App Store Review Guidelines (2025): Checklist + Top Rejection Reasons
Updated: December 16, 2025
App Store review: Quick pass checklist #
Apple review isn’t random. It’s a set of predictable checks grouped into Safety, Performance, Business, Design, and Legal.
Your goal is simple: ship a build the reviewer can verify without guessing. Reviewers typically test like this:
- Fresh install (no cached sessions, no dev data)
- Slow / flaky network (timeouts reveal broken flows)
- No context (if it needs explaining, you must explain it)
Do this before you submit #
Walk through the checklist below and fix anything that blocks a clean review: crashes, incomplete features, unclear paywalls, missing restore, or a privacy policy that’s hard to find.
Step 1: Pass the “fast rejection” checks #
This is what kills submissions quickly. And not because Apple is mean, but because the reviewer can’t verify your app works or your setup violates a clear rule.
One missing detail can cause a rejection loop: a hidden privacy policy link, no restore purchases, or reviewers not having a clean way to test gated features.
| Done | Category | What Apple expects | Docs |
|---|---|---|---|
| Safety | No offensive, disturbing, or harmful content. (duh) | 1.1 Safety | |
| Safety (UGC) | If users can post content: you need reporting, blocking, filtering/moderation, and published contact info. | 1.2 UGC | |
| Performance | App is complete and functional — no placeholder flows, broken screens, or “coming soon” core features. | 2.1 Performance | |
| Business (IAP) | Digital goods/features unlock via In-App Purchase. Don’t route users to external unlock mechanisms. | 3.1.1 IAP | |
| Business (IAP) | “Restore Purchases” exists (and actually works after reinstall). | 3.1.1 Restore | |
| Legal (Privacy) | Privacy policy is linked in App Store metadata and inside the app (easy to find). | 5.1.1 Privacy | |
| Legal (Account deletion) | If your app supports account creation, users can initiate account deletion inside the app. | Account deletion policy |
Actionable move: do a “reviewer run” on a clean device or simulator: install → open → finish the main path → restore purchases → find privacy policy → delete account (if applicable).
If your app requires special setup (demo login, region-locked content, hardware requirement), put it in App Review Notes so the reviewer doesn’t have to guess. Helpful reference: App Store Connect: manage submissions .
Step 2: Make your metadata impossible to misunderstand #
Reviewers compare your app behavior to your screenshots and description. If you promise features that aren’t there, or show fake UI in screenshots, you increase rejection risk.
Read: 2.3 Accurate Metadata and Product Page best practices .
Actionable move: open your App Store listing draft and highlight anything that a reviewer can’t verify in 60 seconds. Rewrite those lines into testable, specific claims.
Step 3: If you have UGC, ship moderation first #
Comments, profiles, uploads, chat, communities — if users can create content, Apple expects basic moderation controls. This is one of the easiest things for reviewers to check and one of the most painful things to retrofit.
| Done | Required capability | Practical implementation hint |
|---|---|---|
| Filter objectionable material | Keyword filters + rate limits. For risky apps, consider pre-moderation for new accounts. | |
| Report content + response process | Report action on each item + admin queue + real process to review and act. | |
| Block abusive users | Block should prevent interaction and visibility (not just hide locally). | |
| Published contact info | Support email or form reachable from Settings/Help inside the app. |
Actionable move: add a “Report” action to every content item and a “Block user” action to every user profile. Then add a simple moderation queue (even if it’s manual at first).
Reference: 1.2 User-Generated Content .
Step 4: Make your paywall review-proof #
If your app unlocks digital content/features, Apple expects In-App Purchase. Reviewers can verify this fast. Your job is to remove any ambiguity and make restore work reliably.
| Done | Check | What to verify before submission |
|---|---|---|
| All digital unlocks use IAP | No external unlock methods for in-app digital functionality. | |
| Restore exists and works | Restore purchases works after reinstall on a clean device. |
Actionable move: add a “Restore Purchases” button where the reviewer will find it: Settings, Paywall, or both. Then test: buy → reinstall → restore → unlock.
References: 3.1.1 In-App Purchase and In-App Purchase overview .
Step 5: Make privacy and deletion easy to find #
Privacy issues trigger rejections and destroy user trust. Keep it simple: collect only what you need, explain why, and make policies reachable inside the app.
| Done | Check | Minimum expectation |
|---|---|---|
| Privacy policy link (metadata) | Privacy policy URL is set in App Store Connect. | |
| Privacy policy link (in-app) | Policy is accessible inside the app (not buried). | |
| Policy is explicit | States what data is collected, how, why, and third-party handling. |
Actionable move: add “Privacy Policy” and “Delete Account” links inside Settings. If reviewers can’t find them quickly, treat it as “missing.”
References: 5.1.1 Privacy and Offering account deletion in your app .
Official sources (bookmark these) #
If anything changes, Apple’s docs are the source of truth. This checklist intentionally stays close to them.
FAQs#
+ How long does App Store review usually take?
It varies by category and timing (holidays can slow queues), but many submissions are reviewed quickly. The most important part you control is whether the reviewer can verify your app without extra setup or guessing.
Useful links: App Store Connect: manage submissions to App Review .
+ What are the most common rejection reasons?
+ My app requires login. What should I provide for review?
Provide a demo account (and any special instructions) so reviewers can access core functionality. If there are multiple roles (admin/user), include credentials for the role needed to verify key features.
Action: Put all access details in App Review Notes in App Store Connect. Link: Manage submissions to App Review .
+ Do I need “Restore Purchases”? Where should it be?
If you sell restorable purchases (non-consumables and auto-renewing subscriptions), you should provide a restore mechanism. Put it where users (and reviewers) will find it: Settings, the paywall screen, or both.
Read: 3.1.1 In-App Purchase and In-App Purchase overview .
+ What counts as “digital goods” that must use In-App Purchase?
If the user pays to unlock in-app digital functionality or content, Apple generally expects you to use In-App Purchase. If you’re unsure, assume a reviewer will interpret it strictly.
Reference: 3.1.1 In-App Purchase .
+ My app has user-generated content. What does Apple require?
Apple expects a basic moderation system: a way to filter objectionable material, a way to report content, a way to block abusive users, and published contact info for support.
Read: 1.2 User-Generated Content .
+ Where should the privacy policy live?
You should provide a privacy policy link in App Store Connect metadata and make it accessible inside the app (typically in Settings, Help, or an “About” screen). If it’s hidden, treat it as missing.
Read: 5.1.1 Privacy .
+ Do I really need in-app account deletion?
If your app supports account creation, Apple requires users to be able to initiate account deletion within the app. Don’t rely on “email support to delete” as your only path.
+ If I get rejected, what’s the fastest way to recover?
Treat the rejection message like a bug report: identify the exact rule, reproduce the issue on a clean install, fix it, then reply with a short “what changed / where to test” note.
Helpful starting point: App Review workflow in App Store Connect .