Hope somebody is familiar with this issue. There is an app an d related web service. The registration on the back-end requires login (email or username) and password. During Appstore review process we were informed that we are not allowed to ask appstore users to go through our registration form. And there we are stuck, what to do next? It is known that there is no way to get any unique key from Apple ID (forbidden due to privacy terms again) nor email.
So the questions is how to identify user of app if he changed on another device?
Related
In my app I ask user to grant permission for user_birthday. However when user authorizes the app Facebook does not mention user's birthday among other requested permissions. Do I have to get my app to review first and only then I may ask for user_birthday?
You either need to go through Login Review, or you have to add users to the App roles (Admin, Developer, Tester, ...). More information: https://developers.facebook.com/docs/facebook-login/review
There should actually be a very visible warning when you authorize as App Admin.
You need to submit your app for review with valid reason to get user_birthday. according to document - developer.facebook.com
If your app requests this permission Facebook will have to review how your app uses it.
When submitting for review, please be clear as to why age_range is not sufficient for your use case.
I have uploaded an app for review in iTunes Connect. The apps login procedure is as follows:
User enters his/her mobile number. If the mobile number is new and not in the database, an One Time Password(OTP) is sent as an SMS over the phone to the user and he/she may login.
If the number is already in the database, the user gets directly logged in.
My question is that what should I mention in the dummy account details?
I have mentioned a mobile number that is already in the database so that the reviewer may login and browse my app.
Should I mention the details about an entirely new user as sending OTP to US won't be possible?
Kindly guide.
here is an solution, if apple reviewer can't send OTP then just use this simple trick.
if app reviewer has a login ID/PASS but the OTP is required any of case then just create account for apple reviewer and set Static OTP on this particular account.
tell them ID/PASS and OTP. just simple
I think if you add some registered phone number in "username" section of submit for review form, it will be approved for that procedure.
I am working in an iOS application and I am asked to create a user registration with email and password. My friend told me that Apple rejects application if we prompt user to provide is personal information such as Phone number , email address and date of birth. So I am in a dilemma if I implement registration with email and password the apple will reject it or not. Need your suggesions
Thanks
Apple will not reject your application if it contains a user registration and your app needs the personal data. "Big" apps like Facebook or Twitter are in the app store and you have to sign up.
Of course there are a few limitations:
your app has to function without sharing personal information
you have to include a privacy policy
Further information can be found here: App Store Review Guidelines
I want to create an iOS app and use Facebook Login and it will also have other way to Login with email. I thought of keeping email-id field mandatory and unique so that users can be identified uniquely irrespective of the way of login!
Apple keep all the apps in serious consideration so does apple restrict this mandatory field of email in Facebook Login?
Does apple come into picture while communicating to Facebook Server?
Will Apple reject the app if email field is mandatory?
Apple does not allow apps that require you to share person information to work, like an e-mail address.
See: 17.2: Apps that require users to share personal information, such as email address and date of birth, in order to function will be rejected
It also states that your app is asking to create an account to access the full app and even needs the account or access features that do not require the user to have an account. You can make those features available without the account creating you might be able to get through the review.
If your app is featuring only account based functionality that is specific to a user, i don't think you will get rejection on asking users to register via email. Snippet from Apple app review guideline's clause 17.2 -
"Apps cannot require user registration prior to allowing access to app
features and content that are not associated specifically to the user.
User registration that requires the sharing of personal information
must be optional or tied to account-specific functionality.
Additionally, the requested information must be relevant to the
features."
I am asked by a client to build an iPhone app which works as follow:
User download the App for free from iTunes
User enter their email address when they first launch the app
They will be emailed activation key
User launch app and then enter this activation key to start using the App.
User do not have to pay for this activation key as the only purpose of this is that only employees of my client company can get the activation code and use it. So when they enter their email address activation key will only be sent if email address is from the same company.
I know I can use enterprise license to distribute app internally but it is not possible due to various reasons.
We do not want to their activation key every time so this will be stored in their settings.
Second questions is that if I want to force them to enter their activation key every month then does this violate apple guidelines.
I want to ask that if I build app as explained above then will it be rejected?
This will be rejected. See guideline 17.2 here:
https://developer.apple.com/app-store/review/guidelines/
simply create a session for 30 days, and expire that session in 30 days...
Apple have no issues in expired session plenty of my apps are live with it...
Just give a message you need to login to access the application features or something like that when user get logged out due to session expiration.
Kudos
This can be done if the client creates an enterprise app. With the enterprise app the app will have to be downloaded from the client's account and is not subject to Apple's restrictions above.