LoginSignup
3
4

More than 3 years have passed since last update.

@Arime

Certificates, Identifiers & Profiles - Apple Developer (After the WWDC 2020)

Last updated at Posted at 2019-09-10

Apple Developer Program and Enterprise Program

Certificates

Certificates type Apple Developer Program
Apple Developer Enterprise Program		 For what purpose? OS platform File format Common name Notes
Apple Development Available
Available		 Sign development versions iOS, tvOS, watchOS, macOS Apps Apple Development: USER Name (USER ID) Xcode 11 or later
Apple Distribution Available
Not Available		 Submission to the App Store

Ad Hoc distribution		 iOS, tvOS, watchOS, macOS Apps Apple Distribution: USER/Organization Name (Team ID) Xcode 11 or later
iOS App Development Available
Available		 Sign development versions iOS, tvOS Apps iPhone Developer: USER Name (USER ID)
iOS Distribution (App Store and Ad Hoc) Available
Not Available		 Submission to the App Store

Ad Hoc distribution		 iOS, tvOS Apps iPhone Distribution: USER/Organization Name (Team ID)
In-House and Ad Hoc Not Available
Available		 Sign your iOS app for In-House

Ad Hoc distribution		 iOS, tvOS Apps iPhone Distribution: Organization Name
Mac Development Available
Available		 Sign development versions macOS Apps i
Mac App Distribution Available
Not Available		 Submission to the Mac App Store macOS Apps i
Mac Installer Distribution Available
Not Available		 Submission to the Mac App Store macOS App's Installer Package i
Developer ID Installer Available
Not Available		 Distribution outside of the Mac App Store macOS App's Installer Package i
Developer ID Application Available
Available		 Distribution outside of the Mac App Store macOS Apps i

i: Confirming ...

Apple Developer Program

Certificates

Create a New Certificate

Software

  • Apple Development
    • Sign development versions of your iOS, macOS, tvOS, and watchOS apps. For use in Xcode 11 or later.
  • Apple Distribution
    • Sign your apps for submission to the App Store or for Ad Hoc distribution. For use with Xcode 11 or later.
  • iOS App Development
    • Sign development versions of your iOS app.
  • iOS Distribution (App Store and Ad Hoc)
    • Sign your iOS app for submission to the App Store or for Ad Hoc distribution.
  • Mac Development
    • Sign development versions of your Mac app.
  • Mac App Distribution
    • This certificate is used to code sign your app and configure a Distribution Provisioning Profile for submission to the Mac App Store.
  • Mac Installer Distribution
    • This certificate is used to sign your app's Installer Package for submission to the Mac App Store.
  • Developer ID Installer
    • This certificate is used to sign your app's Installer Package for distribution outside of the Mac App Store.
  • Developer ID Application
    • This certificate is used to code sign your app for distribution outside of the Mac App Store.

Services

  • Apple Push Notification service SSL (Sandbox)
    • Establish connectivity between your notification server and the Apple Push Notification service sandbox environment to deliver remote notifications to your app. A separate certificate is required for each app you develop.
  • Apple Push Notification service SSL (Sandbox & Production)
    • Establish connectivity between your notification server, the Apple Push Notification service sandbox, and production environments to deliver remote notifications to your app. When utilizing HTTP/2, the same certificate can be used to deliver app notifications, update ClockKit complication data, and alert background VoIP apps of incoming activity. A separate certificate is required for each app you distribute.
  • macOS Apple Push Notification service SSL (Production)
    • Establish connectivity between your notification server and the Apple Push Notification service production environment. A separate certificate is required for each app you distribute.
  • Pass Type ID Certificate
    • Sign and send updates to passes in Wallet.
  • Website Push ID Certificate
    • Sign and send updates for Websites.
  • WatchKit Services Certificate
    • Establish connectivity between your notification server, the Apple Push Notification service sandbox, and production environment to update ClockKit complication data. When utilizing HTTP/2, the same certificate can be used to deliver app notifications, update ClockKit complication data, and alert background VoIP apps of incoming activity. A separate certificate is required for each app you distribute.
  • VoIP Services Certificate
    • Establish connectivity between your notification server, the Apple Push Notification service sandbox, and production environment to alert background VoIP apps of incoming activity. A separate certificate is required for each app you distribute.
  • Apple Pay Payment Processing Certificate
    • Decrypt app transaction data sent by Apple to a merchant/developer.
  • Apple Pay Merchant Identity Certificate
    • A client TLS certificate that is used to authenticate you to Apple Pay Payment Processing Servers

Intermediate Certificates

To use your certificates, you must have the intermediate signing certificate in your system keychain. This is automatically installed by Xcode. However, if you need to reinstall the intermediate signing certificate click the link below:

Worldwide Developer Relations Certificate Authority (Expiring 02/07/2023)
Worldwide Developer Relations Certificate Authority (Expiring 02/20/2030)

Identifiers

Register a new identifier

  • App IDs
    • Register an App ID to enable your app, app extensions, or App Clip to access available services and identify your app in a provisioning profile. You can enable app services when you create an App ID or modify these settings later.
  • Services IDs
    • For each website that uses Sign in with Apple, register a services identifier (Services ID), configure your domain and return URL, and create an associated private key.
  • Pass Type IDs
    • Register a pass type identifier (Pass Type ID) for each kind of pass you create (i.e. gift cards). Registering your Pass Type IDs lets you generate Apple-issued certificates which are used to digitally sign and send updates to your passes, and allow your passes to be recognized by Wallet.
  • Website Push IDs
    • Register a Website Push Identifier (Website Push ID). Registering your Website Push IDs lets you generate Apple-issued certificates which are used to digitally sign and send push notifications from your website to macOS.
  • iCloud Containers
    • Registering your iCloud Container lets you use the iCloud Storage APIs to enable your apps to store data and documents in iCloud, keeping your apps up to date automatically.
  • App Groups
    • Registering your App Group allows access to group containers that are shared among multiple related apps, and allows certain additional interprocess communication between the apps.
  • Merchant IDs
    • Register your Merchant Identifiers (Merchant IDs) to enable your apps to process transactions for physical goods and services to be used outside of your apps. Generate a Apple Pay Payment Processing certificate for each registered Merchant ID to validate transactions initiated within your app.
  • Music IDs
    • For each app that uses the Apple Music API, register a music identifier (Music ID) and then create an associated MusicKit private key.
  • Maps IDs
    • For each website that uses MapKit JS, register a Maps identifier (Maps ID) then create an associated private key.

Devices

Register a New Device

Register Devices
To create a provisioning profile for app testing and ad hoc distribution, you'll need to specify registered devices. If you use automatic signing, Xcode registers connected devices for you. Xcode Server can also be configured to register connected devices.

Note: If you remove a registered device from your account, it will continue to count against your device limit. At the start of your new membership year, Account Holders and Admins will be presented with the option to remove listed devices and restore the available device count.

Register a Device

Name your device and enter its Unique Device Identifier (UDID).

  • Platform
    • iOS, tvOS, watchOSmacOS
    • macOS
  • Device Name
    • (Input field)
  • Device ID (UDID)
    • (Input field)

Register Multiple Devices

Upload a file containing the devices you wish to register. Please note that a maximum of 100 devices can be included in your file and it may take a few minutes to process.

Download sample files

  • Device List
    • (Choose File)

Profiles

Register a New Provisioning Profile

Development

  • iOS App Development
    • Create a provisioning profile to install development apps on test devices.
  • tvOS App Development
    • Create a provisioning profile to install development apps on tvOS test devices.
  • macOS App Development
    • Create a provisioning profile to install development apps on test devices.

Distribution

  • Ad Hoc
    • Create a distribution provisioning profile to install your app on a limited number of registered devices.
  • tvOS Ad Hoc
    • Create a distribution provisioning profile to install your app on a limited number of registered tvOS devices.
  • App Store
    • Create a distribution provisioning profile to submit your app to the App Store.
  • tvOS App Store
    • Create a distribution provisioning profile to submit your tvOS app to the App Store.
  • Mac App Store
    • Create a distribution provisioning profile to submit your app to the Mac App Store.
  • Developer ID
    • Create a Developer ID provisioning profile to use Apple services with your Developer ID signed applications.

Keys

Getting Started with Keys

Creating a key allows you to configure, authenticate, and use one or more Apple services for that key. Unlike certificates, keys do not expire and can be modified to access more services after their creation. For more information on creating and using keys, refer to Developer Account Help.

Register a New Key

  • Apple Push Notifications service (APNs)
    • Establish connectivity between your notification server and the Apple Push Notification service. One key is used for all of your apps. Learn more
  • DeviceCheck
    • Access the DeviceCheck and AppAttest APIs to get data that your associated server can use in its business logic to protect your business while maintaining user privacy. Learn more
  • MapKit JS
    • Use Apple Maps on your websites. Show a map, display search results, provide directions, and more. Learn more
  • MusicKit
    • Access the Apple Music catalog and make personalized requests for authorized users. Learn more
  • Sign in with Apple
    • Enable your apps to allow users to authenticate in your application with their Apple ID. Configuration is required to enable this feature.
  • ClassKit Catalog
    • Publish all of your ClassKit app activities to teachers creating Handouts in Apple Schoolwork. Learn more

More

Sign in with Apple for Email Communication

Allow users to set up an account and sign in to your apps and associated websites with the Apple IDs they already have. Configuration is required to communicate with your users and receive updates from Apple.

Configure Sign in with Apple for Email Communication

In order to contact users that use Apple’s private email relay service, you must register email sources that your organization will use for communication. Domains and domains associated with email addresses must comply with Sender Policy Framework or DKIM standards. Learn more

Sign in with Apple Email Configuration settings

If our analytics detect emails sent from your account were not delivered by Apple's private relay service, we will notify the Account Holder and team admins. If you would like to opt out your team from receiving those emails, change the setting below.

  • Receive Sign in with Apple private email relay notifications
    • On(default) / Off

Email Sources

Register your email sources

All email addresses associated with your registered domains will be able to send and receive messages to and from customers using Apple's private email relay service.

  • Domains and Subdomains
    • (Input field): Enter a comma delimited list of email source domains and subdomains.
  • Email Addresses
    • (Input field): Enter a comma delimited list of email addresses.

Apple Developer Enterprise Program

Certificates

Create a New Certificate

Software

  • Apple Development
    • Sign development versions of your iOS, macOS, tvOS, and watchOS apps. For use in Xcode 11 or later.
  • iOS App Development
    • Sign development versions of your iOS app.
  • Mac Development
    • Sign development versions of your Mac app.
  • Developer ID Application
    • This certificate is used to code sign your app for distribution outside of the Mac App Store.
  • In-House and Ad Hoc
    • Sign your iOS app for In-House or for Ad Hoc distribution.

Services

  • Apple Push Notification service SSL (Sandbox)
    • Establish connectivity between your notification server and the Apple Push Notification service sandbox environment to deliver remote notifications to your app. A separate certificate is required for each app you develop.
  • Apple Push Notification service SSL (Sandbox & Production)
    • Establish connectivity between your notification server, the Apple Push Notification service sandbox, and production environments to deliver remote notifications to your app. When utilizing HTTP/2, the same certificate can be used to deliver app notifications, update ClockKit complication data, and alert background VoIP apps of incoming activity. A separate certificate is required for each app you distribute.
  • macOS Apple Push Notification service SSL (Production)
    • Establish connectivity between your notification server and the Apple Push Notification service production environment. A separate certificate is required for each app you distribute.
  • Pass Type ID Certificate
    • Sign and send updates to passes in Wallet.
  • Website Push ID Certificate
    • Sign and send updates for Websites.
  • WatchKit Services Certificate
    • Establish connectivity between your notification server, the Apple Push Notification service sandbox, and production environment to update ClockKit complication data. When utilizing HTTP/2, the same certificate can be used to deliver app notifications, update ClockKit complication data, and alert background VoIP apps of incoming activity. A separate certificate is required for each app you distribute.
  • VoIP Services Certificate
    • Establish connectivity between your notification server, the Apple Push Notification service sandbox, and production environment to alert background VoIP apps of incoming activity. A separate certificate is required for each app you distribute.

Intermediate Certificates

To use your certificates, you must have the intermediate signing certificate in your system keychain. This is automatically installed by Xcode. However, if you need to reinstall the intermediate signing certificate click the link below:

Worldwide Developer Relations Certificate Authority (Expiring 02/07/2023)
Worldwide Developer Relations Certificate Authority (Expiring 02/20/2030)

Identifiers

Register a new identifier

  • App IDs
    • Register an App ID to enable your app, app extensions, or App Clip to access available services and identify your app in a provisioning profile. You can enable app services when you create an App ID or modify these settings later.
  • Pass Type IDs
    • Register a pass type identifier (Pass Type ID) for each kind of pass you create (i.e. gift cards). Registering your Pass Type IDs lets you generate Apple-issued certificates which are used to digitally sign and send updates to your passes, and allow your passes to be recognized by Wallet.
  • Website Push IDs
    • Register a Website Push Identifier (Website Push ID). Registering your Website Push IDs lets you generate Apple-issued certificates which are used to digitally sign and send push notifications from your website to macOS.
  • iCloud Containers
    • Registering your iCloud Container lets you use the iCloud Storage APIs to enable your apps to store data and documents in iCloud, keeping your apps up to date automatically.
  • App Groups
    • Registering your App Group allows access to group containers that are shared among multiple related apps, and allows certain additional interprocess communication between the apps.
  • Music IDs
    • For each app that uses the Apple Music API, register a music identifier (Music ID) and then create an associated MusicKit private key.
  • Maps IDs
    • For each website that uses MapKit JS, register a Maps identifier (Maps ID) then create an associated private key.

Devices

Register a New Device

Register Devices
To create a provisioning profile for app testing and ad hoc distribution, you'll need to specify registered devices. If you use automatic signing, Xcode registers connected devices for you. Xcode Server can also be configured to register connected devices.

Note: If you remove a registered device from your account, it will continue to count against your device limit. At the start of your new membership year, Account Holders and Admins will be presented with the option to remove listed devices and restore the available device count.

Register a Device

Name your device and enter its Unique Device Identifier (UDID).

  • Platform
    • iOS, tvOS, watchOSmacOS
    • macOS
  • Device Name
    • (Input field)
  • Device ID (UDID)
    • (Input field)

Register Multiple Devices

Upload a file containing the devices you wish to register. Please note that a maximum of 100 devices can be included in your file and it may take a few minutes to process.

Download sample files

  • Device List
    • (Choose File)

Profiles

Register a New Provisioning Profile

Development

  • iOS App Development
    • Create a provisioning profile to install development apps on test devices.
  • tvOS App Development
    • Create a provisioning profile to install development apps on tvOS test devices.
  • macOS App Development
    • Create a provisioning profile to install development apps on test devices.

Distribution

  • Ad Hoc
    • Create a distribution provisioning profile to install your app on a limited number of registered devices.
  • tvOS Ad Hoc
    • Create a distribution provisioning profile to install your app on a limited number of registered tvOS devices.
  • Developer ID
    • Create a Developer ID provisioning profile to use Apple services with your Developer ID signed applications.
  • In House
    • To sign iOS apps for In House Distribution, you need a Certificate.
  • tvOS In House
    • To sign tvOS apps for In House Distribution, you need a Certificate.

Keys

Getting Started with Keys

Creating a key allows you to configure, authenticate, and use one or more Apple services for that key. Unlike certificates, keys do not expire and can be modified to access more services after their creation. For more information on creating and using keys, refer to Developer Account Help.

Register a New Key

  • Apple Push Notifications service (APNs)
  • Establish connectivity between your notification server and the Apple Push Notification service. One key is used for all of your apps. Learn more
  • MapKit JS
    • Use Apple Maps on your websites. Show a map, display search results, provide directions, and more. Learn more
  • MusicKit
    • Access the Apple Music catalog and make personalized requests for authorized users. Learn more
3
4
1

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
3
4