The full path from "I have an app that runs in Expo Go" to "the app is live in the App Store and Google Play." Real 2026 process, including EAS Build, EAS Submit, the metadata that gets your app rejected, and the 1.0.1 you will need to ship within a week.
This is the version of the guide I would hand a friend asking how to launch their first Expo app. It assumes you are using Expo's managed workflow, EAS Build, and EAS Submit, which is the path that works best for most teams in 2026.
If you have not built the app yet, the React Native boilerplate chooser helps pick a starter that already has the submission scaffolding in place.
What you need before you start
Before you do anything technical, get these accounts in order. Each one has its own approval flow and can take days.
If you are launching as an organization, the Apple Developer Program enrollment can take 2 – 4 weeks for the initial verification (D-U-N-S number, legal entity check). Start early.
The bundle identifier is final. You cannot change it after the first App Store Connect entry is created without losing your reviews and downloads. Pick something you can live with.
The order of operations that works
Most rejections in 2026 come from doing the steps in the wrong order. The path that works:
Lock app metadata first
Build with EAS Build
Submit a TestFlight + Closed Testing build first
Fill in App Store Connect and Play Console listings completely
Submit for review with reviewer notes and a test account
Watch the review queue
Plan a 1.0.1
Setting up EAS Build
The configuration that works for most projects:
{
"cli": {
"version": ">= 11.0.0"
},
"build": {
"development": {
"developmentClient": true,
"distribution": "internal"
},
"preview": {
"distribution": "internal",
"ios": {
"simulator": false
}
},
"production": {
"autoIncrement": true,
"env": {
"APP_ENV": "production"
}
}
},
"submit": {
"production": {
"ios": {
"appleId": "you@example.com",
"ascAppId": "1234567890",
"appleTeamId": "ABCDE12345"
},
"android": {
"serviceAccountKeyPath": "./google-play-service-account.json",
"track": "internal"
}
}
}
}
Two things to know:
autoIncrementis the difference between "I just submitted my 12th rejected build" and a smooth submission process. Always enable it for production.track: "internal"for Android Submit lets you promote to closed/open testing inside the Play Console, which is the safe pattern.
Run a production build with:
eas build --profile production --platform all
Wait 15 – 30 minutes per platform.
App Store Connect: what to fill in
The fields that actually matter for review:
- App Information: name, subtitle, primary category, secondary category, content rights.
- Pricing and Availability: free or paid, region availability.
- App Privacy: nutrition labels (data collected, linked to user, used for tracking).
- App Review Information: contact info, demo account credentials, notes for the reviewer.
- Version Information: description, keywords, support URL, marketing URL, screenshots.
The reviewer notes field is the highest-leverage one. Three sentences explaining how to get into your app and what to look at saves you a rejection. Example:
Demo credentials:
Email: review@yourapp.com
Password: ReviewerTest123!
Notes: This app is a habit tracker. After signing in, the user can create habits, log completions, and view analytics. Subscriptions unlock unlimited habits and advanced charts. There is no real money charged in TestFlight.
Google Play Console: what to fill in
Roughly the same content as App Store Connect, with two extra forms:
- Data Safety: declares what data the app collects and how it is used. Must match what your app actually does.
- Content Rating: an IARC questionnaire that produces age ratings for global regions.
Google Play in 2026 is more aggressive about flagging:
- Apps that ask for sensitive permissions (location, contacts, SMS) without a clear justification.
- Apps with AI-generated content that could be CSAM-adjacent (Google requires explicit policy compliance for image generation apps).
- Apps that trigger their main monetization outside Google Play Billing for digital goods.
Read the relevant policy pages once. The penalties for violating them after launch are severe.
Privacy nutrition labels: getting them right
Both stores require you to declare data collection. Lying here is the fastest way to get pulled.
The categories that catch most apps:
- Email address: collected if you have any auth, even if you "do not store it".
- User ID: collected if you have any account system.
- Crash data: collected if you use Sentry, Crashlytics, or similar.
- Performance data: collected if you use any performance monitoring.
- Diagnostics: collected if you log to a third-party service.
- Identifiers: device IDs, advertising IDs.
Walk through every third-party SDK in your app and note what they collect. Common SDKs and their nutrition impact:
- Sentry: crash data, diagnostics.
- PostHog: usage data, identifiers.
- RevenueCat: purchase history, identifiers.
- Supabase: account info, contact info (depending on what you store).
- Expo Notifications: device identifiers.
If you use a paid boilerplate, the nutrition declarations are usually documented for you. Shipnative, for example, ships with a privacy declaration template you can copy.
Common rejection reasons in 2026 (and how to avoid them)
These show up in roughly this order of frequency:
- Account deletion missing or hidden. Apple has enforced this since 2022 and rejection is automatic. The button must be inside the app, reachable from settings.
- Sign in with Apple missing when other social logins exist. If you have Google or Facebook login, you must have Sign in with Apple. Period.
- Crash on launch on the reviewer's device. Run on a real iPhone (not just the simulator) before submitting. Watch out for permissions that are required but not requested.
- Misleading subscription terms. Trial length, price, and what happens after trial must be visible on the paywall.
- Restore Purchases button missing. Required for any subscription app.
- Privacy policy URL not loading. Reviewers click it. Make sure it loads in any region.
- Test account does not work. Reviewers cannot sign in. Test the credentials yourself before submitting.
- App functionality unclear. Often hits niche or AI apps. Reviewer notes save you.
- Non-public APIs detected. Rare on Expo, but happens with certain native modules.
- ATT (App Tracking Transparency) prompt missing when a tracking SDK is included.
Our mobile app launch checklist is the longer pre-flight version of this list.
EAS Submit: the final step
Once your build is green and your store listings are filled in, EAS Submit handles the upload.
eas submit --profile production --platform ios
eas submit --profile production --platform android
For iOS, EAS Submit uploads the IPA to App Store Connect, where it appears under TestFlight first, then can be promoted to App Store review.
For Android, EAS Submit uploads to the track you configured (internal is safest), and you promote through Play Console.
A clean first iOS submission usually clears review in 24 – 48 hours in 2026. A clean first Android submission can clear in a few hours.
What to do after the app goes live
Plan to ship a 1.0.1 within a week. You will find bugs.
- Watch crash reports in Sentry. Any non-zero crash rate over 0.5% needs an immediate fix.
- Watch paywall conversion in PostHog or RevenueCat. If conversion is below 1%, the paywall, value prop, or audience is wrong.
- Reply to App Store and Play Store reviews quickly. Apple shows your responses publicly. A thoughtful reply to a 2-star review often turns it into a 4 or 5.
- Set up an alert (Discord webhook, Slack, email) for new crash reports and new low-star reviews.
- Plan an Expo SDK upgrade roughly every 6 months. Our Expo SDK upgrade checklist covers the process.
Compliance items that come back to bite you
These do not block submission, but they get apps removed post-launch:
- DSA terms compliance (EU). Both stores enforce this in 2026.
- Data deletion request mechanism reachable by end users.
- Honest, current third-party SDK list.
- Updated privacy policy when you add new tracking.
- Age rating accurate to the actual content.
Set a reminder to audit these every quarter.
FAQ
Do I need a Mac to submit a React Native app to the App Store?
No, not with EAS Build. EAS handles the macOS build environment for you. You can submit from Windows or Linux.
Does Expo Go count as my submission?
No. Expo Go is for development. You need a production build (a real .ipa or .aab) submitted via EAS Submit or manually via Transporter / Play Console.
How long does Apple review take in 2026?
24 – 48 hours for most clean submissions. Longer for first-time apps from new accounts, or apps that touch sensitive APIs. Holiday weeks slow things down.
How long does Google Play review take in 2026?
Often a few hours. Can be 1 – 3 days for first submissions or apps with sensitive permissions.
What if my app gets rejected?
Read the rejection reason carefully. Most rejections are specific and fixable in a single rebuild. Reply to the reviewer through App Store Connect's Resolution Center if you have questions or believe the rejection was wrong. Do not just resubmit the same binary.
Can I update an app without a full review?
Yes, for OTA updates via EAS Update on Expo. Code-only changes that do not modify native modules or app metadata can ship without a full review. Native changes still require a binary submission.
Ship faster than first-time founders usually do
Shipnative includes account deletion, Sign in with Apple, paywall flows, and store-submission scaffolding already in place.
Get Started Now