I am working on an app in iTunes connect for a client, under their iTunes connect account. I want to add myself as a user so that I can get email notifications of updates in app status. When I try to add myself as a user I get the following message:
The email address you entered already belongs to an iTunes Connect account. To continue, enter a different email address
I am using this email address on my own company's iTunes connect account, but not on my client's account. How can I add myself as a user?
#sarnold Turning your comment into an answer because it worked for me.
Two Separate Websites
Apparently for historical and organizational reasons, Apple operates their developer and app store business in a bifurcated manner.
developer.apple.com
The web site for all the technical resources, including documentation, WWDC videos and such.
itunesconnect.apple.com
This completely separate web site handles the business end:
Contracts, banking, payments.
Uploading your finished app.
Defining your In-App Purchase products.
Problem: Different Handling Of Accounts
The developer.apple.com site is slick in that a programmer can have a single Apple ID used to join multiple developer accounts. She may work for three different companies, and be assigned a role on each of those companies’ Developer accounts all on the same Apple ID. When she logs in to the Developer site, she is presented with a popup menu asking which of the three companies’ Developer accounts she wants to access during this work session. Nice.
The problem: in iTunesConnect, not so nice. In iTunesConnect, the "admin" person cannot assign existing Apple IDs as members with a role. Very strange. The admin is forced to create a new ID for each person being adding to the team. That means the person joining must have multiple email address. If an admin tries to add you to their iTunesConnect with an email address already used on some other company's iTunesAccount, an error message reports that email address / Apple ID is already in use. Obviously the programming team running the iTunesConnect site could use some help from the Developer site's team. ☹
Workaround: Email Address Trick
The workaround cited by sarnold involves a feature of email addresses. The spec for email servers has a feature where you can extend your email address. You can add a suffix to the first part of your email name by appending a "+" PLUS SIGN. From what I could figure out, the email software first looks for the extended name. If no such name is found, it drops the extension and looks again. If found, the shorter version of the email address is actually used.
So if the programmer Susan wants to use her email address susan#example.com for a second or third iTunesAccount, she tells her client's admin person at Acme Corporation to use something like this as her email address: susan+acme.com#example.com. Apple will still create a needless extra Apple ID for Susan, but at least Susan does not have to bother with creating and accessing extra email accounts. The emails sent by Apple will arrive at her susan#example.com address.
Susan double-checked this would work before talking to the admin person. She sent herself an email to susan+acme.com#example.com to make sure it arrived at the susan#example.com account.
Effectively, the email servers are not fooled by the extended email address, but iTunesConnect is fooled into creating an new Apple ID using an old email account.
Basically, you can't invite other iOS devs to review your efforts seems to be the result of this policy.
I had (and have) the exact same problem... what makes me kinda like FlavorScape's suggestion ;)
What I did is something similar to sarnold's comment: I used an alternative email address (_#gmail.com instead of _#googlemail.com) and this actually created a new AppleID with this email address.
It works fine, but it would be so much better to just connect my actual Developer account to my client's.
The way it's like at the moment, I can not even access the developer resources and (most importantly) the provisioning center with the new Apple ID, so my client has to do create new provisioning profiles and stuff, which is pretty frustrating and complicated.
Additionally, it is a pain to let him test the Apps on his own devices, because of the developer certificate is installed on my Mac, not his, and I am therefore the only one (or better, my Mac is the only computer) that can install new provisioning profiles on his devices.
Is there a better way to connect the accounts and solve these problems?
Cheers,
Nils
Apple now will allow the same email address to be invited to multiple itunes connect accounts and no longer allows new emails to be added with the +. Just a word of warning to others who were doing this the original post is now out of date with Apples new policy it seems.
#knl: The problem in the original question is specifically with iTunes Connect. If you want to be able to manage the Provisioning center -- to make profiles etc -- ask your client to add you to that account. Here are the steps:
Go to "Member Center"
Select the "People" tab
Click on invitations
Select "Invite person"
in the next screen they can select your role including "Member" (limited access) and "Admin" (full access)
From apple documentation:
You can only create test user accounts using an iTunes Connect
accounts with the Admin or Technical role assigned to it. Test users
do not have access to iTunes Connect, but will be able to test in-app
purchases in a development environment on a registered test device.
Link here
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 months ago.
The community reviewed whether to reopen this question 7 months ago and left it closed:
Original close reason(s) were not resolved
Improve this question
I am a member of my company's development team, with the role of Admin. I can access the Member Center of the team at https://developer.apple.com/
However, when I I attempt to sign in at https://itunesconnect.apple.com I am presented with the following error message:
Your Apple ID isn't enabled for iTunes Connect. Learn More
I am an admin on the development team. When I visit Developer > Member Center > People I do not see any permissions related to iTunes Connect.
How do I gain access to my team's iTunes Connect portal?
The solution is simple: Login with this account to iTunes (not iTunesConnect). I am sure you didn't do that. You can take your iPhone or iPad to do that or download the iTunes application.
It is not enough to be a member of the Apple Developer Account / Member Center team.
The account must also be added as an iTunes Connect User.
From an existing iTunes Connect admin account, add the new user to iTunes Connect:
iTunes Connect > Users and Roles > "+" > Add iTunes Connect User
If your Apple Id is added to your team account recently, you need to activate it first by clicking on the link that Apple sent to you with the activation code.
After that, you should be able to login to iTunes connect.
P/S: You may need to check your internet connection, firewall, proxy setting to make sure you can connect to itunes connect server. This happened to me as I used my company network to login. After switched to my 3G hotspot, it worked like a charm.
I had similar issues and I got quite a few random answers from iTunesConnect support until I managed to get an iTunes Connect supervisor.
Here is what is happening:
Your team iTunes Connect guy added you with an email address
The aim is for that email address to be the iTunes Connect email and id
You have never been created as an iTunesConnect user with this email
When this email/id was added (someone filled the name and email in iTunesConnect) clicked 'Next', iTunes would have 'initialised' the account
This 'initialise' is key:
Apple DOES NOT know the user but they have enough details to set a skeleton account allowing the user to login.
To turn this into a real/complete account, the user has to log in to appleid.apple.com, add birth date AND answer/set the security questions.
Once that is done, the account will become a fully fledged account.
Then, if you send an invite (and if they user did not give up and switched to Android), when he/she accepts/clicks on the invitation, they will be set up as expected.
Good luck!
p.s.
I'm the iTunesConnect guy in my company...
I had this issue. The error message gives no clue that, as an app developer, I could no longer login to iTunes. The fix for me was to now go to another website: https://appstoreconnect.apple.com/
I received an email from Apple on Feb 12, 2019 that seems to indicate that there is now a single permission that gives access to the Apple Developer website and App Store Connect:
Teams and roles have been unified.
Dear PERSON,
Developer teams and roles are now simpler. Organizations enrolled in the Apple Developer Program now have one team and one set of roles that provide access to the Apple Developer website and App Store Connect. You can view your current role by signing in to App Store Connect. Changes to roles can be made by Account Holders and Admins in the Users and Access section.
If you have any questions, contact us.
Best regards,
Apple Developer Relations
For anyone who's still facing this issue. The above solutions did not work for me at this point in time. This is what I've done to get it working (from apple's help):
How to generate an app-specific password
Sign in to your Apple ID account page.
In the Security section, click Generate Password below App-Specific Passwords.
Follow the steps on your screen. After you generate your app-specific password, enter or paste it into the password field of the app as you would normally.
If you are facing this on the recent MacOS version/machine, Here's what worked for me.
Open music app on you Macbook
From the sidebar visit the "Itunes store"
Navigate to "Account", for me I found it in the bottom right quarter of the Itunes store homepage.
Click on "Account" and it should prompt to sign in, sign in and fill up the payment method in next screen(can set to none if you don't wish to add any, but still need to fill address and stuff)
After doing this, I was able to sign in to App store in without an issue.
The answer for me was a variation on the one given by #zevij. Just log into this site using the id/pw:
http://appleid.apple.com/
Then visit itunesconnect.apple.com.
I have no idea why this works and it seems like something is seriously wrong at the mothership when it comes to Web. But there you go.
Imagine an iphone app that automatically registers users on the first start according to their phone identity (e.g. phone number*) on a server database.
Afterwards, users should see which of their friends already use the app, i.e. which of their contacts are registered on the DB.
An obvious solution would be to always send a select-request to the DB containing all of the users contacts, everytime the user refreshs his or her friend list. As a result, the user retrieves the list of their registered contacts (friends).
Is there any better way to realize this synchronization between the user management on the server and the contacts in the user's address book. Sending multiple select-requests (each user for every refresh) with dozens of phone numbers might not be performant at all.
Example:
WhatsApp is actually a good example for this scenario. You can add new contacts to your address book and WhatsApp automatically refreshs your WhatsApp friend list according to your phone book. I really like this idea because the user don't need to create an account manually.
*I know about the problems of using phone numbers in AppStore apps, so this question really focusses on the architectural problem.
EDIT
this comment (Whatsapp contacts syncronization) describes the mentioned simple approach. but is this really the smartest way?
I've just started working with Google OAUTH2 in order to add a "Sign in with Google" button to my web site.
According to the "Google+ Platform Developer Policies" section B.2.a.III, if a user deletes their Google account, I must delete all personal information I obtained from the Google API relating to them.
Does this apply to my web application as well? And if so, how do I detect that a user's Google account no longer exists? Surely, a successful login will only occur if the Google account exists; so how can I tell if a previously existing account is no longer there?
Maybe someone has a better approach, but a simple and practical solution would be have a link buried somewhere on your site that allows a user to request account deletion via email (assuming you still possess a valid email for him - if he deletes is Gmail and that's all you have then you have no way to contact him other than manually via phone or something).
The doc you link to says Give users a reasonably convenient way to delete any of their personal information you’ve obtained from the API.
So assuming you still have a valid email address, this would work:
Your FAQ says "What if I want to delete my account?". Links to account deletion page.
Account deletion page: What's your email? _____ (Continue)
Email is sent to user with (securely randomized) confirmation link.
Confirmation link is clicked by user which deletes all of his data from your site.
Success of that process is dependent only on your system and the email arriving.
(If you are concerned about complying to EU data protection law, you might want to implement this feature anyway - since one legally has the right to demand the deletion of one's own personal data.)
How have people intergrated custom CRM type applications with email?
I have a Access 2003 front-end application with a SQL Server 2005 backend. One CRM
part of the application tracks the activity with the customer in a traffic
log table. Sometimes the salesstaff has communication with their customer
using email instead. What do people do to synch this up with an application?
I was thinking about creating a form to enter the initial message, so I
could save it into a table and then have the system generate a email, of
course, this doesn't handle the email communication after the initial email.
Thanks
What you need to do is setup your domain name with a free google apps account. Your sales staff can still use the clients of their choice, but since they are essentially using custom gmail accounts, every single email that they send and receive will be recorded in a nice and neat transactional format in the gmail interface. Since your sales staff is always online, they will always have access to every message they ever sent. If you want to have access to the emails, you can set it up that every single message that gets sent are automatically blind forwarded to your account. Filters can be set up to automatically tag and archive them, so you will not be overwhelmed, but you will still be able to search them. Google Apps will also give you a central contact directory similar to outlook/exchange.
Here are a few options for you:
Use web forms for all communications. When a message is sent out, the only thing it includes is a link back to the site. Responses are sent the same way.
Setup an email alias that your sales staff Cc's when they want their correspondence to be tracked. Your app would periodically read a POP mailbox, and record the traffic. Customers would have to remember to Cc the same email box for the traffic to be remembered.
Establish a single common email box, such as sales#domain.com. All outgoing mail is marked as being from that account, so all replies will go through it. To send mail, sales staff uses a web form. Messages are tagged with a key that associates them with a particular customer. Putting the key in the subject header usually works OK (that's how many support ticket management systems work, for example). Replies from customers keep the tag. Your app then reads an associated POP mailbox, parses out the keys, and stores the email accordingly.
So I'm in the midst of creating a Facebook Connect enabled site. The site in question will leverage your social graph - as defined by your facebook account - to do social things (what is really not important here). Here's the big question I have:
Are people still rolling their own authentication heuristic when using something like Facebook Connect? That is, are newer (FBConnect) sites today providing only FBConnect as an authentication strategy, or are they pairing it with other auth strategies (such as Google Auth, Open ID, etc)? What do you think is the best way to go? With Facebook having over 300,000,000 users now, is having 1 authentication strategy (FBConnect) enough? Or is it proper netiquette to provide users other means?
Some of the references I have been looking at today:
http://www.kenburbary.com/2009/08/five-reasons-companies-should-be-integrating-social-media-with-facebook-connect/
Increased Registration - Data from Facebook states that sites that use Facebook Conect as an alternate to account registration have seen a 30-300% increase in registration on their sites.
• Citysearch.com – Daily site registrations have tripled in the 4 months since Facebook Connect testing began
• Huffingtonpost.com – Since integrating with Facebook Connect, more than 33% of their new commentor registrations come through Facebook
• Cbsinsider.com – Over 85% of all new user registrations are coming from Facebook Connect
http://www.simtechnologies.net/facebook-connect-integration.php
"according to the current statistics using facebook connect increases 30-40% user traffic as compared to non-facebook connect websites."
http://wiki.developers.facebook.com/index.php/Connect/Authentication_and_Authorization
Our research has shown that sites that implement Facebook Connect see user registration rates increase by 30 - 200%.
No Need to Create Separate Accounts
In general, it's not a good practice to force a new user to create a separate account when registering on your site with Facebook Connect. You'll have the user's Facebook account information, and can create a unique identifier on your system for that user.
Just make sure you understand what Facebook user data you can store, or simply cache for 24 hours. See Storable Information for details.
If the user ever deactivates his or her Facebook account, you have a chance to contact the user to request the user create a new account on your site. When a user deactivates his or her account, we ping your account reclamation URL to notify you of the deactivation. Then Facebook sends the user an email regarding the deactivation. If the user has connected accounts with any Facebook Connect sites, and if your site has specified an account reclamation URL, the email will contain a section with your application logo, name, and reclamation link, in addition to an explanation about the link's purpose. For more information, see Reclaiming Accounts.
http://www.chrisbrogan.com/how-facebook-connect-points-the-way-towards-velvet-rope-networks/
The Drawbacks
Though there are advantages to using Facebook Connect for integration, there are some drawbacks, mostly from the marketer’s point of view. If you build out a social network project using Facebook Connect, Facebook gets all the information and you get none. You don’t get a database of users. You don’t get a way to message people participating in your event, except for “in stream,” the way everyone else is using the app. You don’t have any sense of demographics, nor any control abilities to block trolls or other unwanted types.
Crystal Beasley "All of the FB Connect sites we have built so far have incorporated "standard" accounts as well, even with the added complexity of supporting dual login methods."
There are still people who use mySpace (myself not included), and I know a several people coming out of college that have completely deleted their FB accounts to get rid of information of them they don't want potential employers to find (I know, there are a lot easier ways of doing this). If there are people who for whatever reason do not want to have a FB account, at least give them the option of creating a private google account.
Using ONLY Facebook as the register/login-method seems pretty dangerous to me. If you had a regular user management system, with Facebook Connect to speed up the process from a user-perspective is a good idea.
The Problem is somewhere else
if you really want to leverage the social graph only facebook brings "pure" data
the graphs people build at e.g. myspace arent telling much about that person and its social env. - at google neither
if you are just heading for viral spreading prefer the plattforms that share the best (just facebook again)