[GH-ISSUE #418] option to use developer account signing profile without username & password #104

New issue

Open

opened 2026-03-04 00:23:55 +03:00 by kerem · 1 comment

kerem commented 2026-03-04 00:23:55 +03:00

Owner

Copy link

Originally created by @DetachHead on GitHub (Apr 7, 2024).
Original GitHub issue: https://github.com/SignTools/SignTools/issues/418

according to the FAQ, using a developer account will sometimes trigger 2FA prompts:

You only need your Apple Developer Account's name and password. You will sometimes be prompted for a 6-digit code (2FA) when you sign an app, which you can submit on the service's web page.

this isn't ideal for my use case, as i want to allow users to sign apps who do not have access to my developer account, and i don't want to have to manually give them 2FA codes when requested. i also don't want to use the .mobileprovision method since it either won't have all entitlements or needs to be created for each app individually.

the codemagic CLI tools allow you to log in with an app store connect key identifier, issuer ID and private key, which bypasses 2fa, and it handles the creation of the mobileprovisions, certificates, etc. it would be nice if signtools could do the same thing

Originally created by @DetachHead on GitHub (Apr 7, 2024). Original GitHub issue: https://github.com/SignTools/SignTools/issues/418 according to [the FAQ](https://github.com/SignTools/SignTools/blob/master/INSTALL.md#22-signing-profile), using a developer account will sometimes trigger 2FA prompts: > You only need your Apple Developer Account's name and password. You will sometimes be prompted for a 6-digit code (2FA) when you sign an app, which you can submit on the service's web page. this isn't ideal for my use case, as i want to allow users to sign apps who do not have access to my developer account, and i don't want to have to manually give them 2FA codes when requested. i also don't want to use the `.mobileprovision` method since it either won't have all entitlements or needs to be created for each app individually. the [codemagic CLI tools](https://github.com/codemagic-ci-cd/cli-tools/blob/master/docs/app-store-connect/README.md) allow you to log in with an app store connect key identifier, issuer ID and private key, which bypasses 2fa, and it handles the creation of the mobileprovisions, certificates, etc. it would be nice if signtools could do the same thing

kerem commented 2026-03-04 00:23:56 +03:00

Author

Owner

Copy link

@DetachHead commented on GitHub (Apr 7, 2024):

looks like this is blocked by https://github.com/fastlane/fastlane/issues/18157

<!-- gh-comment-id:2041408476 --> @DetachHead commented on GitHub (Apr 7, 2024): looks like this is blocked by https://github.com/fastlane/fastlane/issues/18157

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dependabot/npm_and_yarn/prettier-3.8.2

dependabot/docker/golang-1.26.2-alpine

dependabot/github_actions/docker/build-push-action-7.1.0

dependabot/go_modules/golang.org/x/crypto-0.50.0

dependabot/github_actions/docker/login-action-4.1.0

dependabot/github_actions/actions/setup-go-6.4.0

dependabot/go_modules/github.com/rs/zerolog-1.35.0

dependabot/go_modules/golang.org/x/oauth2-0.36.0

dependabot/github_actions/docker/metadata-action-6.0.0

dependabot/github_actions/docker/setup-buildx-action-4.0.0

dependabot/github_actions/docker/setup-qemu-action-4.0.0

dependabot/go_modules/github.com/labstack/echo/v4-4.15.1

dependabot/github_actions/goreleaser/goreleaser-action-7.0.0

dependabot/docker/alpine-3.23.3

dependabot/github_actions/actions/checkout-6.0.2

develop

v3.0.11

v3.0.10

v3.0.9

v3.0.8

v3.0.7

v3.0.6

v3.0.5

v3.0.4

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v2.6.2

v2.6.1

v2.6.0

v2.5.21

v2.5.20

v2.5.19

v2.5.18

v2.5.17

v2.5.16

v2.5.15

v2.5.14

v2.5.13

v2.5.12

v2.5.11

v2.5.10

v2.5.9

v2.5.8

v2.5.7

v2.5.6

v2.5.5

v2.5.4

v2.5.3

v2.5.2

v2.5.1

v2.5.0

v2.4.18

v2.4.17

v2.4.16

v2.4.15

v2.4.14

v2.4.13

v2.4.12

v2.4.11

v2.4.10

v2.4.9

v2.4.8

v2.4.7

v2.4.6

v2.4.5

v2.4.4

v2.4.3

v2.4.2

v2.4.1

v2.4.0

v2.3.15

v2.3.14

v2.3.13

v2.3.12

v2.3.11

v2.3.10

v2.3.9

v2.3.8

v2.3.7

v2.3.6

v2.3.5

v2.3.4

v2.3.3

v2.3.2

v2.3.1

v2.3.0

v2.2.6

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.8

v2.1.7

v2.1.6

v2.1.5

v2.1.4

v2.1.3

v2.1.2

v2.1.1

v2.1.0

v2.0.1

v2.0.0

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.8.5

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.7.3

v1.7.2

v1.7.1

v1.7.0

v1.6.0

v1.5.4

v1.5.3

v1.5.2

v1.5.1

v1.5.0

v1.4.5

v1.4.4

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.3.3

v1.3.2

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.1

v1.0.0

Labels

Clear labels   

bug

  

enhancement

  

enhancement

  

good first issue

  

help wanted

  

pull-request

Mirrored from GitHub Pull Request

  

question

No labels

bug

enhancement

enhancement

good first issue

help wanted

pull-request

question

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/SignTools#104

No description provided.