I have the following scenario for a small sized company:
We use testflight (through itunes connect) to provide test builds to the QA team. When we need to publish a new version to the App Store, we simply press the "publish" button on itunes connect. So far, no complicated stuff.
Now, the managers want that only specific people should be able to publish the app on the store.
I could change some roles in the member sections of itunes connect in order to prevent them to deploy the app. But if I'm not wrong, there is no role that allows a member to publish builds to testflight but not to the App Store (after all, it would be too troublesome to ask for authorization only to send builds to the QA team).
I read a little bit about the enterprise developer license. With this license we are able to provide builds quite easily to our QA employees but unfortunately we cannot deploy the app to the actual App Store.
What's the best way to solve this issue? Using the enterprise license to deploy app to the QA team and use the normal developer license to deploy the app on the Store? It sounds too complicated, isn't it a better way to do it ?
This may or may not solve your needs. There's a tool called fastlane that automates much of the process of uploading apps to itunesconnect. You could create a simple app that you gave to the people who may distribute apps to QA. The user the simple app would be related to (though not visible to those users, depending on how encrypted the information in the app is) would be able to run the command to send new builds with the fastlane- generated app. But only someone with the Apple ID and password would be able to enter the itunes connect and submit apps for Apple Approval.