My app is a sync solution (imagine dropbox).
The user needs to sign in to access the app's features, and if he does not have any account already created, he can sign up.
The sign up asks for email id verification, and this email id is also used if the user has forgotten his password to send him one.
but Apple has rejected this app saying:
17.2: Apps that require users to share personal information, such as email address and date of birth, in order to function will be rejected
We found that your app requires customers to register with personal information to access non-account-based features, which is not in compliance with the App Store Review Guidelines.
Apps cannot require user registration prior to allowing access to app features and content that are not associated specifically to the user. User registration that requires the sharing of personal information must be optional or tied to account-specific functionality. Additionally, the requested information must be relevant to the features.
Although guideline 11.6 of the App Store Review Guidelines requires an application to make subscription content available to all the iOS devices owned by a single user, it is not appropriate to force user registration to meet this requirement; such user registration must be made optional.
It would be appropriate to make it clear to the user that registering will enable them to access the content from any of their iOS devices, and to provide them a way to register at any time, if they wish to later extend access to additional iOS devices
Please help me solve this. Many apps like dropbox/facebook require login.
I don't get the exact reason why they rejected my app.
Also, please guide about the in app purchase, why registering cannot be mandatory
Asked App Store Review people for clarification on their rejection.
They accepted it. and the app got approved :D
Its on Appstore now :)
I also Faced this kind of Problem and my app also Rejected due to this.And Again I Changed my App flow Like User Registration will be Optional. User can See all the Feature of the app with out Registration by skipping this step.If he want to do something user-specific then you can ask to register such as : (user like,comment,photo upload etc) or else he can use the contents and features which are public.
in Case of in-app Purchase You can Prompt user that if He will Register with your app he can able to use this Content in his all devices.
It would be appropriate to make it clear to the user that registering will enable them to access the content from any of their iOS devices, and to provide them a way to register at any time, if they wish to later extend access to additional iOS devices
Apple does not allow apps that require you to share person information to work, like an e-mail address.
You options are, remove the need for an e-mail address or remove account creation form you app and move it to a website.
It also states that you app is asking to create an account to access the full app and even needs the account or acces features that do not require the user to have an account. You can make those features available with out the account creating you might be able to get thru the review.
The reason apps like Facebook and Dropbox got thru the review proces is because they don't have a register option which is in app only. They redirect to a website.
I recently spoke to an Apple Rep over the phone in regards to an app of mine that was also accused of violating clause 17.2.
I explained to him that the email would be used for password recovery, monitoring transactions within the marketplace, and managing any inappropriate behavior (such as users uploading offensive or copyrighted content). The rep responded, "Sir, the clause states 'Apps that require users to share personal information, such as email address and date of birth, in order to function will be rejected'. I cannot allow you to require your users to submit their emails if its not account-based". He did not seem to understand that the emails are account-based for the very sole purpose of security.
I did mention to him that Instagram and Facebook alike require logins at startup. He simply replied, "Yes but those apps are entirely account-based."
Honestly, I felt he was blindly following Apple's Guidelines ("Because that's what it says we must strictly follow!"). He had little understanding of how social networking apps operate, and even less understanding of the law (specifically the DMCA - on a separate issue). Explaining to them how all that works proves to be futile; they wont budge because they are asked to follow Apple's BROAD Clauses as strictly as they do.
My conclusion: I had to compromise the app's user flow such that the app's registration page can be skipped, and all other functions within its marketplace were locked to non-registered users. It makes no sense.
The sign up asks for email id verification, and this email id is also used if the user has forgotten his password to send him one.
Apps cannot require user registration prior to allowing access to app features and content that are not associated specifically to the user.
It seems to me that the point is that you are asking the user to provide his email address as a step towards the creation of a user account. This is different from what dropbox and other apps do (i.e, you provide your credentials for your dropbox account, which is different from your email address, although it can be the same).
You may either remove altogether email verification, or you could postpone it to a later point when you have made clear to the user that this is required to access private information.
I got the same thing last week and this is Apple's reply:
As for the 17.2 issue, a nickname, avatar, or sharing are not inherent or specific features of those social networks, and thus, the user should not be required to register with those services, or provide you with access to their social network accounts. The user should not be prevented from using your app and service if they do not provide this information.
Instead, it would be appropriate use your own authentication method and give users the option to create a nickname and upload an avatar, independent from those networks.
Moreover, we realize that these social networks may be very popular. However, the popularity of the social network is not an appropriate reason to force a user who has not, or chose not to register and provide their personal information to those services, before they can use your app.
Therefore, we ask that you to include your own authentication mechanism to allow the user the option to register only with you, creating an account with only the information needed and relevant to your app's features.
Best regards,
App Store Review
So in short, you have to provide custom authentication and not just use Facebook. Although I've seen many Apps who do require you to login with Facebook.
Thanks,
James
It happened same for me, although the first version was approved, the second version was rejected for this reason, I added the Skip button at the landing view.
It's all summarized in the last paragraph. Apparently, your application doesn't inform the user (in a clear way) that registering is for syncing and from their reply, it seems that your application is useless without the Sign Up.
If that's the case, you should be more specific why you need the user to register.
On a side note, I personally don't like the applications/websites that force you to register before you see or try anything. I hope your application isn't the same.
I think I have what must be a very common problem to solve and although there are a few questions/answers on Stackoverflow/google which talk about very similar problems/solutions I havent managed to convert those particular solutions to meet my own requirements.
Essentially I have built my app, now I need to implement a layer, before the app can be used, that manages Authentication (Login/SignUp) and then Authorisation (does this user have a licence to run this app).
Authentication
present login view, if login then a web service is called to authenticate, if successful it will allow the user to move the authorisation (below).
If signUp then a 2 step signUp process is initiated, step 1: capture details (name, email, password, agree terms) step 2: validate email address using a token send to recipient.
Once you are authenticated i plan to update NSUserDefaults to skip this part on next use. (unless the user wishes to unregister the device with the user account)
For authorisation it is a simple web service call to verify if this user has access to this app. If the licence expires in <30 days then UIAlertView accordingly and allow the user to use the app. If no licence then offer user a choice of (try or buy(inAppPurchase)) and proceed accordingly.
I guess the 'detail' above is irrelevant really my point is to illustrate that it's a little more involved than displaying a single view.
I've found questions/answers suggesting presenting modal views and others adding subviews to rootviewcontroller in the appDelegate, but nothing that allows me to be more structured.
If anyone could point me in the right direction of some pertinent articles/examples that would be great. Or any views/opinions on an approach, I don't want to do this bit twice :)
The way it's done in https://github.com/Cocoanetics/MyAppSales
Will probably set you in the right direction.
I hope you keep in mind apple doesn't allow 'trial' apps:
2.9 Apps that are "beta", "demo", "trial", or "test" versions will be rejected
I'm working on an app where I'd like to be able to do things with a user's Facebook username. I know that I can get this through the basic user object, but I'm worried about the case where the user doesn't have a FB username when they register with my site/application, but does gets one later. The question is how to test this with FB test users:
A user (a regular user, anyway) has to be verified before they can get a username. Is it possible to verify test users?
If so, is it then possible to give a test user a username?
Is it possible to change that username as part of the testing process (on the chance that my code doesn't work perfectly the first time :)?
What I'm thinking of doing is setting up a realtime subscription on "username", which I've established is possible. If the user above suddenly gets a username, my app gets notified and I can do whatever I do with it. But that implies that a lot of other things are possible, which they may not be. I could retrieve and check the user object on login and keep updating the fields, but I'd prefer to avoid that if possible. Any advice out there?
You cannot claim usernames for test users. You will have to use your own account or test with a real fake account, which Facebook frowns upon.
I am getting ready to submit an educational app to Apple for review. The app is somewhat like a series of flash cards, and working through the entire app would require thousands of "flips".
In the hopes of shortening the review process and preserving some poor tester's sanity should s/he want to see the end state of the app, I am considering adding some way to fool the app into thinking that the user is done. My first thought is to add a check for a boolean in standardUserDefaults that would do such, and giving the name of the setting in the "provide us with login information" field on the app submission page.
So my question is, does anyone know if app reviewers are able to directly edit NSUserDefaults values?
Alternatively, does anyone have any other good ideas for accomplishing this?
(I would prefer to avoid "secret key press" type solutions if possible...)
As part of the submission process apple will ask if your app has any "demo" or "test" accounts. They are intended for just this purpose. So you may want to consider including a "secret code" and document it in this section. I know you said you don't want to go that route, but i highly doubt a tester is going to do anything outside of the standard process (such as edit NSUserDefaults)
Have the test account you give Apple for review (password protected) ask your server for permission to unlock all the data. You can disable this test account on your server after the app is approved; and/or after a certain date, by which time you expect the app to be in the App store.
I'm trying to make a login system for my cocoa app. How would I do this? I know it involves SQL, but I know nothing of SQL. I want the user to register or login. It would be easier if apple had a source code for this kind of thing, but I don't think they do.
Best Regards,
Kevin
Implement the login system on the server. Then all you have to worry about in your app is:
send them to your website via URL to
sign up
query for a name and password
if name and/or password is incorrect more than three times, go to 1
user is logged in. Do something.
You can also use the keychain on the iPhone to securely store and retrieve passwords. Here's excellent code from Sci-Fi Hi-Fi. You prompt for a password, store it securely in the keychain for later comparison. Pretty simple. Documentation on the site.