I have a macOS application that was previously distributed under my personal Apple Developer account using a Developer ID certificate. We’ve recently transitioned distribution to our company’s Apple Developer account.
The app’s bundle identifier has been successfully transferred, and I’ve signed a new build of the app using the company’s Developer ID certificate. The app installs and runs correctly under the new signature. However, I’ve encountered a problem: the app is no longer able to access previously granted permissions (e.g., Screen Recording, System Audio Recording, and Input Monitoring). Furthermore, it cannot re-prompt for these permissions because they appear as already granted in System Settings.
From what I understand, this issue is due to the change in the code signing identity. Specifically, the designated requirements used by macOS to identify an app have changed, so the system no longer associates the new version of the app with the previously granted permissions (as outlined in Apple's Technical Note TN3127).
The only workaround I’ve found so far is to manually reset the app's permissions using Terminal commands (e.g., tccutil reset), but this is not something we can reasonably ask end users to do.
Question:
Is there a recommended or supported approach to either preserve permissions when changing Developer ID identities, or programmatically trigger a permissions reset for existing users? We're looking for a seamless solution that doesn't degrade user experience.
I’m not aware of a good solution to this problem )-: The options that I am aware of are either highly dependent on implementation details, or not a good user experience (tccutil reset), or don’t work for all privileges [1].
Probably the best option is to ship an entirely new app, that is, change the app’s bundle ID. This will let your team-signed build start from a clean slate. However, it also has drawbacks, the most obvious being data migration:
-
It doesn’t work well for document-based apps, because both apps end up ‘claiming’ your document type.
-
For a ‘shoebox’ app, you bump into app container and app group container protections.
Regardless of what else you do, I encourage you to file a bug requesting a better solution to this problem. Please post your bug number, just for the record.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] Notably, local network privacy (TN3179) is not reset by tccutil.