I am trying to notarize an Electron app using electron-builderand electron-notarize. The docs state that an app specific password is needed and provides this link: Using app-specific passwords.
The problem is that link is about generating "app-specific passwords" for personal Apple ID accounts – not Apple Developer accounts. And I am part of a team and there is no place (e.g. a "Security" panel) in either my personal ADC account nor the parts of team account I have access too (where I have admin privileges).
I've tried all combinations I can think of for APPLEID and APPLEIDPASSwhen trying to notarize: my personal Apple ID & password, the team's Apple ID & password, "app-specfic passwords" I created in my personal account.
It's can't be this hard. What am I missing?
I have been able to solve my notarization issues. I don't know if this is "the right way" but it worked, so here is what I did – maybe it will save someone the time and frustration I went through.
Context: I am a contractor with "Admin" privileges on my client's Apple Developer account, along with my having a personal ADC account. As noted in my question, the Electron Builder docs state that an "app-specific password" is needed and links to an Apple doc about how to generate one. However, that link is or seems to be about generating a specific password to use with a 3rd party app like "Twitter" – so that one's personal Apple ID password is protected. At least that is the way I read it. There is no place within my personal ADC account or the Team account where such a password can be generated. So I generated a password in my personal ADC account.
This post from Electron Builder issues introduced an additional property to pass to notarize: the "ProviderShortname". As noted in the post, this can be accessed through:
xcrun altool --list-providers -u <personal APPLE ID> -p <app-specific pw generated within that acct>
This gives a list of memberships. I then used the Team ID as the value for "ascProvider" in the code below:
require('dotenv').config();
const { notarize } = require('electron-notarize');
exports.default = async function notarizing(context) {
const { electronPlatformName, appOutDir } = context;
if (electronPlatformName !== 'darwin') {
return;
}
const appName = context.packager.appInfo.productFilename;
return await notarize({
appBundleId: 'com.xxx.yyy.zzz',
appPath: `${appOutDir}/${appName}.app`,
appleId: process.env.APPLEID,
appleIdPassword: process.env.APPLEIDPASS,
ascProvider: process.env.ASCPROVIDER
});
};
The app successfully notarized (and Apple sends a confirmation email) and the rest of the packaging proceeded. I also ran into some issues with creating the dmg after the notarization receipt had been "stapled" to the app (which didn't occur prior to my attempts to notarize the app). These issues had to do with missing a required "message" and "lang" code (in my case "en-us"). I solved it by making the additions to the example `Electron Builder" provides as show below.
Again, I do not know if this is the "right way" to handle all of this – but it worked. I suppose that if one is an individual developer rather than part of a team, the boilerplate Electron Builder instructions work.
{
"languageName": "English",
"lang": "en-us",
"agree": "Agree",
"disagree": "Disagree",
"print": "Print",
"save": "Save",
"description": "",
"message": "If you agree with the terms of this license, press 'Agree' to install the software. If you do not agree, press 'Disagree'"
}