iOS App Patching
Learn how to patch your iOS app to prevent entitlement issues while testing on BrowserStack devices.
In App Accessibility testing, you can test iOS apps that use sensor-based features, such as biometric authentication. These features require custom entitlements, which are deleted when BrowserStack re-signs your app with a Developer certificate as a part of the upload process.
By using App Patching, you can prevent BrowserStack from resigning your app. This allows you to test sensor-based features without encountering iOS entitlement conflicts, authentication failures, or invalid certificate errors when testing on BrowserStack devices.
Additionally, App Patching allows you to use continuous scanning while testing apps with iOS entitlements.
The App Patching feature is available only to Enterprise customers. For more details check out our pricing page.
To patch and use your iOS apps for App Accessibility testing, you need to perform the following actions:
Convert your unsigned app to an instrumented app
To convert your unsigned app:
- Contact BrowserStack support to request access to the BrowserStack instrumentation endpoint.
- Use the instrumentation endpoint to upload your unsigned app to BrowserStack and get it instrumented.
- Save the instrumented app,
<customer_app_instrumented>.ipa
, to a local directory.
Sign the instrumented app
To sign the instrumented app using your custom signing certificate and provisioning profile. You can use the customer_app_signer.sh
script file provided by BrowserStack to sign the instrumented app.
Prerequisites:
-
Unlocked login keychain DB:
In your command line tool, run the following command:security unlock-keychain -p "<keychain_password>" "<absolute_path_to_login_keychain_db>
-
.mobileprovision
file:
Ensure you have the.mobileprovision
file corresponding to the signing certificate you will use to sign the app. For example,cert.mobileprovision
. This file is specific to your organization. -
BrowserStack signing script:
Obtain thecustomer_app_signer.sh
script file from BrowserStack. Contact BrowserStack support if you do not have the script file.
Sign the app
To sign the instrumented app:
- In the command line tool, run the following command to list available code signing identities:
security find-identity -v -p codesigning
The command returns the output in the following format:
`W19SNVTCZH0MKGL1527I3XJ3D028EWH9PJV4UY2S "iPhone Distribution: Example IPhone Inc."` `IFMJ2RVFIWQ1I4MM98T5O7H5F1WCFMBCVLM93HUL "iPhone Distribution: Example Apple Inc."`
- Copy and save the 40 char long string that corresponds to the certificate you want to use for signing. This string is the
provisioning_identity
that will be used in later steps. You can save it as a text file or note. - Generate the entitlements file by running the following command and add the absolute path to the
cert.mobileprovision
file.security cms -D -i </absolute_path_to/cert.mobileprovision> /tmp/tmp.plist && /usr/libexec/PlistBuddy -x -c 'Print:Entitlements' /tmp/tmp.plist > /tmp/cert.plist
Copy and save the
/tmp/cert.plist
file to a directory. - Create an
instrumentation_signing
directory and save the following files to it:- Instrumented Enterprise app that you received from BrowserStack,
customer_app_instrumented.ipa
-
customer_app_signer.sh
script file from BrowserStack -
cert.mobileprovision
file specific to your organization. -
cert.plist
entitlements file - 40 char long
provisioning_identity
as a text file or note.
- Instrumented Enterprise app that you received from BrowserStack,
- Run the following command after replacing the placeholders in angle brackets (
<>
) with the actual values:bash customer_app_signer.sh "<absolute_path_to_unsigned_instrumented_ipa>" "<provisioning_identity>" "<absolute_path_to_cert.mobileprovision>" "<absolute_path_to_signed_ipa>" "<absolute_path_to_cert.plist>" "<absolute_path_to_working_directory>"
The script file returns the signed instrumented app,
customer_app_instrumented_signed.ipa
.
Upload the signed and instrumented app
You must upload the app via App Live to enable the iOS entitlements testing. If you upload the app via App Accessibility, the iOS Entitlements toggle will not be available.
To upload the signed and instrumented app:
- Log in to the App Live dashboard.
- On the App Live dashboard, upload your app from your system or from a public URL.
- After your app is uploaded, click the configuration icon next to the file name of your app.
- Under App Configurations, enable iOS Entitlements and disable Biometric Authentication and Image Injection options.
- Navigate to the App Accessibility testing dashboard.
- Select an iOS device from the device listing to launch your test session.
- In the launch window, select Uploaded Apps if not already selected.
- Select the My Apps filter to view the list of apps you have uploaded.
- Select the app that you signed and instrumented. The session launches with the selected app.
We're sorry to hear that. Please share your feedback so we can do better
Contact our Support team for immediate help while we work on improving our docs.
We're continuously improving our docs. We'd love to know what you liked
We're sorry to hear that. Please share your feedback so we can do better
Contact our Support team for immediate help while we work on improving our docs.
We're continuously improving our docs. We'd love to know what you liked
Thank you for your valuable feedback!