Scope
App Store Connect (iOS) and Google Play Console (Android). Covers the full publishing lifecycle from account creation to updates. For keyword optimization, see app-store-optimization skill.
Account Setup
| Platform | Cost | Time | Key Steps |
|---|
| Apple Developer Program | $99/year | 1-7 days | Enroll → D-U-N-S (orgs) → Payment → Agreements |
| Google Play Console |
$25 once | Minutes-48h | Register → Identity verification → Payment profile |
Apple gotchas:
- - D-U-N-S number required for organizations (free, takes 1-2 weeks)
- Legal entity name must match D-U-N-S exactly
- Agreements (Paid Apps, Apple Pay) must be accepted before features work
Google gotchas:
- - Identity verification can take 48h+ for new accounts
- Closed testing track required before production (20+ testers, 14+ days for new apps since 2023)
iOS Signing (The Hard Part)
| Asset | What It Is | Where Created | Expires |
|---|
| Distribution Certificate | Your signing identity | Keychain → App Store Connect | 1 year |
| Provisioning Profile |
Links cert + app ID + devices | App Store Connect | 1 year |
| App ID | Unique identifier (bundle ID) | App Store Connect | Never |
When Xcode says "No signing identity":
- 1. Check certificate exists in Keychain Access (login keychain)
- Check provisioning profile includes that certificate
- Check bundle ID in Xcode matches App ID exactly
- Revoke and recreate if nothing else works
Automatic vs Manual Signing:
- - Automatic: Xcode manages everything (fine for solo devs)
- Manual: Required for CI/CD, teams, or multiple apps
- Never mix — pick one approach per project
Submission Checklist
Pre-submit verification (both platforms):
- - [ ] Privacy policy URL live and accessible
- [ ] All required permissions have usage descriptions
- [ ] App works without network (or handles offline gracefully)
- [ ] No placeholder content, "lorem ipsum", or test data
- [ ] Screenshots match actual app UI (no misleading marketing)
- [ ] Contact support email valid and monitored
iOS-specific:
- - [ ] Export Compliance (ITSAppUsesNonExemptEncryption in Info.plist)
- [ ] App Tracking Transparency if using IDFA
- [ ] Privacy manifest (PrivacyInfo.xcprivacy) for required APIs
Android-specific:
- - [ ] Target SDK meets current requirement (currently API 34)
- [ ] Data safety form completed
- [ ] Content rating questionnaire filled
- [ ] 20+ testers on closed track for 14+ days (new apps)
Common Rejections
| Code | Meaning | Fix |
|---|
| 4.2 (iOS) | Minimum functionality | Add features, or argue value proposition in appeal |
| 4.3 (iOS) |
Spam/duplicate | Differentiate significantly from your other apps |
|
5.1.1 (iOS) | Data collection | Implement App Tracking Transparency, update privacy manifest |
|
2.1 (iOS) | Crashes/bugs | Test on real devices, check Crashlytics |
| Deceptive behavior (Android) | Misleading metadata | Match screenshots to real functionality |
| Broken functionality (Android) | App doesn't work as described | Full QA on production build |
Appeal strategy:
- 1. Read rejection reason carefully (don't assume)
- If misunderstanding: Explain with screenshots, video if needed
- If valid: Fix issue, note what changed in resolution notes
- Never resubmit identical binary hoping for different reviewer
Review Timeline
| Platform | Typical | Expedited | Slower Periods |
|---|
| Apple | 24-48h | Request via App Review form | New iOS launches, holidays |
| Google |
2-6h | N/A | Initial submissions, policy violations |
Apple expedited review: Only for critical bugs, time-sensitive events. Overuse = ignored.
Monetization Setup
In-app purchases (IAP):
- 1. Create products in App Store Connect / Play Console
- Implement StoreKit (iOS) / BillingClient (Android)
- Set up server-side receipt validation (don't trust client)
- Handle sandbox vs production environments
Subscriptions:
- - Configure introductory offers, free trials, grace periods
- Implement subscription lifecycle: renewal, cancellation, billing retry
- Server notifications endpoint for real-time status updates
- Test with sandbox accounts (both platforms have quirks)
Revenue splits: Apple/Google take 15-30% (15% for Small Business Program or after year 1 of subscription).
Multi-App Management
Organization structure:
- - Apple: One enrollment, multiple apps, team roles per app
- Google: One developer account, multiple apps, user permissions
Team roles (critical):
- - Separate "submit builds" from "release to production"
- Marketing should access metadata only
- Finance sees revenue, not code
Cross-platform releases:
- - Submit iOS first (longer review)
- Hold Android release until iOS approved
- Use phased rollout to catch issues early
When to Load More
| Situation | Reference |
|---|
| Keyword optimization, A/B testing | INLINECODE1� skill |
| Generating release notes from git |
app-store-changelog skill |
| TestFlight/internal testing setup |
testing.md |
| CI/CD automation (fastlane, APIs) |
automation.md |
范围
App Store Connect(iOS)和 Google Play Console(Android)。涵盖从账户创建到更新的完整发布生命周期。关键词优化请参考 app-store-optimization 技能。
账户设置
| 平台 | 费用 | 时间 | 关键步骤 |
|---|
| Apple 开发者计划 | 99美元/年 | 1-7天 | 注册 → D-U-N-S(组织)→ 付款 → 协议 |
| Google Play Console |
25美元(一次性) | 几分钟至48小时 | 注册 → 身份验证 → 付款资料 |
Apple 注意事项:
- - 组织需要 D-U-N-S 编号(免费,需1-2周)
- 法律实体名称必须与 D-U-N-S 完全一致
- 功能启用前必须接受协议(付费应用、Apple Pay)
Google 注意事项:
- - 新账户身份验证可能需48小时以上
- 生产环境前需进行封闭测试(自2023年起,新应用需20+测试者,14+天)
iOS 签名(难点)
| 资产 | 定义 | 创建位置 | 有效期 |
|---|
| 分发证书 | 您的签名身份 | 钥匙串 → App Store Connect | 1年 |
| 配置文件 |
关联证书 + 应用ID + 设备 | App Store Connect | 1年 |
| 应用ID | 唯一标识符(包名) | App Store Connect | 永久 |
当 Xcode 提示无签名身份时:
- 1. 检查证书是否存在于钥匙串访问(登录钥匙串)
- 检查配置文件是否包含该证书
- 检查 Xcode 中的包名是否与应用ID完全一致
- 如无效则撤销并重新创建
自动签名 vs 手动签名:
- - 自动签名:Xcode 管理一切(适合独立开发者)
- 手动签名:CI/CD、团队或多个应用时必需
- 切勿混用——每个项目选择一种方式
提审清单
提审前验证(双平台):
- - [ ] 隐私政策URL可正常访问
- [ ] 所有必要权限均有使用说明
- [ ] 应用无网络时能正常运行(或优雅处理离线状态)
- [ ] 无占位内容、lorem ipsum或测试数据
- [ ] 截图与实际应用UI一致(无误导性营销)
- [ ] 支持邮箱有效且有人监控
iOS 专属:
- - [ ] 出口合规(Info.plist 中的 ITSAppUsesNonExemptEncryption)
- [ ] 如使用 IDFA 需启用应用追踪透明度
- [ ] 必需API的隐私清单(PrivacyInfo.xcprivacy)
Android 专属:
- - [ ] 目标SDK符合当前要求(当前为API 34)
- [ ] 数据安全表单已填写
- [ ] 内容分级问卷已填写
- [ ] 新应用需20+测试者参与封闭测试14+天
常见拒绝原因
| 代码 | 含义 | 解决方案 |
|---|
| 4.2(iOS) | 功能最低要求 | 添加功能,或在申诉中说明价值主张 |
| 4.3(iOS) |
垃圾/重复 | 与其他应用显著区分 |
|
5.1.1(iOS) | 数据收集 | 实施应用追踪透明度,更新隐私清单 |
|
2.1(iOS) | 崩溃/错误 | 在真机上测试,检查 Crashlytics |
| 欺骗行为(Android) | 误导性元数据 | 确保截图与实际功能一致 |
| 功能异常(Android) | 应用与描述不符 | 对生产版本进行全面QA测试 |
申诉策略:
- 1. 仔细阅读拒绝原因(不要臆测)
- 如为误解:用截图解释,必要时提供视频
- 如合理:修复问题,在解决说明中注明更改内容
- 切勿重新提交相同二进制文件期望不同审核结果
审核时间线
| 平台 | 常规 | 加急 | 较慢时段 |
|---|
| Apple | 24-48小时 | 通过 App Review 表单申请 | 新iOS发布、节假日 |
| Google |
2-6小时 | 无 | 首次提交、违反政策 |
Apple 加急审核: 仅限严重错误、时效性事件。过度使用将被忽略。
变现设置
应用内购买(IAP):
- 1. 在 App Store Connect / Play Console 中创建产品
- 实现 StoreKit(iOS)/ BillingClient(Android)
- 设置服务器端收据验证(不要信任客户端)
- 处理沙盒与生产环境
订阅:
- - 配置优惠活动、免费试用、宽限期
- 实现订阅生命周期:续订、取消、账单重试
- 服务器通知端点用于实时状态更新
- 使用沙盒账户测试(双平台均有特殊规则)
收入分成: Apple/Google 抽取15-30%(小型企业计划或订阅第一年后为15%)。
多应用管理
组织结构:
- - Apple:一次注册,多个应用,按应用分配团队角色
- Google:一个开发者账户,多个应用,用户权限
团队角色(关键):
- - 将提交构建与发布到生产分离
- 营销人员仅可访问元数据
- 财务人员查看收入,不查看代码
跨平台发布:
- - 先提交 iOS(审核时间较长)
- 待 iOS 批准后再发布 Android
- 使用分阶段发布以尽早发现问题
何时加载更多
| 情况 | 参考 |
|---|
| 关键词优化、A/B测试 | app-store-optimization 技能 |
| 从 git 生成发布说明 |
app-store-changelog 技能 |
| TestFlight/内部测试设置 | testing.md |
| CI/CD 自动化(fastlane、API) | automation.md |
