2 Replies
      Latest reply on Feb 19, 2020 8:34 AM by NoMAD-Dev
      derekfromcalgary Level 1 Level 1 (0 points)

        I understand that it is now possible for an organization to provide B2B apps to themselves. The advantage of B2B apps is that they never expire and don't require periodic provisioning profile validation and refresh.

         

        I am unclear on how this is possible though? Apps are build (using Xcode) such that they require a provisioning profile to be built. If this profiles expires, the app can no longer be launched. So how does B2B make apps never expire.

        My understanding is the flow is as follows:

        1. Build the app using code. Requires both a distribution profile, and a provisioning profile for the archive build to complete.

        2. Publish the app to Apple Connect and mark it as a B2B custom app (using the a DEP id).

        3. Once the app passes (we assume success) the review process, it shows up as a custom app in Apple Business Manager land.

        4. I can deploy the app via VPP Codes that I issue to users, or as a managed license.

         

        This is where I am confused. Let say I do nothing for the next 2 years. The provisioning profile that the app was originally built with has now expired. So how is the above statement correct? "The advantage of B2B apps is that they never expire and don't require periodic provisioning profile validation and refresh"?

         

        *** Update:*** I did some further research, and I'd like some extra clarification.  My understanding is that when it comes to BOTH Enterprise and with Custom apps, in both cases, I need a valid distribution profile, and a valid provisioning profile for the archive build to complete, this is where the similarity ends.

         

        In the Enterprise program (which I am most familiar with), I would have to police the app, and make sure that the provisioning profile used to build the app, doesn't expire.  This extra precaution is necessary because by going the Enterprise route we are bypassing the Apple Connect review process ... essentially taking responsibility into our own hands.  Hence the need for us to be cognizant of the provisions profile expiry dates.

         

        However, we have MUCH more flexibility under the Apple Connect route.  Since the app is being formally reviewed and distributed as a B2B custom app, the app is re-signed in Apple Connect/Apple Business Manager (ABM) when then provisioning profile is near expiry; so the provisioning profile then never expires.

         

        So returning to my example. Let say I do nothing for the next 2 years. The provisioning profile that the app was originally built with has now expired in developer.apple.com. It is of no concern of mine, as the app it was built with has been re-signed by apple (and hence can continue to be purchased via ABM.)

         

        But.. if I plan to build a new version of the app using that same (now expired provisioning profile in developer.apple.com), I will have to first blow away and recreate the provisioining profile (in developer.apple.com)

         

        Is my understanding correct?