Managing iOS code signing files - automatic provisioning

Manage your code signing files on bitrise.io. You can use iOS automatic provisioning to automatically download or generate the required provisioning profiles for your project.

With automatic provisioning, the iOS Auto Provision with App Store Connect API or the iOS Auto Provision with Apple ID Step will manage the Provisioning Profiles. You only have to upload the .p12 certificate files manually to bitrise.io.

Upload the distribution AND the development signing certificates

We strongly recommend uploading BOTH the development and distribution signing certificates for your project. Without the different types of certificates, you will not be able to generate different types of signed IPA files.

Before setting up automatic provisioning in your Workflow, make sure that:

  • You have at least Admin role in the Developer Portal team.

  • Apple Developer Portal integration to your Bitrise project is enabled.

Xamarin apps

Automatic provisioning with the iOS Auto Provision with App Store Connect API Step is not supported for Xamarin apps!

To set up iOS auto provisioning, you'll need to:

  1. Make sure you collected the required files with codesigndoc. You can also upload the distribution and development certificates with the tool!

  2. Make sure that you do NOT have the Certificate and profile installer Step in your Workflow.

    There is no need to have both and it might cause unforeseen issues.

  3. Add the iOS Auto Provision Step of your choice:

    • iOS Auto Provision with App Store Connect API Step

    • iOS Auto Provision with Apple ID Step

Configuring the iOS Auto Provision with App Store Connect API Step

  1. Make sure you have set up API key authentication to access App Store Connect.

  2. Add the iOS Auto Provision with App Store Connect API after any dependency installer Step in your Workflow, such as Run CocoaPods install or Carthage.

  3. Make sure that you do NOT modify your Xcode project between the iOS Auto Provision with App Store Connect API and the Xcode Archive & Export for iOS Steps.

    For example, do not change the bundle ID after the iOS Auto Provision with App Store Connect API Step.

  4. Click the Step to edit its input fields. You can see that the Build API token, Build URL, and the Xcode Project (or Workspace) path are automatically filled out for you.

    • Build API token: Every running build has a temporary API token on a Bitrise virtual machine. This token is only available while the build is running. The Step downloads the connected API key with the help of this API token and Bitrise saves it in a JSON file.

    • Build URL: The path where the JSON file is located.

    • Xcode Project path: The path where the .xcodeproj or .xcworkspace are located.

  5. Make sure the Distribution type input’s value matches the value of the Distribution method input in the Xcode Archive & Export for iOS step.

  6. Select a scheme in the Scheme input - you can restrict which targets to process.

Configuring the iOS Auto Provision with Apple ID Step

  1. Make sure you have set up Apple ID authentication for your app.

  2. Add the iOS Auto Provision with Apple ID after any dependency installer Step in your Workflow, such as Run CocoaPods install or Carthage.

  3. Make sure that you do NOT modify your Xcode project between the iOS Auto Provision with Apple ID and the Xcode Archive & Export for iOS Steps.

    For example, do not change the bundle ID after the iOS Auto Provision with Apple ID Step.

  4. Enter your team ID to The Developer Portal team ID input.

  5. Make sure the Distribution type input’s value matches the value of the Distribution method input in the Xcode Archive & Export for iOS step.

  6. Select a scheme in the Scheme input - you can restrict which targets to process.

  7. Optionally, you can set one more input if you use the Automatically manage signing option in Xcode: if the input of Should the step try to generate Provisioning Profiles even if Xcode managed signing is enabled in the Xcode project? is set to true , then the Step will try to generate a profile. If you use manual code signing in Xcode, this input has no effect.