Credentials

Signing assets reused across applications. They belong to a sub-org's Apple / Google accounts, so each credential is scoped to a sub-org and referenced by that sub-org's apps.

Access is role-gated.
Only Signing Managers can view or attach credentials. A member scoped to a sub-org sees only that sub-org's assets. Every attach and rotation is written to the audit log.
Sub-org: Acme Corp
App Store Connect API keys
Acme ASC Key
Issuer 69a6de70 · Key ABC123XYZ
Acme Corp used by 3 apps Valid
Nordic ASC Key
Issuer 41b2c9f0 · Key NRD88KEY
Nordic Retail used by 1 app Valid
Distribution certificates
Acme Distribution
Apple Distribution · expires 14 Mar 2027
Acme Corp used by 3 apps Valid
Nordic Distribution
Apple Distribution · expires 09 Jul 2026
Nordic Retail used by 1 app Expires in 9d
Android keystores
Acme Upload Keystore
SHA-256 9F:2A:… · alias acme-upload
Acme Corp used by 2 apps Valid
Google Play service accounts
Acme Play Account
acme-ci@play.iam.gserviceaccount.com
Acme Corp used by 2 apps Valid
Registered devices
iPhone 15 Pro · Can
UDID 00008120-…
shared pool Active
iPad Air · QA
UDID 00008103-…
shared pool Active

 Credentials never leak across sub-orgs: Acme's key is invisible to a Nordic-scoped member and cannot be attached to a Nordic app. Rotating one entry updates every app in that sub-org that references it.