Skip to main content

React Native App Release Checklist

Use this checklist after the app runs locally and before you submit it to the Apple App Store or Google Play.

Quick Answer

Before release, replace all demo branding and backend configuration, use your own Firebase project, configure production secrets server-side, verify iOS and Android app identity, test push/payments/media on real devices, prepare privacy and store assets, then archive signed production builds.

1. Confirm the App Runs Before Customization

Start from a working baseline:

corepack enable
yarn install
yarn start

Then verify both platforms:

yarn ios
yarn android

Do not start release work from an app that still has dependency, Metro, iOS, or Android build errors.

2. Replace Branding

Check these items:

  • app display name;
  • app icon;
  • splash screen;
  • logo assets;
  • primary colors;
  • typography;
  • empty-state images;
  • onboarding text;
  • support email and website links;
  • privacy policy and terms links.

Common docs:

3. Configure App Identity

Use your own identifiers. App stores do not allow duplicate bundle identifiers or package names.

PlatformCheck
iOSBundle identifier, display name, signing team, entitlements, capabilities.
AndroidApplication id, namespace/package name, display name, signing config.

After changing identifiers, update Firebase app registration and download fresh config files if needed.

4. Configure Firebase for Production

Do not publish with demo Firebase credentials.

Check:

  • GoogleService-Info.plist belongs to your Firebase project;
  • google-services.json belongs to your Firebase project;
  • Firebase Auth providers are enabled;
  • Firestore is enabled;
  • Storage is enabled if the app uploads media;
  • Firestore rules are reviewed and deployed;
  • Storage rules are reviewed and deployed;
  • Firestore indexes are deployed;
  • Firebase Functions are deployed if included;
  • seed data is imported if the app expects it;
  • Functions secrets or environment variables are configured.

Start here:

5. Review Backend Secrets

Keep private keys out of the React Native app.

Server-side only:

  • OpenAI keys;
  • Stripe secret keys;
  • Twilio credentials;
  • Firebase service account files;
  • webhook signing secrets;
  • private payment provider credentials.

Mobile-side allowed when required by SDKs:

  • Firebase mobile config files;
  • public publishable payment keys;
  • public maps keys with platform restrictions;
  • public analytics IDs.

6. Verify Push Notifications

If the app uses push notifications, test them on real devices before release.

Check:

  • Firebase Messaging setup;
  • APNs key or certificate for iOS;
  • iOS notification permission flow;
  • Android notification permission flow when required;
  • device token registration;
  • backend send flow;
  • foreground, background, and killed-app behavior where applicable.

Push docs:

7. Verify Payments

If the app includes payments:

  • use test mode first;
  • keep secret keys server-side;
  • verify Apple Pay requirements on iOS;
  • verify Google Pay requirements on Android;
  • test successful payment;
  • test failed payment;
  • test cancellation;
  • test webhook/backend confirmation if used;
  • verify order/subscription state in your backend.

Payment docs:

8. Test Core User Flows

Test on a clean install and on real devices when possible:

  • sign up;
  • sign in;
  • sign out;
  • forgot password;
  • profile update;
  • create/read/update/delete flows for the main feature;
  • media upload and display;
  • chat or feed refresh if included;
  • push registration if included;
  • payments if included;
  • offline or poor network behavior;
  • empty states;
  • permission prompts.

Use at least one iOS device/simulator and one Android emulator/device.

9. Prepare Privacy and Compliance

Prepare:

  • privacy policy;
  • terms of service;
  • support email;
  • data deletion process;
  • account deletion process if the app supports accounts;
  • App Store privacy labels;
  • Google Play Data Safety form;
  • permission usage descriptions;
  • third-party SDK disclosure where required.

Make sure permissions match real app behavior. Do not request permissions the app does not use.

10. Prepare Store Assets

Prepare:

  • app name;
  • subtitle or short description;
  • full description;
  • keywords where supported;
  • screenshots;
  • app preview/video if needed;
  • app icon;
  • feature graphic for Google Play;
  • support URL;
  • privacy policy URL;
  • category;
  • age rating/content rating;
  • review notes and test account, if required.

Use real screenshots from your customized app, not demo screenshots.

11. Create Signed Builds

For iOS:

  • open the workspace in Xcode;
  • set signing team;
  • confirm bundle identifier;
  • archive a release build;
  • upload through Xcode Organizer or Transporter.

For Android:

  • configure release signing;
  • build an Android App Bundle;
  • upload the .aab to Google Play Console.

Store-specific guides:

12. Final Release Gate

Before submitting:

  • production Firebase config is in the app;
  • demo credentials are removed;
  • release build launches on iOS;
  • release build launches on Android;
  • main flow works from a clean install;
  • backend logs show no critical errors;
  • crash reporting is configured if used;
  • analytics is configured if used;
  • support and legal URLs are reachable;
  • store metadata is complete;
  • screenshots match the submitted build.

What To Keep for Support

Save:

  • app name and Instamobile product name;
  • release version;
  • iOS bundle identifier;
  • Android application id;
  • Firebase project id;
  • build command;
  • Xcode archive logs for iOS issues;
  • Gradle output for Android issues;
  • screenshots of store review errors.

Do not share private keys, signing keys, service account files, or payment secrets.

Next Steps