2FA Apple auth info in Fastlane docs is incorrect
spraddles opened this issue · 4 comments
The "Separate Apple ID for CI" info located here is incorrect:
https://docs.fastlane.tools/best-practices/continuous-integration/
The only way that a separate Apple ID will work is if you have a developer account that IS NOT and individual status / i.e. it is a business organisation.
This is the only way that you can get the other Apple ID account to modify access to Certificates, Identifiers & Profiles.
More info here:
https://stackoverflow.com/questions/36935087/cant-access-certificates-identifiers-profiles-within-developer-apple-com/56581774
What exactly is wrong there? Is it missing some information?
Which answer are you linking to on the Stackoverflow question?
The key issue is using a CI service (I use Github Actions) and Fastlane certificate automation, as you need to have a "separate" Apple ID that:
- belongs to an "Organisation" (and is not Individual type)
- does not have 2FA
- has a role of "App Manager" / is not "Account Holder"
So the current Fastlane docs assume that your Apple Developer account is an "organisation" type, and if you wish to change from an Individual to an Organisation account, then you'll need to input your business credentials etc.
For example, my Apple Developer account is an "Individual" type:
This part of the Fastlane docs is incorrect, as it skips the part about the "Organisation" account type:
https://docs.fastlane.tools/best-practices/continuous-integration/
2 verifying sources are:
- When you try to access this link (in order to manage/view certificates) in your "separate" AppleID account, you get this error:
https://developer.apple.com/account/resources/certificates/list
- Stackoverflow advice:
So we should add that it has to be an org account?
Yes please, and also the fact that if you are not able to obtain an "Organisation" account type, then you are unable to use any Fastlane automation in a CI workflow ^
^ as you can't authenticate (correct me if I'm wrong here)