Developer ID

For apps that are downloaded from places other than the Mac App Store, developers can get a unique Developer ID from Apple and use it to digitally sign their apps. Signing your applications, plug-ins, and installer packages with a Developer ID certificate lets Gatekeeper verify that they are not known malware and have not been tampered with. Applications signed with a Developer ID can also take advantage of advanced capabilities such as CloudKit and push notifications.

Preparing Developer ID Apps

To distribute your Mac apps with Developer ID, you will need to be a member of the Apple Developer Program or Apple Developer Enterprise Program, obtain a Developer ID certificate, and create a Developer ID provisioning profile for apps using advanced capabilities such as CloudKit.

Managing Developer ID Certificate and Provisioning Profile Expiration

Apps signed with a Developer ID are evaluated by GateKeeper when a customer installs your application. If your application utilizes a Developer ID provisioning profile to support advanced capabilities, then that profile is also evaluated, both at app installation time and at every app launch. It is helpful to understand how the expiration of your Developer ID certificate and Developer ID provisioning profile will impact you and your users.

Developer ID certificates are valid for 5 years from the date of creation and Developer ID provisioning profiles generated prior to February 22, 2017* are valid until your Developer ID certificate expires.

  • For apps that do not utilize a Developer ID provisioning profile
    Gatekeeper will evaluate the validity of your Developer ID certificate when your application is installed. As long as your Developer ID certificate was valid when you compiled your app, then users can download and run your app, even after the expiration date of the certificate. However, you will need a new certificate to sign updates and new applications.
  • For apps that utilize advanced capabilities with a Developer ID provisioning profile
    Gatekeeper will evaluate the validity of your Developer ID certificate when your application is installed and will evaluate the validity of your Developer ID provisioning profile at every app launch. As long as your Developer ID certificate was valid when you compiled your app, then users can download and run your app, even after the expiration date of the certificate. However, if your Developer ID provisioning profile expires, the app will no longer launch.
  • For installer packages signed with a Developer ID Installer certificate
    Gatekeeper will evaluate the validity of your Developer ID Installer certificate when your installer package is run. Your installer package will only launch if your Developer ID Installer certificate is valid. Installer packages signed with a Developer ID Installer certificate that has expired must be re-signed with a valid Developer ID Installer certificate in order to run.

Any Developer ID app signed with a certificate that has been revoked can no longer be installed nor launch if it is already installed.

*To simplify the management of your Developer ID apps and to ensure an uninterrupted experience for your users, Developer ID provisioning profiles generated after February 22, 2017 are valid for 18 years from the creation date, regardless of the expiration date of your Developer ID certificate.

Technical Notes

Contact Us

Developer Forums

Post questions and share thoughts with fellow developers and Apple engineers.

Discuss with other developers

Bug Reporter

Submit bug reports and request enhancements to APIs and developer tools.

Report Bugs

Contact Us

Get personalized help with enrollment, membership, tools, and more.

Contact Apple Developer Support