Use case
Code signing for Flutter apps on iOS
A Flutter app on iOS is still a regular Xcode project under ios/, signed with the same Apple Developer certificates and provisioning profiles as any other iOS app. The complication is volume: most Flutter teams ship multiple flavors (dev, staging, prod), often multiple white-label brands, and rely on flutter build ipa --export-options-plist or a CI provider like Codemagic or Bitrise to handle signing. HexSign sits on top of the App Store Connect API and gives you a single dashboard for every flavor's bundle ID, certificate, and profile, with alerts that fire before flutter build ipa fails in CI.
TL;DR
- Flutter on iOS uses the same Apple certificates, profiles, bundle IDs, and devices as any native app — HexSign manages all of them.
- The relationship graph makes flavors and white-label bundle IDs (com.example.app.dev / .staging / .prod) easy to keep straight.
- Email and Slack alerts fire before flutter build ipa breaks in Codemagic, Bitrise, GitHub Actions, or your local Mac.
- HexSign runs alongside Codemagic, Bitrise, Fastlane Match, and any other tool that already builds your Flutter iOS app.
Where teams hit friction
Common pain points signing Flutter apps
What HexSign adds
What HexSign adds for Flutter teams
Live relationship graph
An interactive graph linking certificates, provisioning profiles, bundle IDs, and devices. Click any node to see its dependencies and the blast radius of revoking or rotating it.
Expiration alerts before things break
Email and Slack webhook alerts at thresholds you choose (7, 14, 30, 60, 90 days). Send a test alert before enabling delivery, so there are no surprise expirations during a release.
Health score & expiring items
A 0–100% health score across every Apple account you connect, plus an expiring-items panel that surfaces what to act on first. No CLI invocation required.
Guided provisioning profile wizard
A step-by-step wizard picks the right profile type, identifier, signing certificate, and devices, then generates the profile through Apple's API. No portal tab-switching.
Multi-account dashboard
Connect one or many Apple Developer team accounts. Each syncs independently with its own status and error reporting, all visible from a single dashboard.
Audit logs, RBAC & MFA
Owner / Admin / Member roles, per-user auth activity log, and MFA via SMS or TOTP authenticator apps. Every certificate, profile, device, and identifier change is logged.
How it works
How HexSign fits a Flutter workflow
- 1
Connect the Apple Developer team for each Flutter app
Drop in an App Store Connect API key per team. If you ship apps under several Apple accounts (one per client, one per brand), connect them all — HexSign syncs each independently with its own status panel.
- 2
See all your flavor bundle IDs in one graph
com.example.app, com.example.app.dev, com.example.app.staging, com.example.app.prod — every identifier appears as a node, with the certificates and provisioning profiles each one is wired to. White-label brands cluster the same way.
- 3
Regenerate the right profile when a flavor breaks
When a Flutter CI job fails because an Ad Hoc or App Store profile is stale, open HexSign, find the profile attached to that bundle ID, and regenerate it through the wizard. The new profile is available immediately for your next flutter build ipa.
- 4
Alerts go to the channel that ships the release
Wire Slack webhooks (per workspace) or email distribution lists for each Apple Developer team. Get warned 30, 14, and 7 days out — long before flutter build ipa starts failing in Codemagic.
- 5
Pair with Codemagic, Bitrise, or your own CI
HexSign does not run flutter build ipa. It manages the Apple-side assets that Codemagic, Bitrise, GitHub Actions, or a local Mac use when they build. Same App Store Connect API key works on both sides.
Side-by-side
Signing Flutter apps with HexSign vs without
With HexSign | Without HexSign | |
|---|---|---|
| Multi-flavor / multi-brand | ||
| See every flavor's bundle ID at once | Graph view | Open each flavor's Runner.xcodeproj |
| Track which profile feeds which Codemagic workflow | Per-bundle-ID listing | Codemagic UI per workflow |
| White-label apps under separate Apple accounts | One dashboard, many teams | Sign in / out per Apple ID |
| Expiration & alerts | ||
| Cert expiring before next release | Email + Slack at custom thresholds | Discover in build logs |
| Per-flavor profile expiry | Per-profile alert | Build-time failure |
| Apple's 30-day email lands in your release channel | Yes (Slack webhook) | Goes to one Apple ID inbox |
| Lifecycle operations | ||
| Generate a fresh distribution cert | Wizard with KMS-encrypted CSR | Keychain Access on one Mac |
| Add a tester device across every flavor | Bulk profile regeneration | Edit each profile in Apple's portal |
| Revoke a leaked cert with audit | Apple portal, no team audit | |
| CI / build tools | ||
| Works with Codemagic | Same ASC API key | Codemagic auto-sign only |
| Works with Bitrise | Same ASC API key | Bitrise auto-provisioning only |
| Works with Fastlane Match | Read-only of Apple-side state | Match repo only |
FAQ
Questions about HexSign for Flutter
Other use cases
HexSign for other frameworks
Comparing HexSign to a specific tool? See HexSign vs Fastlane Match, HexSign vs Apple Developer Portal, HexSign vs Codemagic, and HexSign vs Bitrise.
Ready?
Ship Flutter releases without signing surprises
Connect your App Store Connect API key and get full visibility in minutes. No rip-and-replace required.