Self-Service Internal App Distribution with App Store Custom Apps
By Neha Srivastava
The One Medical iOS app is over 12 years old, and as the app’s feature set and scale have grown, so has the pace of development. As we continue to support more members with more ways to access health care, we’re focusing on faster and shorter feedback loops within the app development cycle. A part of that is to get our internal app in the hands of designers, product, quality engineering, product support, and other stakeholders as quickly and easily as possible. This blog explains how we reinvented our distribution process to make it almost hands-free and instant.
The Status Quo
We have invested a lot of time and effort in making our ad-hoc distribution process as low-effort as possible, but last year we hit a roadblock: Apple’s annual 100-device limit for developer accounts prevented us from installing the app on new devices. Additionally, it wasn’t a quick process. Even with our automated scripts and tools (thanks to Fastlane and Github Actions), distributing an internal app to a new device took two to four hours per instance. In order to run the app on a device, you need to register it using a unique device identifier (UUID), which is a multi-step process. The only thing worse than having to help someone find their device’s UUID on a Windows laptop is doing taxes! Overall, this process was frustratingly slow even when it worked and desperately needed a tune-up.
One-Click Solution
I asked my colleagues what the ideal solution would look like. “Imagine if you could just click a button and have an app installed, ready to go, with no setup needed,” one said.
We now had a goal — we wanted to build a system that:
- Could distribute on-demand
- Had minimal setup
- Did not require hand-holding from iOS engineers
- Would scale well with growing demand
- Required minimal maintenance
To approach this goal, I broke it down into two parts: finding an easy way to build and host the app, and building an automated distribution solution.
Custom Apps
For years, the Apple Developer Enterprise Program offering (aka in-house distribution) has been the default option for the large-volume distribution of apps to internal employees. In 2020, Apple announced an alternative — Custom Apps. Custom Apps are part of the Apple Developer program and are managed in Apple Business Manager (ABM), and are only available for download by users of your choosing. They don’t require device setup, don’t require distribution certificate management, and allow distribution of licenses via MDM or redemption codes. Most importantly, for all practical purposes there’s no limit to the number of devices we can install the app on. Plus, it has the added advantages of the App Store’s auto-update infrastructure, features like caching and app thinning, and TestFlight and App Store Connect tools like crash reports and app analytics.
The process for setting up a custom app in the App Store is straightforward, but there are some key points to keep in mind:
- The setup of an Apple Business Manager account requires pre-approval from Apple and a separate account from the one used for app submissions.
- The custom app option must be enabled in ABM before starting the submission process.
- Once marked for private distribution, the app cannot be converted to public distribution later. Think of it as tattooing your app’s fate on its forehead.
- Test sign-in credentials are required if the app requires sign-in, and the staging environment must be accessible to Apple app reviewers.
Integrating the new custom app into our existing deployment scripts and CI/CD pipeline was straightforward. We added a Fastlane lane for the new app bundle identifier with the app pointed to our staging environment. In our experience, the turnaround time for app approval is fast, so the submission cadence can be fairly flexible. We chose to sync it with our existing release cycle and submit off-cycle as needed, giving us early feedback on app approval before submitting the public release candidate.
Two Hours to Two Minutes
With our custom app ready to go, we needed a distribution strategy. Apple Business Manager allows for distribution via MDM or redemption codes. We chose to use redemption codes because:
- They are easy to generate in bulk, up to 10,000 at a time and 25,000 per week.
- They are unique codes, which limits potential misuse.
- They can be integrated into a super lightweight distribution setup.
- We can control the distribution of codes within the company.
- They can be used immediately by our users, without requiring extra work from us or them.
By generating hundreds of redemption codes at once, the process became much simpler. New app versions do not require a new redemption code, as updates are automatically pushed. With a list of redemption download links tracked in a Google Sheet, it only takes two minutes to grab a unique link and send it to the requester for installation.
Two Minutes to Two Seconds
While two minutes is a significant improvement, it still needed manual intervention. Can we automate this and save even more time? Yes! Using a Slack workflow with Google Sheets integration to read a list of download links and track usage, we are now completely self-service. The user clicks on a Slack workflow shortcut and is immediately sent a unique download link, reducing the turnaround time from minutes to seconds.
The Result
One Medical has been using this self-service distribution system for a few months now and has saved countless hours for both engineers and our internal users. The initial setup is a one-time cost that quickly pays for itself in time saved, and we highly recommend this as the new way forward.
Many thanks to Kris Markel for his invaluable feedback on multiple versions of this article, and to the iOS team for their support on the project.
