I am experienced Android Dev trying to understand iOS eco-system. I have been researching the "provisioning profile" and don't really understand what it is used for. I have read the following SO post and it makes me think that provisioning profile is basically the manifest file? Or is it similar to the signing keystore?
My assumption is because the android manifest tells the device how my app will behave, what services or permissions it needs, whether it is exportable by other apps, ect... It seems the provisioning profile might have a similar role?
Reference to question here: What is a provisioning profile used for when developing iPhone applications?
A Provisioning Profile is part of iOS security. When the user launches an app, ios verifies the provisioning profile embedded in that app to determine if the app is allowed to run.
During development, apps contain a provisioning profile that lists the device ids that the app can run on (the developer registers these in the Apple developer portal) and signatures that verify that the developer has a valid certificate signed by Apple.
When the app is published to the App Store, this provisioning profile is stripped out and replaced by Apple with one that they sign which allows the app to run on any device.
The capabilities required by an app (such as access to the camera) are contained in the info.plist file and in the app code; the file specified the reason that is shown to the user but the code is responsible for requesting access. Simply declaring a usage string in info.plist will not prompt the user to grant the permission. This way, permission requests can be made at a time when the context is clear to the user. E.g. when they have tapped a "camera" button in the app.