> ## Documentation Index > Fetch the complete documentation index at: https://docs.getpara.com/llms.txt > Use this file to discover all available pages before exploring further. # iOS App Store Submission > A friendly checklist to get your Para-powered iOS app through App Review without surprises. Use this guide to cover the App Review items Apple most often flags for Para integrations. *** ## 1. Sign-in options If your app includes any third-party logins (like Google or Facebook), Apple also expects a privacy-preserving option such as **Sign in with Apple**. This ensures users can sign in without sharing personal data or tracking identifiers. **Actions:** * Add **Sign in with Apple** anywhere other providers appear. * Test it in a **release build** before submission. If your app only uses first-party sign-ins (email, phone, or passkeys), Apple doesn’t require Sign in with Apple. *** ## 2. Reviewer login flow Make it effortless for reviewers to log in—especially if your app also supports external wallets. **Actions:** * Show standard sign-in options (email, phone, or Apple) first. * Add a line in onboarding: *“No external wallet required — continue with email, phone, or Apple.”* * In your **Reviewer Notes**, list exact steps to log in without a wallet. **Reviewer Notes example:** ```text theme={null} Use email or phone (OTP), or Sign in with Apple, to log in. No external wallet (e.g., MetaMask) is required to access the app. ``` *** ## 3. Wallet-only positioning If your app is a **non-custodial wallet** and **not an exchange**, make that clear. Reviewers often check for exchange or on-ramp features. **Add to Reviewer Notes:** ```text theme={null} The app is a non-custodial wallet using the Para SDK. It does not include exchange, swap, bridge, or on/off-ramp services. No tokens are sold or issued. Features: - Creates/imports non-custodial wallets via passkeys or MPC. - Displays addresses and signs user transactions. - Uses public RPC endpoints only. Exclusions: - No buy/sell/swap/bridge flows. - No fiat or crypto on-/off-ramp. - No KYC/AML required (wallet-only app). Para SDK: - Handles authentication and signing only. - Private keys never leave the user’s device. Request: - Review under Guideline 3.1.5(i) as a wallet-only app. ``` *** ## 4. Account deletion If users can sign up, Apple requires an **in-app account deletion option** (not just deactivation). Keep it simple: * Provide a Delete Account action somewhere obvious (Settings is fine). * If you need Para to remove the user record as well, reach out to support after you handle your own data. **Reviewer Notes example:** ```text theme={null} In-app account deletion is available at Settings → Account → Delete Account. Para is an SDK provider and does not host user accounts. Contact us if Para-level deletion is required. ``` *** ## 5. Passkeys & entitlements If you’re using passkeys or autofill, set up **Associated Domains** in Xcode and host an AASA file. **Checklist:** * Add **Associated Domains** capability. * Include `webcredentials:your.domain`. * Host `https://your.domain/.well-known/apple-app-site-association`. This enables secure credential sharing and Apple’s passkey autofill. *** ## 6. Reviewer Notes checklist Paste these details into **App Store Connect → Reviewer Notes**: * Login path (e.g., *Continue → Sign in with Apple → Approve prompt*) * Test credentials or OTP instructions * Note that the app is wallet-only, not an exchange * Location of Delete Account in settings * Any feature flags or regional settings * Confirmation that backend services are live *** ## 7. Privacy & SDK compliance Apple now enforces privacy manifest rules for all third-party SDKs. **Before you submit:** * Include privacy manifests for every SDK. * Ensure binary SDKs have valid signatures. * Declare reasons for any required-reason APIs. * Update your App Privacy answers to reflect data use accurately. *** ## 8. Export compliance Para SDK uses standard encryption (TLS, secure enclave, etc.). Answer **Yes** to App Store Connect’s encryption question and select the “standard algorithms” exemption. If your app uses custom cryptography, you may need to upload documentation. *** ## 9. Final pre-submission checklist ### Sign-in & onboarding * Sign in with Apple (if you offer other OAuth logins) * Onboarding text: *No external wallet required* * Associated Domains configured for passkeys ### Privacy & compliance * In-app Delete Account button visible * Privacy manifests complete & signed * App Privacy details updated * Export compliance questions answered ### Reviewer experience * Reviewer Notes completed (using template) * Test credentials provided * Backend services online * Privacy policy link included *** ## Related resources * [Production Deployment](/v2/general/production-deployment) * [Launch Checklist](/v2/general/checklist) * [React Native iOS setup](/v2/react-native/setup/react-native#ios) · [Expo iOS](/v2/react-native/setup/expo#ios) * [Swift setup](/v2/swift/setup#ios) · [Flutter iOS setup](/v2/flutter/setup#ios)