Body
We are currently evaluating an architecture approach for an iOS application and are looking for guidance on App Store Review expectations and platform limitations.
Context
We are modernizing an existing healthcare application that handles regulated data (PHI). The application is intended for use by internal staff and authorized third-party contractors (not a consumer-facing app, and no monetization).
To support iOS distribution, we are evaluating packaging an Angular-based Progressive Web App (PWA) using a lightweight native wrapper (e.g., via PWABuilder), resulting in a WebView-hosted application.
Proposed Architecture
- Angular PWA hosted remotely and loaded via HTTPS
- Packaged inside a native iOS container (WKWebView-based)
- Authentication via Passkeys (WebAuthn / FIDO2)
- Backend APIs implemented in .NET
- Limited offline functionality using IndexedDB (non-sensitive data only)
- No persistent storage of sensitive data on-device
The native wrapper primarily provides distribution and lifecycle management; most functionality is delivered via the hosted PWA.
Key Consideration
This application is not intended to function as a general-purpose browser, but rather as a purpose-built, workflow-specific experience for healthcare operations.
Questions
1. App Review / Guideline 4.2
- Have developers had success getting WebView-hosted applications (primarily PWA-driven) approved when they provide a complete and production-grade user experience?
- How does Apple typically evaluate whether such an app meets the “minimum functionality” requirement versus being considered a repackaged website?
2. Dynamic Content / Updates
- Are there specific restrictions on delivering functionality dynamically via server-hosted content after app approval?
- At what point would backend-driven changes require a new App Store submission?
3. Data Storage & WebView Behavior
- Are there notable differences in how iOS handles storage (e.g., IndexedDB, local storage) in:
- Safari-installed PWAs
- WebView-based apps distributed via the App Store?
- Are there known limitations or caveats when relying on IndexedDB within WKWebView?
4. Platform Capabilities
- Are there practical limitations for WebView-based apps related to:
- Offline functionality
- File handling
- Long-term platform support
5. Healthcare / Regulated Data
- For apps handling regulated healthcare data (PHI), are there additional expectations or best practices (beyond standard guidelines) that Apple reviewers typically look for?
Goal
We are trying to determine whether this architecture is viable for App Store distribution before proceeding further with implementation.
Any insights, experiences, or pointers to relevant documentation would be greatly appreciated.