customize or localize the in-app update dialog
1. Customize or localize text
You can easily provide your own resource strings if you'd like to localize the text displayed in the update dialog. Look at this strings file. Use the same string name/key and specify the localized value to be reflected in the dialog in your own app strings files.
2. Customize the update dialog
You can customize the default update dialog's appearance by implementing the
MSDistributeDelegate
protocol. You need to register the delegate before starting the SDK as shown in the following example:Here is an example of the delegate implementation that replaces the SDK dialog with a custom one:
In case you return
YES
/true
in the above method, your app should obtain user's choice and message the SDK with the result using the following API.If you don't call the above method, the
releaseAvailableWithDetails:
-method will repeat whenever your app is entering to the foreground.Enable or disable App Center Distribute at runtime
You can enable and disable App Center Distribute at runtime. If you disable it, the SDK will not provide any in-app update functionality but you can still use Distribute service in App Center portal.
To enable App Center Distribute again, use the same API but pass
YES
/true
as a parameter.The state is persisted in the device's storage across application launches.
Note
This method must only be used after
MSDistribute
has been started.Check if App Center Distribute is enabled
You can also check if App Center Distribute is enabled or not:
Note
This method must only be used after
MSDistribute
has been started, it will always return NO
or false
before start.Don't initialize App Center Distribute during development
If in private mode, App Center Distribute will open up its UI/browser at application start. While this is an expected behavior for your end users, it could be disruptive for you during the development stage of your application. We do not recommend initializing
MSDistribute
for your DEBUG
configuration.How do in-app updates work?
Note
For in-app updates to work, an app build should be downloaded from the link. It won't work if installed from an IDE or manually.
The in-app updates feature works as follows:
- This feature will ONLY work with builds that are distributed using App Center Distribute service. It won't work when the debugger is attached or if the iOS Guided Access feature is turned on.
- Once you integrate the SDK, build a release version of your app and upload it to App Center, users in that distribution group will be notified for the new release via an email.
- When each user opens the link in their email, the application will be installed on their device. It's important that they use the email link to install the app - App Center Distribute does not support in-app-updates for apps that have been installed from other sources (e.g. downloading the app from an email attachment). When an application is downloaded from the link, the SDK saves important information from cookies to check for updates later, otherwise the SDK doesn’t have that key information.
- If the application sets the track to private, a browser will open to authenticate the user and enable in-app updates. The browser will not open again as long as the authentication information remains valid even when switching back to the public track and back to private again later. If the browser authentication is successful, the user is redirected back to the application automatically. If the track is public (which is the default), the next step happens directly.
- On iOS 9 and 10, an instance of
SFSafariViewController
will open within the app to authenticate the user. It will close itself automatically after the authentication succeeded. - On iOS 11, the user experience is similar to iOS 9 and 10 but iOS 11 will ask the user for their permission to access login information. This is a system level dialog and it cannot be customized. If the user cancels the dialog, they can continue to use the version they are testing, but they won't get in-app-updates. They will be asked to access login information again when they launch the app the next time.
- On iOS 9 and 10, an instance of
- https://yellowcritic669.weebly.com/blog/run-mac-apps-on-ios. A new release of the app shows the in-app update dialog asking users to update your application if it has:
- a higher value of
CFBundleShortVersionString
or - an equal value of
CFBundleShortVersionString
but a higher value ofCFBundleVersion
. - the versions are the same but the build unique identifier is different.
- a higher value of
Tip
If you upload the same ipa a second time, the dialog will NOT appear as the binaries are identical. If you upload a new build with the same version properties, it will show the update dialog. The reason for this is that it is a different binary.
How do I test in-app updates?
You need to upload release builds (that use the Distribute module of the App Center SDK) to the App Center Portal to test in-app updates, increasing version numbers every time.
- Create your app in the App Center Portal if you have not done that already.
- Create a new distribution group and name it so you can recognize that this is just meant for testing the in-app update feature.
- Add yourself (or all people who you want to include on your test of the in-app update feature). Use a new or throw-away email address for this, that was not used for that app on App Center. This ensures that you have an experience that's close to the experience of your real testers.
- Create a new build of your app that includes App Center Distribute and contains the setup logic as described below. If the group is private, don't forget to set the private in-app update track before start using the updateTrack property.
- Click on the Distribute new release button in the portal and upload your build of the app.
- Once the upload has finished, click Next and select the Distribution group that you just created as the Destination of that app distribution.
- Review the Distribution and distribute the build to your in-app testing group.
- People in that group will receive an invite to be testers of the app. Once they accept the invite, they can download the app from the App Center Portal from their mobile device. Once they have in-app updates installed, you're ready to test in-app updates.
- Bump the version name (
CFBundleShortVersionString
) of your app. - Build the release version of your app and upload a new build of your app just like you did in the previous step and distribute this to the Distribution Group you created earlier. Members of the Distribution Group will be prompted for a new version the next time the app starts.
Tip
Have a look at the information on how to utilize App Center Distribute for more detailed information about Distribution Groups etc.While it is possible to use App Center Distribute to distribute a new version of your app without adding any code, adding App Center Distribute to your app's code will result in a more seamless experience for your testers and users as they get the in-app update experience.
Disable forwarding of the application delegate's methods calls to App Center services
https://yellowcritic669.weebly.com/blog/leica-app-for-mac. The App Center SDK uses swizzling to improve its integration by forwarding itself some of the application delegate's methods calls. Method swizzling is a way to change the implementation of methods at runtime. If for any reason you don't want to use swizzling (e.g. because of a specific policy) then you can disable this forwarding for all App Center services by following the steps below:
- Open the project's Info.plist file.
- Add
AppCenterAppDelegateForwarderEnabled
key and set the value to0
. This will disable application delegate forwarding for all App Center services. - Add the
openURL
callback in the project'sAppDelegate
file.