We have a cross platform App available on Mac, iOS & soon tvOS. We are adding a new App Group to be used by this app.
We also have a as yet unpublished future Mac Catalyst app that will need access to the App Group.
The Apple docs suggest prefixing app groups on Mac with the team ID but not on other platforms.
We would like to avoid prefixing with the team ID because:
- my understanding is that Mac Catalyst apps don't use the team ID and we would like to support that use case to communicate between our current cross platform app and the future catalyst app.
- Having a single code base but different group container IDs per platform means a bunch of extra conditional logic in the project we would rather avoid.
So with that context our aim is to have an app group that is named consistently across platforms and meets sandboxing requirements for App Store distribution.
However when developing using the non-team prefixed app group name on macOS Sequioa I see the following alert every time I launch the app.
I have the App Group listed correctly in the entitlements file and if I change the app group name on macOS from group.com.example to (TEAMID).com.example then it works as expected so I think the rest of the setup is correct.
Looking at the Sequoia Beta release notes it states:
Specifically, the app must use FileManager to get the app group container path and meet one of the following requirements: the app is deployed through Mac App Store; the app group identifier is prefixed with the app’s Team ID; or the app group identifier is authorised by a provisioning profile embedded within the app.
I am using Xcode managed signing and looking at the provisioning profiles I can see that the iOS one includes the app group but the macOS one does not. I assume that if I could somehow get the app group correctly add to the macOS provisioning profile then all would be good.
But I am now stuck on how to get the app group added to the macOS provisioning profile. It seems whatever I try Xcode does not want to add it. Presumably this is because it expects you to instead use a team ID prefixed app group which would not need to be added.
Is there any magic I can do to make this work with automatic signing?
If not then how would I go about setting it up manually and is that the best solution?
I have a similar problem that I posted about here: https://developer.apple.com/forums/thread/763826