I want to understand the right way to manage the signing of my apps when the development is done by a 3er party company.
I'm working in a company, we are not mobile developers, so we use 3er party agancies to develop the apps we need. Even if we are not a development company, we want to upload all the apps i our store. And we don't want to give full access to the 3er party companies.
I believe that the best option is give a limited development certificate to one develope of the 3er party companies to make the archive, generate a IPA file and send it to us. Then, whit the IPA file, we are going to re-sign the file with our "production certificates"
It this the right aproach? Could be done by any 3er party companies? Can I limitate even more the access to 3er party companies developers?
Thanks!