I purchased some paid apps using my Apple ID. Recently, I discovered that I can use Apple Configurator to install these paid apps on any iOS device, even if the device is not logged in with my Apple ID. After installation, the apps can still run normally. This is beyond my expectations. Shouldn't Apple protect the copyright of these paid apps and prevent them from being installed on devices that haven't paid for them?

I had a one day 50,000 unit institutional purchase of my app. Whenever I try to display a graph of downloads, the x-axis scale is so far off that the remainder of the days are invisible. Is it possible to filter out institutional purchases? None of these were actually downloaded AFAIK so I'm not sure why they are included.

Hello, I’m encountering an issue with my App Store Connect account. When I log in, I can only see the “Users and Access” section. The “Apps” section is not showing up, and I’m unable to view or manage my applications. I’ve tried the following steps with no success: Checked for any issues with my Apple Developer account or App Store Connect permissions. Logged in using different browsers and cleared cache. Ensured that my role (as an Admin/Account Holder) has full access. Has anyone encountered a similar problem? Could it be related to my account role, or is there a different issue that might be causing this? Any help or insights would be appreciated. Thanks!

Subject: Concern Regarding App Removal and Account Termination Under Guideline 3.2(f) Dear Apple Developer Team, I recently received a notification that my application is being removed from the App Store and my developer account is being terminated under Guideline 3.2(f). Despite submitting detailed, clear, and solution-oriented appeals, I have consistently received the same automated response. My application featured unique, high-quality, and professionally crafted content, adhering to Apple’s guidelines. I believe this decision may stem from some misunderstandings. However, I have been unable to connect with anyone for further clarification, and my appeals seem to be overlooked in favor of a standard response. As a developer, I have always prioritized compliance with Apple’s policies. In fact, during previous reviews, I explicitly ensured that my app met all requirements, even consulting Apple before implementing certain features. I am concerned that this decision may not fully reflect the effort and care I’ve put into adhering to Apple’s standards. I understand the high volume of appeals Apple receives and the pressure to make swift decisions. However, I strongly believe that a thorough review of my appeal would reveal that any potential issues have already been addressed. I urge Apple to approach this situation with the professionalism and fairness that the developer community expects. Recognizing and addressing such concerns would reinforce the trust and collaboration between developers and Apple. Thank you for your time and understanding. I sincerely hope for an opportunity to resolve this issue and continue contributing to the App Store ecosystem. Best regards,

Hi everyone, I’m encountering a recurring issue with my app submission, and I’d appreciate your insights. My app has been rejected due to Guideline 2.5.4 with the following feedback: Guideline 2.5.4 - Performance - Software Requirements The app continues to declare support for location in the UIBackgroundModes key in your Info.plist file but we are unable to locate any features besides employee tracking that require persistent location. Using the location background mode for the sole purpose of tracking employees is not appropriate. Please note we located the features of the app but the location background tracking of employees is not appropriate with this guideline. Next Steps If the app has a feature besides tracking employees that requires persistent location, reply to this message and let us know how to locate this feature. Otherwise, it would be appropriate to revise the app to include additional features for your users that require the persistent use of real-time location updates while the app is in the background My App’s Use Case: The app is designed to support events where users can check in and check out. Persistent location tracking is essential for the following: 1. During Events: • Tracking users’ real-time location ensures they remain within the event boundaries. • If a user exits the designated area, the system logs the occurrence for compliance and security purposes. 2. Workforce Monitoring: • For work events, the app records working hours based on their presence within the event area. • This ensures accurate logging of attendance and work durations. Steps I’ve Taken: • Limited Scope of Tracking: Persistent location tracking is active only during event check-in and check-out periods. Outside of these periods, tracking is disabled. • User Consent: I’ve implemented clear permission requests and a privacy policy to explain how location data is used. • Info.plist Configuration: I’ve declared the UIBackgroundModes key with location to support background tracking. Despite these measures, my app continues to be rejected with the feedback above. I believe my app’s features align with the guidelines as the location tracking is directly tied to event functionality and user benefit. Questions: 1. How can I better explain this use case to Apple’s review team to demonstrate compliance? 2. Are there any additional features or adjustments I should consider to ensure my app meets the guidelines? 3. Has anyone faced a similar issue with persistent location tracking, and how did you resolve it? Thank you for your guidance and support!

Hi, is there a way to remove just one platform from AppStore? Our app is available on iOS, tvOS and macOS and I want to remove macOS from AppStore. Is there a possibility to do that? I don't want to remove iOS and tvOS app.

Subject: Concern Regarding App Removal and Account Termination Under Guideline 3.2(f) Dear Apple Developer Team, I recently received a notification that my application is being removed from the App Store and my developer account is being terminated under Guideline 3.2(f). Despite submitting detailed, clear, and solution-oriented appeals, I have consistently received the same automated response. My application featured unique, high-quality, and professionally crafted content, adhering to Apple’s guidelines. I believe this decision may stem from some misunderstandings. However, I have been unable to connect with anyone for further clarification, and my appeals seem to be overlooked in favor of a standard response. As a developer, I have always prioritized compliance with Apple’s policies. In fact, during previous reviews, I explicitly ensured that my app met all requirements, even consulting Apple before implementing certain features. I am concerned that this decision may not fully reflect the effort and care I’ve put into adhering to Apple’s standards. I understand the high volume of appeals Apple receives and the pressure to make swift decisions. However, I strongly believe that a thorough review of my appeal would reveal that any potential issues have already been addressed. I urge Apple to approach this situation with the professionalism and fairness that the developer community expects. Recognizing and addressing such concerns would reinforce the trust and collaboration between developers and Apple. Thank you for your time and understanding. I sincerely hope for an opportunity to resolve this issue and continue contributing to the App Store ecosystem. Best regards,

Features being implemented store External Payment Report Implementation Language and Framework JAVA springboot a problem https://developer.apple.com/documentation/externalpurchaseserverapi/send-external-purchase-report?changes=latest_major I send jwt tokens in the header to the apple endpoint If a 401 authentication error occurs all of a sudden while being sent successfully in the beginning, a 401 error has occurred since then What I checked Tokens are being re-created and sent every time a report is sent I'm currently using aws ec2 load balancer and I get 401 error and when I shut down Tomcat and restart it, it works normally and then the above problem occurs again Even if I send the token that I used to send since 401 happened using postman, 401 error If my local server issues tokens again with the same content and sends the report to postman, it works fine Considering the above problems and the confirmed contents, why 401 problems suddenly occur I'd like to know how to solve that part. private String keyId="******"; private String issuerId="******"; private String bundleId = "ai.******"; Instant now = Instant.now(); Date issuedAt = Date.from(now); Date expiresAt = Date.from(now.plusSeconds(20 * 60)); public String createToken(){ try { PrivateKey key = getPrivateKey(); return Jwts.builder() .setHeaderParam("alg", "ES256") .setHeaderParam("kid", keyId) .setHeaderParam("typ", "JWT") .setIssuer(issuerId) .setIssuedAt(issuedAt) .setExpiration(expiresAt) .setAudience("appstoreconnect-v1") .signWith(key, SignatureAlgorithm.ES256) .claim("bid",bundleId) .compact(); }catch (Exception e){ e.printStackTrace(); throw new RuntimeException("JWT error", e); } } private static PrivateKey getPrivateKey() throws IOException, NoSuchAlgorithmException, InvalidKeySpecException { InputStream privateKey = new ClassPathResource("certs/SubscriptionKey_***********.p8").getInputStream(); String result = new BufferedReader(new InputStreamReader(privateKey)) .lines().collect(Collectors.joining("\n")); String key = result.replace("-----BEGIN PRIVATE KEY-----\n", "") .replace("-----END PRIVATE KEY-----", "") .replace("\n", ""); byte[] decoded = Base64.getDecoder().decode(key); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decoded); KeyFactory keyFactory = KeyFactory.getInstance("EC"); return keyFactory.generatePrivate(keySpec); }

We're seeking guidance regarding our latest app review (ID: fa69f469-2043-4069-a8be-249916c564ed) which raises concerns about our location services implementation. While we have submitted an appeal to the App Review Board, we'd greatly appreciate any community insights while we await their response. Key Issues: Our app calculates Islamic prayer times and Qibla direction - both requiring location services for religious accuracy Review suggests making the app work without location, which would prevent: Calculating accurate prayer times based on location Determining Qibla direction (mandatory prayer direction towards Mecca) Current Implementation: Two-step location permission process with proper iOS system prompts ATT framework properly implemented (screenshots provided) Non-location features (Quran, etc.) accessible without location/login Clear user communication about location requirements Previous Steps Taken: Provided screenshots showing ATT implementation Demonstrated proper location permission flows Explained religious requirements for location services Made non-location features accessible without permissions Question: How have other religious/prayer apps handled similar requirements where core functionality (prayer times, direction) inherently requires location services? I've attached a screen recording demonstrating: Two-step location permission process [Video Demo] Any guidance would be greatly appreciated, especially regarding best practices for implementing essential location services while meeting App Store guidelines.

We are producing a function to submit an Apple external purchase report. When I sent the report, I created a jwt token and put it in the header There are times when you operate normally and suddenly get a 401 error. When I checked the entity to log before sending the report, I found that the header was well contained and the token changed every time I called. Once you get 401 error, you have to shut down your server(tomcat) once and run it again May I know what kind of problem is causing this phenomenon? Or can I find a way to fix the problem? The server is using aws ec2 load balancer The back language is java spring boot jwt token create code private String keyId="******"; private String issuerId="******"; private String bundleId = "ai.******"; Instant now = Instant.now(); Date issuedAt = Date.from(now); Date expiresAt = Date.from(now.plusSeconds(20 * 60)); public String createToken(){ try { PrivateKey key = getPrivateKey(); return Jwts.builder() .setHeaderParam("alg", "ES256") .setHeaderParam("kid", keyId) .setHeaderParam("typ", "JWT") .setIssuer(issuerId) .setIssuedAt(issuedAt) .setExpiration(expiresAt) .setAudience("appstoreconnect-v1") .signWith(key, SignatureAlgorithm.ES256) .claim("bid",bundleId) .compact(); }catch (Exception e){ e.printStackTrace(); throw new RuntimeException("JWT error", e); } } private static PrivateKey getPrivateKey() throws IOException, NoSuchAlgorithmException, InvalidKeySpecException { InputStream privateKey = new ClassPathResource("certs/SubscriptionKey_***********.p8").getInputStream(); String result = new BufferedReader(new InputStreamReader(privateKey)) .lines().collect(Collectors.joining("\n")); String key = result.replace("-----BEGIN PRIVATE KEY-----\n", "") .replace("-----END PRIVATE KEY-----", "") .replace("\n", ""); byte[] decoded = Base64.getDecoder().decode(key); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decoded); KeyFactory keyFactory = KeyFactory.getInstance("EC"); return keyFactory.generatePrivate(keySpec); }

Hello My app got rejected with the message "We noticed your app shares a similar binary, metadata, and/or concept as apps submitted to the App Store by other developers, with only minor differences." In short, my app is a vpn app built entirely by me. In Russia almost all vpn protocols are blocked: wireguard, openvpn etc. And the only protocol they could not block was vless. It was hard to implement it, i spent like 3 weeks on it writing my own package on flutter. The app first was uploaded to android and shared through testflight with some of my friends. And everyone switched to my app, because it works perfect for their needs: accessing instagram, twitter etc. Those apps are blocked here. So on my first attempt publishing i got 2 errors: Vpn should be published on the account that is organization Spam rejection I registered a company and switched from individual account to a company. I also changed the ui of the app (although i agree most vpns share the same concept design). I got rejected again with only "Guideline 4.3(a) - Design - Spam". I appealed with a question why was it it rejected, explaining that the app was built by me, and of course, i use some libraries. I got the same roboting response. After that i added some features: Built in private browser Network connection speed Today submitted the new version hoping it would pass, but yet again got "Guideline 4.3(a) - Design - Spam". I'm really frustrated, because i spent 3 months developing the app. I understand there are dozens of vpns. But vpn is not exactly the simple feature app. Some are bad, some are good, and some doesn't work at all. My app doesn't have any ads and paid subscriptions. I also renamed my app to "Incognito - Browser, VPN". But can't get pass. Would like to get some advices. Please help P.S. Sorry for my bad grammar

Hi, I am trying to connect and use the App Store Connect API so that I can download app reviews remotely. I have read the documentation and have used the API address as stated in the documentation: GET https://api.appstoreconnect.apple.com/v1/apps/{id}/customerReviews. I keep on receiving a 403 error: "errors" : [ { "id" : "fbe7b837-2023-4f60-8fa0-88b50368f4cc", "status" : "403", "code" : "FORBIDDEN_ERROR", "title" : "This request is forbidden for security reasons", "detail" : "The API key in use does not allow this request" } I am using the same keys and headers that I use to connect to obtain sales reports info, which works absolutely fine, using the below link: https://api.appstoreconnect.apple.com/v1/salesReports Is there anything extra that I need to set up before I can access the reviews or am I missing something. Thanks.

I recently tried to upload my first app to the app store, but it got rejected, and I do not know how I can fix it. It got rejected because: The landing page of our app includes a URL that directs users to external mechanisms for purchases or subscriptions to be used in the app. The app includes an account registration feature for businesses and organizations, which is considered access to external mechanisms for purchases or subscriptions to be used in the app. But this app is an extension of our web application (Galantis). Galantis contains various features, including one called "MyTime". When a customer purchases this feature, their employees gain access to our app. This feature can only be purchased by one of our customers and not their employees. The credentials of these employees are created directly within our website because they need to be managed by their team leader. Anyone an idea of how I would fix this?

Can I change the bundle identifier for an app that I have pushed to TestFlight beta testing but have not released a single build to the App Store yet? I hover over the bundle identifier in the App Information section of the App Store Connect Apps page, but I do not currently see an option to edit it.

I am trying to retrieve the numbers displayed in "App Analytics" under "Metrics" > "Active Devices" using the API. Since there does not seem to be a dedicated report for this metric I am using the daily "App Sessions Standard" report and by looking at the "Sessions" field I am able to recreate the numbers displayed for the "Sessions" metric. However if I try to infer the active devices by looking at the "Unique Devices" field my numbers for individual days are in the same ballpark (deviations may be attributable to privacy reasons?), but the total number of devices is way off. Is there a better way to recreate this metric?

Hi, I launched and released my app in the App Store after first App build is approved. But its subscriptions are still in the status of Pending Binary Approval. So currently in my App subscription is empty. Is this normal to wail a bit? or should i do something asap. It's very strange for users to see no subscription options in a launched App I think.

My app was removed and my account terminated without any notice. Apple indicated that I violated section 3.2(f) of the ADP, but I did not engage in any unlawful or misleading acts in my business practices. So I submitted an appeal to clarify the situation, but there has been no response. I also tried reaching out for help via general email, but still received no reply. Any advice on how to get a response from Apple? It seems my termination was automated, and no human has reviewed my appeal. I appreciate any help you can provide.

Hello everyone, where can I change the email address that is in the information section of the App Store? https://apps.apple.com/de/app/start7-der-handball-manager/id6443919324?l=en-GB Thanks! Simon

My app currently doesn't specify multiple different appearances (Any, Dark, Tinted) for the App Icon. I want to release an update in which I plan to create a new AppIcon resouce which is going to contain these 3 appearances so that users on iOS 18 can have better experience. Once I will provide the new App Icon with the Any, Dark and Tinted variants, which of these variants will the App Store use for my app on the App Store? Does it depend on the user's system-wide choice of appearance? That is, would the App Store show a different icon appearance for my app for a person using the "Dark" option and a different app icon for the person using the "Light" option? Can I force the App Store to always display the "Any" variant of my icon on the App Store, regardless of the user's dark mode setting? My app targets iOS 13. What would happen if a person running iOS 13 would install the new update of my app, which newly contains all 3 App Icon color appearances? Would the "Any" variant be displayed and would iOS 13 ignore the "Dark" and "Tinted" variants? Or is there no backwards compatibility and older iOS version would display a blank app icon (the icon used by iOS for apps, which do not specify an App Icon)? P.S. Is this documented somewhere? Perhaps in a WWDC video or in documentation? I could not find enough in-depth information on this topic (especially on app icon appearance behavior on iOS 17 and older).

After waiting for few hours, I am still not able to edit the poster frame of app preview. Can anyone from App Store Connect assist me on this? Thank you.