The checklist I wish I had before my first submission.

I got rejected 5 times. Each time I thought I'd covered everything, and each time Apple found something I missed. Some were obvious in hindsight, others were things I had no idea existed as requirements.

So I wrote it all down. Every item here is either something that got me rejected, or something I learned the hard way during the process. If even one of these saves you a rejection cycle, it was worth making.

Before you hit submit

If any of these apply to your app right now, you will get rejected. This is the 30-second gut check.

  1. App has placeholder screens, "coming soon" text, or broken buttons
  2. No Privacy Policy URL in App Store Connect
  3. No Terms of Service link inside the app or on the listing
  4. Subscriptions missing metadata, unclear pricing, or no restore button
  5. Login required but no test account provided for the reviewer
  6. Users can create accounts but cannot delete them in-app
  7. UIBackgroundModes declares capabilities the app does not use
  8. App sends data to a third-party AI without an explicit in-app consent prompt
  9. Keyboard extension has zero functionality when Full Access is off
  10. Keyboard extension has no globe button to switch keyboards
  11. App does not work on iPad, even in iPhone compatibility mode
  12. Paywall shows weekly calculated price more prominently than the actual billed amount

App completeness

Most rejections are bugs. Apple reviews on real devices. If it crashes or gets stuck, it's an instant rejection.

  1. No placeholder text, Lorem Ipsum, or "beta" labels anywhere
  2. No dead-end screens or navigation that leads nowhere
  3. Every button either does something or doesn't exist
  4. Primary screens have real empty, loading, error, and populated states
  5. Tested every flow end-to-end: onboarding through core action through settings
  6. Tested every button on every screen
  7. Tested clean install and upgrade install
  8. Tested slow network and airplane mode without crashes
  9. Tested on the oldest iOS version you support
  10. No crashes on launch, during core flows, or on device rotation
  11. Custom keyboard launches and works after enabling it in Settings
  12. Custom keyboard still works after toggling Full Access on, off, and on again
  13. Onboarding flow is completable from start to finish without getting stuck

iPad compatibility

Apple reviews on iPad Air. Even iPhone-only apps run there in compatibility mode. Yours needs to work.

  1. Tested on iPad or iPad simulator, even with supportsTablet: false
  2. Onboarding screens render without overlapping or clipped content on larger screens
  3. Text input fields work with the iPad keyboard layout
  4. Scroll views and lists don't overflow or leave dead space
  5. Modal and bottom sheets scale correctly
  6. Keyboard extensions work on iPad's different keyboard layout
  7. iPhone compatibility mode on iPad renders every screen acceptably
  8. iPad screenshots provided if iPad is listed as supported in App Store Connect

Extensions

Keyboard extensions have strict, specific rules. I was rejected three separate times for extension issues alone.

  1. Keyboard provides real functionality when Full Access is OFF, not just a help screen
  2. Globe/next-keyboard button exists using advanceToNextInputMode()
  3. Globe button is positioned near where the system globe key normally appears
  4. Keyboard works after toggling Full Access on, off, and on again
  5. Keyboard doesn't crash on first launch after being added in Settings
  6. Keyboard works on both iPhone and iPad
  7. If network is required, the keyboard explains why Full Access is needed
  8. RequestsOpenAccess set to true in the extension's Info.plist
  9. Extension only uses APIs permitted for extensions
  10. App Groups entitlements match between the app and extension provisioning profiles

AI and third-party data

If your app touches AI or sends anything to an external service, Apple wants explicit consent shown in-app, not buried in your privacy policy.

  1. In-app consent prompt appears before any data is sent to an external AI service
  2. Consent states what data is being sent
  3. Consent states who the data is sent to
  4. Consent states whether data is stored and for how long
  5. User must actively tap to agree. No silent defaults
  6. If user declines, no data is sent and the app handles it gracefully
  7. Privacy policy names every third-party service that receives user data
  8. Privacy policy confirms each third-party provides equal data protection
  9. This information exists in-app, not only in the privacy policy or terms
  10. AI-generated content has safeguards, disclosure, and server-side rate limits

Privacy and legal

Permission strings, privacy policy completeness, data collection transparency.

  1. Privacy Policy hosted at a public URL
  2. Terms of Service hosted at a public URL
  3. Both linked inside the app somewhere accessible
  4. Privacy Policy URL added in App Store Connect
  5. Support URL is live and working
  6. Contact email is valid and monitored
  7. Privacy Policy explains what data is collected, why, how, and how to delete it
  8. Privacy Policy matches the App Privacy "nutrition label" answers
  9. Permission purpose strings are specific, not generic
  10. Purpose strings explain why and what for, with an example
  11. Permissions requested only when the feature actually needs them
  12. App still works if any permission is denied
  13. ATT implemented if you track users
  14. App Privacy nutrition label accurately reflects reality
  15. No required collection of info irrelevant to core functionality
  16. Optional data screens like "How did you find us?" allow skipping
  17. Demographic collection screens explain why the data improves the experience

Subscriptions and IAP

Pricing clarity, restore flow, and making sure the reviewer can actually find every purchase option.

  1. All IAPs created with complete metadata in App Store Connect
  2. Each IAP has review assets (screenshot + notes)
  3. IAPs submitted for review with the build, not left in Draft
  4. Billed amount is the most prominent price on the paywall (largest, boldest)
  5. Calculated prices like "per week" are visually subordinate to the billed amount
  6. No fake urgency or "limited-time" language
  7. All digital features use IAP, no external payment links
  8. Restore Purchases button exists and works
  9. Manage Subscription link exists somewhere accessible
  10. Hidden IAPs (exit offers, promos) have exact step-by-step instructions in Review Notes
  11. Instructions for testing a new purchase if sandbox already has an active subscription
  12. Paid Apps Agreement signed and active
  13. Yearly plans show the full yearly price, not only a weekly/monthly equivalent
  14. Free trial and auto-renewal terms clearly stated

Accounts

Account creation and deletion, login requirements.

  1. Account deletion available in-app if account creation exists
  2. Sign in with Apple offered if using any third-party social login
  3. Real names not forced, usernames/nicknames allowed
  4. Password reset and email verification tested and working
  5. Anonymous auth explained in reviewer notes if applicable

Community and UGC

Required only if your app has social features, chat, or user-generated content.

  1. Users can block other users
  2. Users can report content or users
  3. Reports are reviewable and actionable
  4. Safety or community policy exists and is linked publicly

Info.plist and capabilities

Declare only what you use. Apple checks.

  1. UIBackgroundModes only includes modes the app actually uses
  2. Background audio declared only if the app plays audio in background
  3. Background location declared only if the app uses location in background
  4. No leftover entitlements from templates or earlier development
  5. Export compliance and encryption declarations completed
  6. App Group entitlements match between app and all extensions
  7. Provisioning profiles include all declared entitlements
  8. Age rating questionnaire completed accurately

Business setup

Agreements, tax forms, and banking. Must be done before paid features work in sandbox review.

  1. Enrolled in Small Business Program (15% vs 30%)
  2. Paid Apps Agreement signed and active
  3. Tax forms completed with Submitted/Active status
  4. Bank account added and marked usable
  5. Export compliance completed

Store listing

Accurate, honest, and showing real app screens.

  1. Description explains what the app does in the first 2-3 lines
  2. Screenshots show real app usage, not splash screens or login pages
  3. No mentions of competitors or unbuilt features
  4. Keywords are relevant, no brand spam
  5. Promotional text is accurate if used
  6. Pricing and availability configured

Localization

Either complete it or remove it. Half-done locales will get flagged.

  1. Every enabled locale has title, subtitle, description, and keywords translated
  2. Localized screenshots provided where needed
  3. Accidental locales removed or completed

Design and UI

If the interface is hard to use, Apple will reject it.

  1. No overlapping elements at any supported device size
  2. Text legible at default font sizes
  3. Touch targets at least 44x44pt
  4. Nothing hidden behind notches, home indicators, or status bars
  5. No misleading UI hiding real functionality
  6. Safe area insets respected everywhere
  7. App doesn't break with larger accessibility text sizes

Content and IP

  1. No copyrighted content you don't own
  2. No misleading UI hiding functionality
  3. AI/LLM usage has safeguards, disclosure, and rate limits

Reviewer access

Make their job easy. The less they have to guess, the more likely they approve.

  1. Test account credentials provided if login is needed
  2. Clear step-by-step instructions for using the core feature
  3. Screen recording linked if the flow isn't obvious (highly recommended for v1)
  4. App's purpose and the problem it solves described in review notes
  5. All external services listed (AI, auth, analytics, payments)
  6. Regional consistency confirmed, or differences explained
  7. Complex flows have individual step-by-step instructions
  8. Hidden IAPs have exact navigation instructions
  9. Special requirements (hardware, location) explained
  10. Anonymous auth stated explicitly so they don't look for a login

Final pass

One last sweep before you press Submit for Review.

  1. Build matches the listing: features, screenshots, and copy all align
  2. All listing URLs load and don't 404
  3. No placeholders anywhere in the app or listing
  4. Core use case completable in under 60 seconds
  5. Re-read every previous rejection and confirmed each issue is resolved
  6. Tested on a physical device
  7. Tested on iPad
  8. Ready to respond quickly if Apple asks for changes
  9. Review Notes are thorough and include everything from the Reviewer Access section