App Store

    Transfer Bugs: Bundle ID Already Used Error During iOS Dev Handover

    The Apple Developer portal Identifiers screen showing a bundle identifier already registered to a team during an app transfer.

    The "bundle identifier already in use" error during an iOS app handover almost always means the App ID is already registered to a team, and Apple reserves each bundle identifier globally to the team that first registered it. The usual trap is trying to register or build the app under that bundle ID on the destination account before the transfer happens, which Apple will not allow. The fix is to run the app transfer itself, which moves the App ID to the new account, rather than recreating it. Do not pre-register the bundle ID on the receiving side.

    Short answer

    Apple reserves every bundle identifier to the team that first registered its App ID, so no other account can register or build under it, as Apple's app transfer documentation and developer forums confirm. During a handover, the error appears when the receiving account tries to create the same App ID before the transfer, or when the app does not yet meet Apple's transfer criteria. The safe path is to leave the bundle ID untouched on the destination, run the official app transfer from the source account, and only then generate fresh certificates and provisioning profiles on the new team. Deleting the bundle ID does not free it, and the receiving team must re-sign after the move.

    What causes the "bundle identifier already in use" error?

    The error means the exact bundle identifier already has an App ID registered to some team, and Apple will not let a second team register or use it. In a handover, that team is usually the current owner, so the receiving developer sees the error the moment they try to create the App ID or upload a build under it.

    There are a few distinct triggers. The most common is the receiving account pre-registering the App ID before the transfer, which collides with the owner's existing registration. Others include the app not yet meeting Apple's transfer criteria, a wildcard App ID that overlaps, or an old registration in a personal team that someone forgot about. Each points to the same root cause: the bundle ID is reserved elsewhere.

    Why bundle IDs are globally reserved

    When a team creates an App ID, the bundle identifier is reserved to that team, and no other team can register an App ID for it. This is a global, Apple-wide reservation, not a per-account setting, which is why a bundle ID that looks free from your side can still be taken. It is the mechanism that ties one app to one owner.

    Crucially, deleting the App ID does not release the bundle identifier for another account to reuse, and a bundle ID cannot simply be re-used by a different team without a formal transfer. This is by design: it prevents two developers from ever claiming the same app identity. For a handover, it means the only correct way to move a bundle ID is the app transfer flow, which carries the App ID with it.

    The error-cause matrix

    Matching the exact symptom to its cause is the fastest way to the right fix. The table below covers the common cases during a handover.

    SymptomCauseFix
    Error creating the App ID on the new accountBundle ID pre-registered before transferDo not pre-register, run the transfer
    Error uploading a build on the new accountApp ID still owned by the source teamComplete the app transfer first
    Transfer option is unavailableApp does not meet Apple's transfer criteriaResolve agreements, entitlements, pending reviews
    Bundle ID "taken" but you cannot find itRegistered in a personal or old teamLocate the owning team, then transfer
    Signing fails after the transferProfiles and certificates did not transferRegenerate signing assets on the new team

    Reading the matrix first prevents the classic mistake of trying to "clear" the bundle ID on the destination, which cannot work because the reservation lives with the source team until the transfer completes.

    Which certificates, profiles, and keys are involved?

    An app transfer moves the app record and its App ID, but it does not move your signing assets. Distribution certificates, provisioning profiles, and push notification keys are tied to the team, so after the transfer the receiving team must create its own. This is why a build that signed cleanly for the old owner will fail to sign for the new one until fresh assets exist.

    Two items deserve special attention. Provisioning profiles reference both the App ID and a certificate, so a stale profile on the receiving side will not match and must be regenerated. And capabilities backed by external identifiers, such as push notification keys or merchant identifiers, need to be set up again in the new account, because those credentials do not travel with the app.

    Checks: Xcode, the developer portal, Fastlane, and Expo EAS

    Before and after the transfer, verify the state in each tool you use. In Xcode's Signing and Capabilities tab, confirm the bundle identifier and the selected team, and let it show you whether a matching provisioning profile exists. In the developer portal under Identifiers, check whether the App ID exists and, importantly, which team owns it.

    For automation, the same truth surfaces through the CLI. Fastlane's produce action fails when the bundle ID is already registered, which is a useful early signal, and match or sigh will regenerate signing assets for the new team once the transfer is done. For Expo, check the ios.bundleIdentifier in your app config and re-run EAS credential setup so EAS provisions certificates and profiles under the new account. Whichever tool you use, the fix is never to force the bundle ID; it is to align the tool with the account that actually owns it.

    The safe transfer and retry path

    When you hit the error, stop and follow an ordered path rather than deleting or recreating identifiers. The checklist below moves from verification to a clean re-sign.

    StepActionWhy
    1Identify which account owns the App IDConfirms the source of the reservation
    2Do not pre-register the bundle ID on the destinationAvoids the collision entirely
    3Verify the app meets Apple's transfer criteriaEnables the transfer option
    4Run the app transfer, accept on the destinationMoves the App ID correctly
    5Generate new certificates and provisioning profilesSigning assets do not transfer
    6Rebuild, scan, and rotate old secretsA clean, secure handover

    The single most important rule is in the first two rows: do not pre-register the bundle ID on the destination, and confirm the app meets Apple's transfer criteria, because those two mistakes cause most handover failures. Everything after the transfer is routine signing setup.

    After the transfer: re-sign and rotate secrets

    Once the App ID lands in the new account, the receiving team regenerates certificates and provisioning profiles and rebuilds, and this is also the right moment to handle security. A handover often carries over secrets that belonged to the previous owner: API keys embedded in the app, tokens in the CI pipeline, or credentials for services the old team controlled. Leaving those in place hands the old owner ongoing access.

    A scanner like PTKD.com analyzes the re-signed .ipa and returns findings ordered by severity and mapped to OWASP MASVS, so you can spot embedded secrets and insecure configurations that should be rotated as part of the handover. To be honest about the boundary: PTKD does not perform the app transfer, fix code signing, or rotate keys for you. It flags what needs attention, so the new owner does not inherit the old owner's secrets by accident.

    How to prevent it next time

    Most recurrences come from pre-registering identifiers or from unclear ownership. Never create the App ID on the receiving account ahead of a transfer; let the transfer carry it over. Agree in writing which account owns the bundle ID, and use reverse-DNS identifiers based on a domain you control so accidental collisions are unlikely.

    For teams that transfer apps often, centralize signing so there is one source of truth. Fastlane match keeps certificates and profiles in a shared, version-controlled store, and EAS manages credentials for Expo projects. With a single system generating signing assets for the owning account, a handover becomes a transfer plus a credential refresh, not a scramble to untangle who registered what.

    What to take away

    • The error means the bundle identifier's App ID is already reserved to a team, and Apple reserves each one globally.
    • During a handover, it usually means the receiving account tried to register the bundle ID before the transfer, so do not pre-register it.
    • Run the official app transfer to move the App ID, then generate fresh certificates and provisioning profiles on the new team.
    • Deleting a bundle ID does not free it, and signing assets do not transfer, so the new owner must re-sign.
    • After the move, scan the re-signed build with PTKD.com to catch secrets that should be rotated in the handover.
    • #bundle identifier
    • #app transfer
    • #code signing
    • #app store connect
    • #ci cd

    Frequently asked questions

    What does "bundle identifier already in use" mean?
    It means the exact bundle ID already has an App ID registered to a team, and Apple reserves each bundle identifier globally to the team that registered it first. No other account can register or build under it. During a handover, the current owner holds that reservation, so the receiving developer sees the error until the app transfer moves the App ID.
    Can I just delete the bundle ID and re-register it on the new account?
    No. Deleting an App ID does not release the bundle identifier for another team to reuse, and a bundle ID cannot be re-registered by a different account. The only supported way to move it is Apple's app transfer, which carries the App ID to the receiving account. Trying to delete and recreate will not clear the reservation.
    Which certificates and profiles transfer with the app?
    None of your signing assets transfer. The app record and its App ID move to the new account, but distribution certificates, provisioning profiles, and push notification keys stay with the original team. The receiving team must generate its own signing assets, and regenerate any provisioning profiles, before it can sign and upload a build.
    Why does Fastlane produce fail with this error?
    Because produce tries to register the App ID, which fails when the bundle ID is already reserved to another team. That is expected, and is actually a useful signal that the identifier belongs elsewhere. After the app transfer completes, use match or sigh to regenerate signing assets under the new account rather than forcing produce.
    What is the safest retry path after the error?
    Do not delete or recreate the bundle ID. Confirm which account owns it, verify the app meets Apple's transfer criteria, run the app transfer from the source account, accept it on the destination, then generate fresh certificates and provisioning profiles and test a build. Pre-registering the bundle ID on the destination is the mistake to avoid.
    Should I re-check security after an app handover?
    Yes. A handover often carries over the previous owner's secrets: embedded API keys, CI tokens, or service credentials. Scan the re-signed build with a tool like PTKD.com (https://ptkd.com) to find embedded secrets and insecure settings that should be rotated, so the new owner does not inherit the old owner's access.

    Keep reading

    Scan your app in minutes

    Upload an APK, AAB, or IPA. PTKD returns an OWASP-aligned report with copy-paste fixes.

    Try PTKD free