Documentation

AppCheck helps you capture, verify, and upload iOS compliance evidence. It can run your app in a simulator (or use your own capture), pull configuration details, and check them against App Store guidelines.

Overview

AppCheck has two main parts:

  1. CLI / Local Wizard: Runs on your machine to build your app, capture evidence, and upload artifacts.
  2. Dashboard: The web interface where you review runs, findings, and compliance status.

Getting Started

1. Installation

Choose an install method (requires Node.js, Ruby, and Xcode CLI tools).

>
curl -fsSL https://appcheck.pacsix.com/install.sh | bash

2. Initialization

Start with the AppCheck UI wizard (preferred). Run it from the folder that contains your Xcode project/workspace or Expo app.

appcheck ui

This will:

  • Detect your project type (Xcode, Expo, and more).
  • Launch the AppCheck UI Wizard.
  • Walk you through credentials and configuration.
  • Create an .appcheck/config.json file and store secrets securely.

3. Check Dependencies

Run the doctor command any time you need to confirm required tools are installed.

appcheck doctor

Usage Scenarios

Native iOS (Xcode)

Run appcheck init in the folder containing your .xcodeproj or .xcworkspace. AppCheck detects your schemes automatically.

Expo (Managed & Bare)

Managed Workflow: AppCheck detects your app.json and runs expo prebuild --platform ios to generate a temporary ios/ directory for building. Install dependencies first so prebuild can run. You can delete this directory later.

Bare Workflow: Works just like a native Xcode project.

Flutter

Run AppCheck from your project root. Make sure flutter build ios has been run or an ios/ directory exists. AppCheck targets the underlying iOS project.

App Store Connect Credentials

To verify your app's metadata and configuration, AppCheck needs read-only access to your App Store Connect account.

1. Key ID & Issuer ID

  • Go to App Store Connect > Users and Access > Integrations > Team Keys.
  • The Issuer ID is shown at the top.
  • The Key ID is shown in the list of keys.

2. .p8 Key File

  • Click the + button to generate a new API Key.
  • Name it "AppCheck" and give it App Manager access (required for metadata reading).
  • Download the .p8 file. Note: You can only download this once!

3. Team Name

  • This is simply the name of your team as it appears in the top-right corner of App Store Connect.

Using the AppCheck Wizard UI

The Wizard UI handles setup, configuration, and capture in one window.

Step 1: Welcome & Detection

AppCheck scans your directory to find Xcode workspaces or Expo configs.

  • Screenshot tip: Capture this screen to show project detection success.
  • Status: Shows "Xcode", "Expo (managed)", and similar labels.

Step 2: Setup

Enter your project details and credentials.

  • Bundle ID & Scheme: Select the correct build scheme.
  • App Store Connect: Upload your .p8 file here.
  • Upload Config: Enter your AppCheck API token from the Dashboard settings.

Step 3: Run Options

Configure how the run should execute.

  • Mode: Choose "Capture in Simulator" (standard) or "Bring Your Own" (upload existing screenshots).
  • Build Config: Defaults to Release. Use Debug if you have specific dev-only features to test.
  • Metadata: Check "Include App Store metadata" to download live store info.

Step 4: Capture

Controls for the simulator session. There is no record-a-video step. If you already have screenshots, capture them in sequence on another device and provide the path to the screenshots folder.

  • Screenshot: Click the camera icon (or press Enter in CLI) to take screenshots.
  • Screenshot Folder: Link the path to your captured screenshots for a BYO run.
  • Finish: Click Stop (or press Q in CLI) when done.

Step 5: Results

Shows the upload status and the Run ID. Use the link to open the report in the Dashboard.

Important Screens to Capture

For the best compliance review, ensure you capture:

  1. Paywall / Subscription Screen: Showing terms, price, and buttons.
  2. Sign Up / Login: Showing authentication options (Apple Sign In, etc.).
  3. Main App Flow: Capture the core screens users see during normal use.
  4. Settings / Account Deletion: Show the "Delete Account" button if your app supports account creation.
  5. Permissions Requests: Capture prompts for access you request (for example camera, microphone, or photo library).

Security & Privacy

AppCheck uses a "local-first" security model to protect your credentials.

Local Execution

All critical operations happen on your local machine: building your app, capturing simulator sessions, and extracting configuration.

Secret Storage

  • App Store Connect Keys: Your .p8 key and other credentials are stored securely in your system's Keychain (on macOS) or an encrypted local file.
  • No Server Access: These secrets never leave your machine. They are only used locally by the CLI to authenticate with Apple's APIs.

Telemetry (Opt-Out)

AppCheck collects lightweight, anonymous usage metrics from the CLI to improve reliability and onboarding.

  • Opt-out by default? No. Telemetry is enabled by default but you can disable it at any time.
  • Disable telemetry: Set APPCHECK_TELEMETRY=0 in your environment.
  • What we collect: High-level events like "init started", "run completed", and wizard steps.
  • What we never collect: API tokens, key files, secrets, or local file paths.

Open Source

The CLI and local components are open source, allowing you to audit exactly how your data and credentials are handled.

Troubleshooting

"Command not found"

Ensure you have installed the CLI or are running with bun run.

Simulator issues

  • Run xcrun simctl list to verify simulators are available.
  • Ensure Xcode is up to date.

Upload failures

  • Check your internet connection.
  • Verify your AppCheck Token is correct in the Setup step.