Some capabilities included distribution restriction. For example, you might be able to use the capability for day-to-day development but have to get additional approval to publish an app using that capability to the App Store.
To tell if a capability has such a restriction:
-
Go to Developer > Account.
-
At the top right, make sure you’re logged in as the right team.
-
Under Certificates, Identifiers & Profiles, click Identifiers.
-
Find the App ID you’re working with and click it.
IMPORTANT Some managed capabilities are granted on a per-App ID basis, so make sure you choose the right App ID here.
-
This brings up the App ID editor. Locate the capability you’re working with, either under Capabilities or Additional Capabilities [1].
-
Click the little info (i) button next to the capability. The resulting popover lists the supported platforms and distribution channels for that capability.
For example, the following shows that the standard Family Controls capability, which authorises use of the com.apple.developer.family-controls entitlement, is only enabled for development on iOS.
If you’re granted distribution access to this capability, you’ll see another item in the Additional Capabilities tab.
Its popover shows that you can use the capability for iOS App Store and Ad Hoc distribution as well as day-to-day development.
In the Family Controls example the development-only capability is available to all developers. However, restrictions like this can apply to initially managed capabilities, that is, managed capabilities where you have to apply to use the capability just to get started with your development.
For example, when you apply for the Endpoint Security capability, which authorises use of the com.apple.developer.endpoint-security.client entitlement, it’s typically granted for development only. If you want to distribute a product using that capability, you must re-apply for another capability that authorises Developer ID distribution [2].
Some folks encounter problems like this because their managed capability was incorrectly granted. For example, you might have applied for a managed capability from an Organisation team but it was granted as if you were an Enterprise team. In this case the popover will show In House where you’d expect it to show App Store.
If you’ve believe that you were granted a managed capability for the wrong distribution channel, contact the folks who granted you that capability.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] The latter is only present if you have been granted access to a managed capability by Apple.
[2] Endpoint Security clients must use independent distribution; they are not accepted in the Mac App Store.
