ITMS-90683: Missing Purpose String in Info.plist NSCameraUsageDescription - ios

I upload my app in app store successfully.
App store send me an email like this:
App Store Connect
Dear Developer,
We identified one or more issues with a recent delivery for your app, "Kupona Online" 1.0.2 (1.2). Please correct the following issues, then upload again.
ITMS-90683: Missing Purpose String in Info.plist - Your app's code references one or more APIs that access sensitive user data. The app's Info.plist file should contain a NSCameraUsageDescription key with a user-facing purpose string explaining clearly and completely why your app needs the data. Starting Spring 2019, all apps submitted to the App Store that access user data are required to include a purpose string. If you're using external libraries or SDKs, they may reference APIs that require a purpose string. While your app might not use these APIs, a purpose string is still required. You can contact the developer of the library or SDK and request they release a version of their code that doesn't contain the APIs. Learn more (https://developer.apple.com/documentation/uikit/core_app/protecting_the_user_s_privacy).
Best regards,
The App Store Team
To fix this error I put in Info.plist in Xcode 10.2.1 like in this:
but nothing happens. App store send me always this error.
How do I fix this error?

For NSCameraUsageDescription, Add the exact purpose of using camera in the Value column.
For example,

Folks are saying they're getting rejected even though they're not requesting access to camera. You have to know that Apple will scan your code with their static analysis tools. And even if you have this protected behind a feature flag, still the app store review process would reject your app. Because they don't know when you'll turn that feature flag on.
Additionally you could get this issue if a third-party service has a camera access related code in their code. Again even if you don't hit that line (of the 3rd party framework), you'd need that key in.
But then I've had issues where we've added that plist in, but then the app store review team was never able to test it out because the feature was protected by a feature flag. And because they couldn't test it, they didn't approve it ¯\ (ツ) /¯
Last but not least, if you did really need that key in your plist, then make sure its reasoning is generic enough to cover all cases e.g. If you need access to the camera for both take profile pictures and scanning QR code, then given that your app can request access for the camera at either the profile picture step or at scanning a PR code, then your description in the plist should cover both features, not just one of them. If you say "need access to take profile photos" then there is a chance that you could rejected if user hits the QR flow first but sees you're requesting access to take a profile photo. Hence you should say "need access to take profile photos and QR code scan for new devices"
tl;dr identify where in your app flow you're requesting access. If you need it then add its key/value in your plist. If you don't need it then comment out that line. You shouldn't just add the plist just for the sake of passing an app store review. It can fail but it can also succeed, while in a future release it would fail...

In the new version of IOS, apps accessing the camera trigger a dialog that will prompt the user to allow or deny permission for the app.
That's why you need to explain why the application is accessing the input device (Camera, Microphone, etc).
To do this, you need to edit your project Runner/info.plist file by adding the key and string description inside the dict tag.
<dict>
...
<key>NSCameraUsageDescription</key>
<string>My_app_name needs to access the camera to do x_thing.
</string>
<dict>
Or you can add it by opening your product in xcode the image below for more details.

Related

Flutter iOS app rejected because no purpose string for "NSLocationAlwaysUsageDescription", but the app doesn't use location services

I've just deployed a Flutter app to App Store Connect and received a rejection for the following reasons :
ITMS-90683: Missing Purpose String in Info.plist - Your app's code
references one or more APIs that access sensitive user data. The app's
Info.plist file should contain a NSLocationAlwaysUsageDescription key
with a user-facing purpose string explaining clearly and completely
why your app needs the data...
ITMS-90683: Missing Purpose String in Info.plist - Your app's code
references one or more APIs that access sensitive user data. The app's
Info.plist file should contain a NSLocationWhenInUseUsageDescription
key with a user-facing purpose string explaining clearly and
completely why your app needs the data...
Now, I know how to fix this by putting that string into my Info.plist file, EXCEPT this app doesn't use location services.
(at least not as far as I am aware)
I want to tell App Store Connect that I do not need location services.
What can I check for in my Flutter code that might be making iOS think I want location access?
If I'm not wrong, when you introduce the SKAdNetworkIdentifier, Apple will ask you yo provide these strings.
But!
To don't provide these strings should not be a reason for rejection if your app actually does not use user' location.
So either you(or a widget) actually uses the location, or your app was not rejected. Which you can extract from the fact that more likely in the first paragraph says:
...you may wish to correct the followin...

Can somebody provide me solution for apple app store

I received this message from the App Store Team:
We identified one or more issues with a recent delivery for your app,
"App Name here" 1.11 (11). Please correct the following
issues, then upload again.
ITMS-90683: Missing Purpose String in Info.plist - Your app's code
references one or more APIs that access sensitive user data. The app's
Info.plist file should contain a NSPhotoLibraryUsageDescription key
with a user-facing purpose string explaining clearly and completely
why your app needs the data. Starting Spring 2019, all apps submitted
to the App Store that access user data are required to include a
purpose string. If you're using external libraries or SDKs, they may
reference APIs that require a purpose string. While your app might not
use these APIs, a purpose string is still required. You can contact
the developer of the library or SDK and request they release a version
of their code that doesn't contain the APIs. Learn more
(https://developer.apple.com/documentation/uikit/core_app/protecting_the_user_s_privacy).
Best regards,
The App Store Team
How can I fix the described issue?
Basically NSPhotoLibraryUsageDescription this key is used by Apple to show when your app is trying to access Photo Library first time. That time Apple will ask the user whether they want your app to access Photo Library. Popup will look like.
I hope I have cleared your question.

NSLocationAlwaysUsageDescription purpose issue

We identified one or more issues with a recent delivery for your app, "my application name" Your delivery was successful, but you may wish to correct the following issues in your next delivery:
ITMS-90683: Missing Purpose String in Info.plist - Your app's code references one or more APIs that access sensitive user data. The app's Info.plist file should contain a NSLocationAlwaysUsageDescription key with a user-facing purpose string explaining clearly and completely why your app needs the data. Starting Spring 2019, all apps submitted to the App Store that access user data are required to include a purpose string. If you're using external libraries or SDKs, they may reference APIs that require a purpose string. While your app might not use these APIs, a purpose string is still required. You can contact the developer of the library or SDK and request they release a version of their code that doesn't contain the APIs. Learn more (https://developer.apple.com/documentation/uikit/core_app/protecting_the_user_s_privacy).
I got this message from App Store Team. It says that your delivery was successful but I forget to add purpose for the NSLocationAlwaysUsageDescription for location purpose.
if now I submit the application for review.Is there a chance that the application is rejected or it will submit successfully.
is it okay to update this change in next delivary

App store Missing Purpose String in Info.plist error

I use RN 0.59.10, I have just received this error, when I have uploaded previous versions last week - I didn't get this error. I don't use location details in my app.
Any ideas why this is happening?
ITMS-90683: Missing Purpose String in Info.plist - Your app's code references one or more APIs that access sensitive user data. The app's Info.plist file should contain a NSLocationAlwaysUsageDescription key with a user-facing purpose string explaining clearly and completely why your app needs the data. Starting Spring 2019, all apps submitted to the App Store that access user data are required to include a purpose string. If you're using external libraries or SDKs, they may reference APIs that require a purpose string. While your app might not use these APIs, a purpose string is still required. You can contact the developer of the library or SDK and request they release a version of their code that doesn't contain the APIs. Learn more (https://developer.apple.com/documentation/uikit/core_app/protecting_the_user_s_privacy).
ITMS-90683: Missing Purpose String in Info.plist - Your app's code references one or more APIs that access sensitive user data. The app's Info.plist file should contain a NSLocationWhenInUseUsageDescription key with a user-facing purpose string explaining clearly and completely why your app needs the data. Starting Spring 2019, all apps submitted to the App Store that access user data are required to include a purpose string. If you're using external libraries or SDKs, they may reference APIs that require a purpose string. While your app might not use these APIs, a purpose string is still required. You can contact the developer of the library or SDK and request they release a version of their code that doesn't contain the APIs. Learn more (https://developer.apple.com/documentation/uikit/core_app/protecting_the_user_s_privacy).
ITMS-90809: Deprecated API Usage - Apple will stop accepting submissions of apps that use UIWebView APIs . See https://developer.apple.com/documentation/uikit/uiwebview for more information.
You need to give proper message for asking location permission. why you need location or why its required.
Here its example. you can enter this message in your info.plist and change as per your requirements.
Example Message - App would like to use your current location to display it on the app, also for directions and estimation of your travel times. It is secure and private.
For last one message regarding your UIWebView, it's says that UIWebView is deprecated and you have to stop using and used WKWebView. If you have not used in your application then check in third-party libraries or .pod files. Somewhere its used so apple has given message.

Appcelerator - iOS app denied because of missing plist keys

Running SDK 5.5.0.GA and the iOS app is being rejected by Apple because of the following privacy keys that I have not included in the plist:
NSPhotoLibraryUsageDescription
NSMicrophoneUsageDescription
NSAppleMusicUsageDescription
I am not using any 3rd party modules or widgets and I am not aware what Titanium Module, Class, or Objects that would require these permissions. I have handled the one for the calendar as I am accessing the device's calendar but I am not using the microphone, apple music, nor the photo library.
Is there a way to figure out what Modules, Classes or Objects that would be using these?
I know I can get around the rejection by just adding these to the plist but I would like to figure out what is using them and not just get around it.
Thanks!
See https://jira.appcelerator.org/browse/TIMOB-23925
Unless you request a specific permission, the user shouldn't see the xUsageDescription string you put in the plist.
In one of our usages, the camera, we just added all the descriptions and said 'This app uses your camera to upload photos' and resubmitted. Its pending review now, so it passed the prescan 2nd time around.
Basically Apple prescans your binary on upload, finds some strings (method names) that it expects other things for and flags the binary. This is how binaries get rejected for using 'private methods' when in reality it may just be a function named 'offensively' in Apple's mind.

Resources