Reviewer access

Build a demo account that App Review can actually use

A username and password are not enough when onboarding, roles, one-time codes, regional rules, or empty data still block the feature. Design the reviewer account as a maintained test fixture.

Quick answer

Provide a durable demo account or a fully featured demo mode whenever login is required. The account should bypass expiring invitations and personal-device verification, contain representative data, expose every submitted feature, and remain valid throughout review. Put credentials in App Review Information and reserve Review Notes for navigation and context.

01

Create a review fixture, not a spare personal account

Guideline 2.1 says apps with account-based features should provide an active demo account or a fully featured demo mode, plus anything else needed for review. A personal employee account is fragile: its password rotates, its data changes, and security systems may challenge an unfamiliar Apple device.

Give the fixture an explicit owner, stable identifier, known role set, seeded records, and a maintenance check before each submission. Exclude it from automated dormant-account deletion and fraud rules only as narrowly as needed for review.

02

Remove invisible gates from the reviewer journey

  • Do not require a code sent to a developer's phone or an inbox no reviewer can access.
  • Avoid expiring invitation links, administrator approval, waitlists, or region-locked onboarding.
  • Pre-accept test-safe terms only when doing so does not misrepresent a legally required user action.
  • Seed realistic content so dashboards and detail screens are not blank after login.
  • Grant the precise roles needed to test all features mentioned in the build and metadata.
03

Design an alternative for hard-to-reproduce dependencies

If the app normally needs enterprise membership, a physical accessory, a location, or another service, explain the dependency and provide a permitted review path. Apple allows a built-in demo mode when providing an account is not possible, but the mode needs to expose the full relevant functionality rather than a marketing slideshow.

For hardware, describe pairing and supply any requested resources early. For location-dependent behavior, use seeded locations or a review environment where appropriate. Never claim a reviewer-tested path exists if it cannot produce the submitted feature's real behavior.

04

Write Review Notes as a deterministic route

Do not repeat the password in general messages. Apple provides designated fields for sign-in information. Notes should explain where to go, why a non-obvious feature exists, and what successful behavior looks like.

Copy-ready frameworkAdapt every bracketed field
Review account role: [role]
Credentials: Provided in App Review Information
To test [feature]:
1. Launch the app and choose [entry point].
2. Sign in; no one-time code is required.
3. Open [tab] and select the seeded record named [name].
4. Tap [control].
Expected result: [visible outcome].
Special dependency: [none / supplied explanation].
05

Run the access contract before every submission

  1. Install the release candidate on a clean, non-corporate network.
  2. Copy the credentials exactly from App Store Connect rather than from a password manager source.
  3. Complete login, logout, password-expiry checks, and every role-gated route described in Review Notes.
  4. Confirm seeded objects have not expired, been consumed, archived, or deleted by a scheduled job.
  5. Keep a monitored contact available for a reviewer question without making that contact part of the login flow.
Sources

Primary references checked for this guide

Policy statements above are grounded in the linked Apple documentation. Operational recommendations are AppReviewReady's interpretation and should be tested against your app and the current guideline text.

Put it to work

Run the 16-point submission checklist

Check reviewer access alongside build, privacy, metadata, and purchase readiness.

Open the tool