Desktop application publishing to Mac App Store

Our company is engaged in the development, support and maintenance of sites of any complexity. From simple one-page sites to large-scale cluster systems built on micro services. Experience of developers is confirmed by certificates from vendors.
8+Years of work900+Completed projects100+In house employees19+Partners
Development and maintenance of all types of websites:
Informational websites or web applications
Business card websites, landing pages, corporate websites, online catalogs, quizzes, promo websites, blogs, news resources, informational portals, forums, aggregators
E-commerce websites or web applications
Online stores, B2B portals, marketplaces, online exchanges, cashback websites, exchanges, dropshipping platforms, product parsers
Business process management web applications
CRM systems, ERP systems, corporate portals, production management systems, information parsers
Electronic service websites or web applications
Classified ads platforms, online schools, online cinemas, website builders, portals for electronic services, video hosting platforms, thematic portals

These are just some of the technical types of websites we work with, and each of them can have its own specific features and functionality, as well as be customized to meet the specific needs and goals of the client.

Offered services
Showing 1 of 1 servicesAll 2065 services
Desktop application publishing to Mac App Store
Medium
~3-5 business days
FAQ
Our competencies:
Development stages
Latest works
  • image_website-b2b-advance_0.png
    B2B ADVANCE company website development
    1212
  • image_web-applications_feedme_466_0.webp
    Development of a web application for FEEDME
    1161
  • image_websites_belfingroup_462_0.webp
    Website development for BELFINGROUP
    852
  • image_ecommerce_furnoro_435_0.webp
    Development of an online store for the company FURNORO
    1041
  • image_crm_enviok_479_0.webp
    Development of a web application for Enviok
    822
  • image_bitrix-bitrix-24-1c_fixper_448_0.png
    Website development for FIXPER company
    815
Show more works

Publishing Desktop Applications to Mac App Store

Mac App Store has stricter requirements than direct distribution: applications must work in App Sandbox, use only permitted entitlements, and pass Apple review. Electron applications are supported but require special configuration.

Difference between MAS and Direct Distribution

Parameter Mac App Store Direct Distribution
Signature Mac App Distribution Certificate Developer ID Certificate
Sandbox Mandatory Optional
Notarization Not needed (Apple review) Mandatory
Auto-updates App Store mechanism Squirrel/Sparkle
API Restrictions Stricter Less

Configuring electron-builder for MAS

# electron-builder.yml
mac:
  target:
    - target: mas       # Mac App Store
    - target: mas-dev   # For sandbox testing

  provisioningProfile:        build/embedded.provisionprofile
  entitlements:               build/entitlements.mas.plist
  entitlementsInherit:        build/entitlements.mas.inherit.plist
  hardenedRuntime:            false   # MAS doesn't require hardened runtime
  identity: "3rd Party Mac Developer Application: Company (TEAM_ID)"

Entitlements for MAS

<!-- build/entitlements.mas.plist -->
<?xml version="1.0" encoding="UTF-8"?>
<plist version="1.0">
<dict>
  <!-- App Sandbox — mandatory for MAS -->
  <key>com.apple.security.app-sandbox</key><true/>

  <!-- Network -->
  <key>com.apple.security.network.client</key><true/>

  <!-- If file access is needed -->
  <key>com.apple.security.files.user-selected.read-write</key><true/>

  <!-- For Electron: JIT needs separate entitlement child -->
</dict>
</plist>

<!-- build/entitlements.mas.inherit.plist — for Electron child processes -->
<?xml version="1.0" encoding="UTF-8"?>
<plist version="1.0">
<dict>
  <key>com.apple.security.app-sandbox</key><true/>
  <key>com.apple.security.inherit</key><true/>
</dict>
</plist>

Provisioning Profile

Need Mac App Store Distribution Profile:

  1. Go to developer.apple.com → Certificates, Identifiers & Profiles
  2. Create App ID with needed capabilities
  3. Create Distribution Certificate (3rd Party Mac Developer)
  4. Create Provisioning Profile type Mac App Store
  5. Download .provisionprofile and place in build/

Build and validation

# Build MAS package
npx electron-builder --mac mas

# Validate before submission
xcrun altool --validate-app \
  --file dist/mas/AppName.pkg \
  --type osx \
  --apiKey   "YOUR_API_KEY" \
  --apiIssuer "YOUR_ISSUER_UUID"

# Submit to App Store Connect
xcrun altool --upload-app \
  --file dist/mas/AppName.pkg \
  --type osx \
  --apiKey   "YOUR_API_KEY" \
  --apiIssuer "YOUR_ISSUER_UUID"

Modern alternative — xcrun notarytool and Transporter.app.

App Sandbox restrictions

Sandbox prohibits operations familiar to Electron developers:

  • No direct shell command execution via child_process.exec
  • No access to arbitrary file system paths
  • No auto-start at system boot (without LaunchAgent entitlement)
  • Inter-process communication — only via XPC or App Groups

To bypass some restrictions, use XPC Services — separate processes with extended permissions called from the main application.

GitHub Actions

- name: Build MAS
  run: npx electron-builder --mac mas
  env:
    APPLE_ID:          ${{ secrets.APPLE_ID }}
    APPLE_TEAM_ID:     ${{ secrets.APPLE_TEAM_ID }}
    CSC_LINK:          ${{ secrets.MAS_CERTIFICATE }}
    CSC_KEY_PASSWORD:  ${{ secrets.MAS_CERTIFICATE_PWD }}

- name: Upload to App Store Connect
  run: |
    xcrun altool --upload-app \
      --file "dist/mas/AppName.pkg" \
      --type osx \
      --apiKey   "${{ secrets.ASC_API_KEY }}" \
      --apiIssuer "${{ secrets.ASC_ISSUER_ID }}"

Apple review takes 1 to 7 days. Updates usually proceed faster than first publication.

Timeline

Setup of sandbox compatibility, provisioning profiles, and first publication to Mac App Store: 4–6 business days.