Hello, I can deploy a app using Xcode directly to my iPhone. When I archive the project and want to validate the app (or distribute the app) I get an error to all *.so and *.dylib files like
Asset validation failed
Invalid bundle structure. The “lebcas.app/lib/python3.11/site-packages/PIL/.dylibs/libtiff.6.dylib” binary file is not permitted. Your app cannot contain standalone executables or libraries, other than a valid CFBundleExecutable of supported bundles. For details, visit: https://developer.apple.com/documentation/bundleresources/placing_content_in_a_bundle (ID: 65425f02-4d3c-4ed7-906b-73a6fba3e5b5)
I could not find any information on how to fix the error in the link. Do you have any hint how to solve this issue?
Navigate the App Store landscape. Share strategies for app submission, distribution, marketing, and user acquisition. Discuss best practices for getting your app discovered and downloaded.
Post
Replies
Boosts
Views
Activity
I have an app with Expo Managed Workflow. I successfully built it via EAS and tested it in a simulator and development environment on my physical iPhone 15 Pro - iOS 18.2. When I run it in Preview without the "developmentClient": true in EAS config, The build completes, and I am able to download it to my phone, but when I try to open the app, it immediately crashes. Below is the crash report. I would appreciate any help and guidance on this matter.
Thanks!
AtRestPreview-2024-12-22-095645.txt
Hello everyone,
I recently received an email from Apple titled "Notification of Apple Developer Program License Agreement (“DPLA”) violation:" stating that I may have violated Section 11.2 (Termination) of the agreement. The specific clause mentioned relates to engaging in or encouraging misleading, fraudulent, improper, or dishonest acts, such as manipulating App Store rankings or reviews.
I’m unsure what triggered this notification as I have always adhered to Apple’s guidelines. Recently, I ran a promotional campaign for my app, where it was made temporarily free, leading to a significant spike in downloads. I suspect this may have raised a flag, but everything was done transparently and without intent to violate any rules.
I’ve reached out to Apple Support for clarification, but I wanted to ask here if anyone has experienced something similar or could provide insights into resolving this.
I value my membership in the Apple Developer Program and want to ensure everything is compliant. Any advice would be greatly appreciated!
I purchased some paid apps using my Apple ID. Recently, I discovered that I can use Apple Configurator to install these paid apps on any iOS device, even if the device is not logged in with my Apple ID. After installation, the apps can still run normally. This is beyond my expectations. Shouldn't Apple protect the copyright of these paid apps and prevent them from being installed on devices that haven't paid for them?
I had a one day 50,000 unit institutional purchase of my app. Whenever I try to display a graph of downloads, the x-axis scale is so far off that the remainder of the days are invisible. Is it possible to filter out institutional purchases? None of these were actually downloaded AFAIK so I'm not sure why they are included.
Hello,
I’m encountering an issue with my App Store Connect account. When I log in, I can only see the “Users and Access” section. The “Apps” section is not showing up, and I’m unable to view or manage my applications.
I’ve tried the following steps with no success:
Checked for any issues with my Apple Developer account or App Store Connect permissions.
Logged in using different browsers and cleared cache.
Ensured that my role (as an Admin/Account Holder) has full access.
Has anyone encountered a similar problem? Could it be related to my account role, or is there a different issue that might be causing this? Any help or insights would be appreciated.
Thanks!
Subject: Concern Regarding App Removal and Account Termination Under Guideline 3.2(f)
Dear Apple Developer Team,
I recently received a notification that my application is being removed from the App Store and my developer account is being terminated under Guideline 3.2(f). Despite submitting detailed, clear, and solution-oriented appeals, I have consistently received the same automated response.
My application featured unique, high-quality, and professionally crafted content, adhering to Apple’s guidelines. I believe this decision may stem from some misunderstandings. However, I have been unable to connect with anyone for further clarification, and my appeals seem to be overlooked in favor of a standard response.
As a developer, I have always prioritized compliance with Apple’s policies. In fact, during previous reviews, I explicitly ensured that my app met all requirements, even consulting Apple before implementing certain features. I am concerned that this decision may not fully reflect the effort and care I’ve put into adhering to Apple’s standards.
I understand the high volume of appeals Apple receives and the pressure to make swift decisions. However, I strongly believe that a thorough review of my appeal would reveal that any potential issues have already been addressed.
I urge Apple to approach this situation with the professionalism and fairness that the developer community expects. Recognizing and addressing such concerns would reinforce the trust and collaboration between developers and Apple.
Thank you for your time and understanding. I sincerely hope for an opportunity to resolve this issue and continue contributing to the App Store ecosystem.
Best regards,
Hi everyone,
I’m encountering a recurring issue with my app submission, and I’d appreciate your insights. My app has been rejected due to Guideline 2.5.4 with the following feedback:
Guideline 2.5.4 - Performance - Software Requirements
The app continues to declare support for location in the UIBackgroundModes key in your Info.plist file but we are unable to locate any features besides employee tracking that require persistent location.
Using the location background mode for the sole purpose of tracking employees is not appropriate.
Please note we located the features of the app but the location background tracking of employees is not appropriate with this guideline.
Next Steps
If the app has a feature besides tracking employees that requires persistent location, reply to this message and let us know how to locate this feature. Otherwise, it would be appropriate to revise the app to include additional features for your users that require the persistent use of real-time location updates while the app is in the background
My App’s Use Case:
The app is designed to support events where users can check in and check out. Persistent location tracking is essential for the following:
1. During Events:
• Tracking users’ real-time location ensures they remain within the event boundaries.
• If a user exits the designated area, the system logs the occurrence for compliance and security purposes.
2. Workforce Monitoring:
• For work events, the app records working hours based on their presence within the event area.
• This ensures accurate logging of attendance and work durations.
Steps I’ve Taken:
• Limited Scope of Tracking: Persistent location tracking is active only during event check-in and check-out periods. Outside of these periods, tracking is disabled.
• User Consent: I’ve implemented clear permission requests and a privacy policy to explain how location data is used.
• Info.plist Configuration: I’ve declared the UIBackgroundModes key with location to support background tracking.
Despite these measures, my app continues to be rejected with the feedback above. I believe my app’s features align with the guidelines as the location tracking is directly tied to event functionality and user benefit.
Questions:
1. How can I better explain this use case to Apple’s review team to demonstrate compliance?
2. Are there any additional features or adjustments I should consider to ensure my app meets the guidelines?
3. Has anyone faced a similar issue with persistent location tracking, and how did you resolve it?
Thank you for your guidance and support!
Hi,
is there a way to remove just one platform from AppStore?
Our app is available on iOS, tvOS and macOS and I want to remove macOS from AppStore. Is there a possibility to do that? I don't want to remove iOS and tvOS app.
Subject: Concern Regarding App Removal and Account Termination Under Guideline 3.2(f)
Dear Apple Developer Team,
I recently received a notification that my application is being removed from the App Store and my developer account is being terminated under Guideline 3.2(f). Despite submitting detailed, clear, and solution-oriented appeals, I have consistently received the same automated response.
My application featured unique, high-quality, and professionally crafted content, adhering to Apple’s guidelines. I believe this decision may stem from some misunderstandings. However, I have been unable to connect with anyone for further clarification, and my appeals seem to be overlooked in favor of a standard response.
As a developer, I have always prioritized compliance with Apple’s policies. In fact, during previous reviews, I explicitly ensured that my app met all requirements, even consulting Apple before implementing certain features. I am concerned that this decision may not fully reflect the effort and care I’ve put into adhering to Apple’s standards.
I understand the high volume of appeals Apple receives and the pressure to make swift decisions. However, I strongly believe that a thorough review of my appeal would reveal that any potential issues have already been addressed.
I urge Apple to approach this situation with the professionalism and fairness that the developer community expects. Recognizing and addressing such concerns would reinforce the trust and collaboration between developers and Apple.
Thank you for your time and understanding. I sincerely hope for an opportunity to resolve this issue and continue contributing to the App Store ecosystem.
Best regards,
Features being implemented
store External Payment Report
Implementation Language and Framework
JAVA springboot
a problem
https://developer.apple.com/documentation/externalpurchaseserverapi/send-external-purchase-report?changes=latest_major
I send jwt tokens in the header to the apple endpoint
If a 401 authentication error occurs all of a sudden while being sent successfully in the beginning, a 401 error has occurred since then
What I checked
Tokens are being re-created and sent every time a report is sent
I'm currently using aws ec2 load balancer and I get 401 error and when I shut down Tomcat and restart it, it works normally and then the above problem occurs again
Even if I send the token that I used to send since 401 happened using postman, 401 error
If my local server issues tokens again with the same content and sends the report to postman, it works fine
Considering the above problems and the confirmed contents, why 401 problems suddenly occur
I'd like to know how to solve that part.
private String keyId="******";
private String issuerId="******";
private String bundleId = "ai.******";
Instant now = Instant.now();
Date issuedAt = Date.from(now);
Date expiresAt = Date.from(now.plusSeconds(20 * 60));
public String createToken(){
try {
PrivateKey key = getPrivateKey();
return Jwts.builder()
.setHeaderParam("alg", "ES256")
.setHeaderParam("kid", keyId)
.setHeaderParam("typ", "JWT")
.setIssuer(issuerId)
.setIssuedAt(issuedAt)
.setExpiration(expiresAt)
.setAudience("appstoreconnect-v1")
.signWith(key, SignatureAlgorithm.ES256)
.claim("bid",bundleId)
.compact();
}catch (Exception e){
e.printStackTrace();
throw new RuntimeException("JWT error", e);
}
}
private static PrivateKey getPrivateKey() throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
InputStream privateKey = new ClassPathResource("certs/SubscriptionKey_***********.p8").getInputStream();
String result = new BufferedReader(new InputStreamReader(privateKey)) .lines().collect(Collectors.joining("\n"));
String key = result.replace("-----BEGIN PRIVATE KEY-----\n", "")
.replace("-----END PRIVATE KEY-----", "")
.replace("\n", "");
byte[] decoded = Base64.getDecoder().decode(key);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decoded);
KeyFactory keyFactory = KeyFactory.getInstance("EC");
return keyFactory.generatePrivate(keySpec);
}
We're seeking guidance regarding our latest app review (ID: fa69f469-2043-4069-a8be-249916c564ed) which raises concerns about our location services implementation. While we have submitted an appeal to the App Review Board, we'd greatly appreciate any community insights while we await their response.
Key Issues:
Our app calculates Islamic prayer times and Qibla direction - both requiring location services for religious accuracy
Review suggests making the app work without location, which would prevent:
Calculating accurate prayer times based on location
Determining Qibla direction (mandatory prayer direction towards Mecca)
Current Implementation:
Two-step location permission process with proper iOS system prompts
ATT framework properly implemented (screenshots provided)
Non-location features (Quran, etc.) accessible without location/login
Clear user communication about location requirements
Previous Steps Taken:
Provided screenshots showing ATT implementation
Demonstrated proper location permission flows
Explained religious requirements for location services
Made non-location features accessible without permissions
Question: How have other religious/prayer apps handled similar requirements where core functionality (prayer times, direction) inherently requires location services?
I've attached a screen recording demonstrating:
Two-step location permission process
[Video Demo]
Any guidance would be greatly appreciated, especially regarding best practices for implementing essential location services while meeting App Store guidelines.
We are producing a function to submit an Apple external purchase report.
When I sent the report, I created a jwt token and put it in the header
There are times when you operate normally and suddenly get a 401 error.
When I checked the entity to log before sending the report, I found that the header was well contained and the token changed every time I called.
Once you get 401 error, you have to shut down your server(tomcat) once and run it again
May I know what kind of problem is causing this phenomenon?
Or can I find a way to fix the problem? The server is using aws ec2 load balancer
The back language is java spring boot
jwt token create code
private String keyId="******";
private String issuerId="******";
private String bundleId = "ai.******";
Instant now = Instant.now();
Date issuedAt = Date.from(now);
Date expiresAt = Date.from(now.plusSeconds(20 * 60));
public String createToken(){
try {
PrivateKey key = getPrivateKey();
return Jwts.builder()
.setHeaderParam("alg", "ES256")
.setHeaderParam("kid", keyId)
.setHeaderParam("typ", "JWT")
.setIssuer(issuerId)
.setIssuedAt(issuedAt)
.setExpiration(expiresAt)
.setAudience("appstoreconnect-v1")
.signWith(key, SignatureAlgorithm.ES256)
.claim("bid",bundleId)
.compact();
}catch (Exception e){
e.printStackTrace();
throw new RuntimeException("JWT error", e);
}
}
private static PrivateKey getPrivateKey() throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
InputStream privateKey = new ClassPathResource("certs/SubscriptionKey_***********.p8").getInputStream();
String result = new BufferedReader(new InputStreamReader(privateKey)) .lines().collect(Collectors.joining("\n"));
String key = result.replace("-----BEGIN PRIVATE KEY-----\n", "")
.replace("-----END PRIVATE KEY-----", "")
.replace("\n", "");
byte[] decoded = Base64.getDecoder().decode(key);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decoded);
KeyFactory keyFactory = KeyFactory.getInstance("EC");
return keyFactory.generatePrivate(keySpec);
}
Hello
My app got rejected with the message "We noticed your app shares a similar binary, metadata, and/or concept as apps submitted to the App Store by other developers, with only minor differences."
In short, my app is a vpn app built entirely by me. In Russia almost all vpn protocols are blocked: wireguard, openvpn etc. And the only protocol they could not block was vless. It was hard to implement it, i spent like 3 weeks on it writing my own package on flutter. The app first was uploaded to android and shared through testflight with some of my friends. And everyone switched to my app, because it works perfect for their needs: accessing instagram, twitter etc. Those apps are blocked here.
So on my first attempt publishing i got 2 errors:
Vpn should be published on the account that is organization
Spam rejection
I registered a company and switched from individual account to a company.
I also changed the ui of the app (although i agree most vpns share the same concept design).
I got rejected again with only "Guideline 4.3(a) - Design - Spam".
I appealed with a question why was it it rejected, explaining that the app was built by me, and of course, i use some libraries. I got the same roboting response.
After that i added some features:
Built in private browser
Network connection speed
Today submitted the new version hoping it would pass, but yet again got "Guideline 4.3(a) - Design - Spam".
I'm really frustrated, because i spent 3 months developing the app.
I understand there are dozens of vpns. But vpn is not exactly the simple feature app. Some are bad, some are good, and some doesn't work at all.
My app doesn't have any ads and paid subscriptions.
I also renamed my app to "Incognito - Browser, VPN". But can't get pass.
Would like to get some advices. Please help
P.S. Sorry for my bad grammar
Hi,
I am trying to connect and use the App Store Connect API so that I can download app reviews remotely. I have read the documentation and have used the API address as stated in the documentation:
GET https://api.appstoreconnect.apple.com/v1/apps/{id}/customerReviews.
I keep on receiving a 403 error:
"errors" : [ {
"id" : "fbe7b837-2023-4f60-8fa0-88b50368f4cc",
"status" : "403",
"code" : "FORBIDDEN_ERROR",
"title" : "This request is forbidden for security reasons",
"detail" : "The API key in use does not allow this request"
}
I am using the same keys and headers that I use to connect to obtain sales reports info, which works absolutely fine, using the below link:
https://api.appstoreconnect.apple.com/v1/salesReports
Is there anything extra that I need to set up before I can access the reviews or am I missing something.
Thanks.
I recently tried to upload my first app to the app store, but it got rejected, and I do not know how I can fix it.
It got rejected because:
The landing page of our app includes a URL that directs users to external mechanisms for purchases or subscriptions to be used in the app.
The app includes an account registration feature for businesses and organizations, which is considered access to external mechanisms for purchases or subscriptions to be used in the app.
But this app is an extension of our web application (Galantis). Galantis contains various features, including one called "MyTime". When a customer purchases this feature, their employees gain access to our app. This feature can only be purchased by one of our customers and not their employees.
The credentials of these employees are created directly within our website because they need to be managed by their team leader.
Anyone an idea of how I would fix this?
Can I change the bundle identifier for an app that I have pushed to TestFlight beta testing but have not released a single build to the App Store yet?
I hover over the bundle identifier in the App Information section of the App Store Connect Apps page, but I do not currently see an option to edit it.
I am trying to retrieve the numbers displayed in "App Analytics" under "Metrics" > "Active Devices" using the API.
Since there does not seem to be a dedicated report for this metric I am using the daily "App Sessions Standard" report and by looking at the "Sessions" field I am able to recreate the numbers displayed for the "Sessions" metric.
However if I try to infer the active devices by looking at the "Unique Devices" field my numbers for individual days are in the same ballpark (deviations may be attributable to privacy reasons?), but the total number of devices is way off. Is there a better way to recreate this metric?
Hi,
I launched and released my app in the App Store after first App build is approved. But its subscriptions are still in the status of Pending Binary Approval. So currently in my App subscription is empty. Is this normal to wail a bit? or should i do something asap. It's very strange for users to see no subscription options in a launched App I think.
My app was removed and my account terminated without any notice.
Apple indicated that I violated section 3.2(f) of the ADP, but I did not engage in any unlawful or misleading acts in my business practices. So I submitted an appeal to clarify the situation, but there has been no response. I also tried reaching out for help via general email, but still received no reply. Any advice on how to get a response from Apple? It seems my termination was automated, and no human has reviewed my appeal. I appreciate any help you can provide.