Thanks, that is indeed a useful threat, but I am still not positive on what Apples officially supported way of doing this is. It seems like the client either has to share their distribution certificate or the external developers need to share their source code. Both these solutions are not ideal. And it is difficult for me to convince either side to make sacrifices on security. So having back-up from official Apple documentation/devSupport would also help me make a convincing case for 1 solution
ChrisKapinga
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
Last seen
From
Netherlands
Post
Replies
Boosts
Views
Activity
I don't fully understand the first scenario. If we would add external developers to our team, why would they still need to send an app for us to upload. I thought the whole point was that they could then do it themselves.
Also, is Apple recommending that we share our distribution certificate, the client is (understandably) very hesitant to do this. Even though it alone is not enough for any malicious party to do harm. It is a layer of security and stripping it seems risky.