SignTools
SignTools is a self-hosted web platform that enables iOS app sideloading without requiring a computer after setup. It uses a macOS builder component for official Apple signing, paired with a service that provides a web interface for uploading, signing, and installing apps.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | SignTools/SignTools |
| Owner | SignTools |
| Primary language | Go |
| License | AGPL-3.0 — OSI-approved |
| Stars | 2.2k |
| Forks | 270 |
| Open issues | 24 |
| Latest release | v3.0.11 (2026-01-07) |
| Last updated | 2026-04-13 |
| Source | https://github.com/SignTools/SignTools |
What SignTools is
Written in Go, SignTools separates concerns into a stateless web service and a macOS builder that performs cryptographic signing via Apple's official tools. It supports iOS/iPadOS/macOS targets, OTA installation, tweaks injection, and multiple provisioning profile management.
Get the SignTools source
Clone the repository and explore it locally.
git clone https://github.com/SignTools/SignTools.gitcd SignTools# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Requires provisioning a macOS builder instance (physical or VM) with proper network connectivity to the web service; builder availability is critical.
- AGPL-3.0 license mandates that any modifications to the network-accessible service must be open-sourced; review organizational IP policy before customization.
- Apple signing credentials (developer account, certificates, provisioning profiles) must be securely managed and rotated within the builder; credential compromise exposes all signed apps.
- Web service must be exposed to end-user devices over HTTPS with proper TLS configuration; network isolation and access control are essential.
- Docker deployment available; ensure container orchestration, storage persistence, and macOS host scheduling are compatible with your infrastructure.
When to avoid it — and what to weigh
- App Store Compliance Required — If your workflow requires App Store distribution or Apple's review process, SignTools is not applicable—it is designed for sideloading, not App Store submission.
- No macOS Infrastructure Available — The builder component requires a dedicated macOS machine for signing. If you cannot provision and maintain a macOS host, deployment is not feasible.
- Sensitive Commercial Licensing Uncertainty — AGPL-3.0 requires source disclosure of network-accessible modifications. If your organization cannot comply with copyleft obligations or needs proprietary modifications, commercial licensing inquiry is required.
- Zero iOS Sideload Support Needed — If your deployment model relies exclusively on App Store or MDM, SignTools adds unnecessary infrastructure overhead.
License & commercial use
Licensed under AGPL-3.0 (GNU Affero General Public License v3.0). This is a strong copyleft license requiring that any modifications to network-accessible code be made available under the same terms. Permissive for unmodified use; restrictive for derivative works in production.
AGPL-3.0 permits commercial use of unmodified code, but any network-accessible modifications (custom signing logic, tweaked UI, integrated pipelines) must be open-sourced. If proprietary customization is required, contact maintainers for exclusive licensing. Running unmodified SignTools in a commercial environment is permitted; redistributing modified versions is not without compliance.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | High |
| DEV.co fit | Good |
| Assessment confidence | High |
Signing operations depend on macOS builder isolation and secure credential storage. Apple developer certificates and provisioning profiles are sensitive cryptographic material—compromise allows arbitrary app signing. No visible mention of credential encryption, access controls, audit logging, or builder authentication. Network exposure via HTTPS is essential. Review builder-to-service communication security (TLS, mutual auth, rate limiting). OTA installation over HTTP may permit network interception; HTTPS delivery is critical. No security audit or vulnerability disclosure policy visible in provided data.
Alternatives to consider
Xcode + Apple Configurator
Official Apple tools; requires per-device setup and computer interaction. Less automation and centralization than SignTools, but no third-party infrastructure or licensing constraints.
Apple Business Manager (ABM) + MDM
Enterprise-grade, Apple-native solution for managed device distribution. Requires Apple Business account and MDM infrastructure. Higher cost, more rigid compliance, but native integration and official support.
EasySigner / similar closed-source signing services
Commercial platforms offering hosted signing without self-hosting. Trade self-hosting complexity for SaaS cost and vendor lock-in; licensing and privacy terms differ significantly.
Build on SignTools with DEV.co software developers
SignTools offers a lightweight, self-hosted alternative to App Store distribution for internal and homebrew app sideloading. Before deployment, confirm macOS infrastructure availability, AGPL-3.0 compliance with your org, and review credential security practices in the documentation.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
SignTools FAQ
Can I use SignTools without a macOS builder?
What happens to my Apple credentials when I upload them to SignTools?
Can I modify SignTools and run it commercially without open-sourcing changes?
Does SignTools support App Store distribution?
Work with a software development agency
Need help beyond evaluating SignTools? DEV.co is a software development agency offering software development services and web development for teams of every size. Our software developers and web developers build custom software, web applications, APIs, and open-source devops integrations — and maintain them long-term.
Evaluate SignTools for Your iOS Distribution Workflow
SignTools offers a lightweight, self-hosted alternative to App Store distribution for internal and homebrew app sideloading. Before deployment, confirm macOS infrastructure availability, AGPL-3.0 compliance with your org, and review credential security practices in the documentation.