development

Gatekeeper

macOS security technology that verifies app signatures and notarization tickets before allowing an app to run, protecting users from malicious software.

notarization code signing hardened runtime

Gatekeeper is macOS’s first line of defense against malware. It checks every app before it runs for the first time, verifying that it comes from an identified developer and has not been tampered with.

Verification Levels

Gatekeeper checks apps against three trust levels:

  1. App Store - apps from the Mac App Store are signed and reviewed by Apple
  2. Developer ID + Notarized - apps signed with a Developer ID certificate and notarized by Apple
  3. Unsigned/Unnotarized - apps that fail both checks are blocked with a warning dialog

What Users See

  • Notarized app: Opens normally with no warning
  • Signed but not notarized: Warning dialog saying “Apple cannot check it for malicious software” (users can still open it through System Settings)
  • Unsigned: Blocked entirely by default

Why Gatekeeper Matters for Developers

If you distribute macOS apps outside the App Store, Gatekeeper is the reason notarization is effectively mandatory. An unnotarized app triggers a scary warning that most users will not click through, resulting in support tickets and lost users.

Checking Gatekeeper Status

Verify how Gatekeeper will treat your app:

spctl --assess --type execute --verbose YourApp.app

The output shows the assessment result: accepted (will open normally) or rejected (will show warning).