Exporting for macOS

See also

This page describes how to export a Godot project to macOS. If you're looking to compile editor or export template binaries from source instead, read Compiling for macOS.

macOS apps are exported as an .app bundle, a folder with a specific structure which stores the executable, libraries and all the project files. This bundle can be exported as is, packed in a ZIP archive or DMG disk image (only supported when exporting from a computer running macOS).

Requirements

  • Download the Godot export templates. Use the Godot menu: Editor > Manage Export Templates.

  • A valid and unique Bundle identifier should be set in the Application section of the export options.

Warning

Projects exported without code signing and notarization will be blocked by Gatekeeper if they are downloaded from unknown sources, see the Running Godot apps on macOS page for more information.

Code signing and notarization

By default, macOS will run only applications that are signed and notarized. If you use any other signing configuration, see Running Godot apps on macOS for workarounds.

To notarize an app, you must have a valid Apple Developer ID Certificate.

If you have an Apple Developer ID Certificate and exporting from macOS

Install Xcode command line tools and open Xcode at least once or run the sudo xcodebuild -license accept command to accept license agreement.

To sign exported app

  • Select Xcode codesign in the Code Signing > Codesign option.

  • Set valid Apple ID certificate identity (certificate "Common Name") in the Code Signing > Identity section.

To notarize exported app

  • Select Xcode altool in the Notarization > Notarization option.

  • Disable the Debugging entitlement.

  • Set valid Apple ID login / app. specific password or App Store Connect API UUID / Key in the Notarization section.

You can use the xcrun notarytool history command to check notarization status and use the xcrun notarytool log {ID} command to download the notarization log.

If you encounter notarization issues, see Resolving common notarization issues for more info.

After notarization is completed, staple the ticket to the exported project.

If you have an Apple Developer ID Certificate and exporting from Linux or Windows

Install PyOxidizer rcodesign, and configure the path to rcodesign in the Editor Settings > Export > macOS > rcodesign.

To sign exported app

  • Select PyOxidizer rcodesign in the Code Signing > Codesign option.

  • Set valid Apple ID PKCS #12 certificate file and password in the Code Signing section.

To notarize exported app

  • Select PyOxidizer rcodesign in the Notarization > Notarization option.

  • Disable the Debugging entitlement.

  • Set valid App Store Connect API UUID / Key in the Notarization section.

You can use the rcodesign notary-log command to check notarization status.

After notarization is completed, use the rcodesign staple command to staple the ticket to the exported project.

If you do not have an Apple Developer ID Certificate

  • Select Built-in (ad-hoc only) in the Code Signing > Codesign option.

  • Select Disabled in the Notarization > Notarization option.

In this case Godot will use a ad-hoc signature, which will make running an exported app easier for the end users, see the Running Godot apps on macOS page for more information.

Signing Options

Option

Description

Codesign

Tool to use for code signing.

Identity

The "Full Name" or "Common Name" of the signing identity, store in the macOS keychain. 1

Certificate File

The PKCS #12 certificate file. 2

Certificate Password

Password for the certificate file. 2

Custom Options

Array of command line arguments passed to the code signing tool.

1

This option is visible only when signing with Xcode codesign.

2(1,2)

These options are visible only when signing with PyOxidizer rcodesign.

Notarization Options

Option

Description

Notarization

Tool to use for notarization.

Apple ID Name

Apple ID account name (email address). 3

Apple ID Password

Apple ID app-specific password. See Using app-specific passwords to enable two-factor authentication and create app password. 3

Apple Team ID

Team ID ("Organization Unit"), if your Apple ID belongs to multiple teams (optional). 3

API UUID

Apple App Store Connect API issuer UUID.

API Key

Apple App Store Connect API key.

Note

You should set either Apple ID Name/Password or App Store Connect API UUID/Key.

3(1,2,3)

These options are visible only when notarizing with Xcode altool.

See Notarizing macOS Software Before Distribution for more info.

Entitlements

Hardened Runtime Entitlements

Hardened Runtime entitlements manage security options and resource access policy. See Hardened Runtime for more info.

Entitlement

Description

Allow JIT Code Execution 4

Allows creating writable and executable memory for JIT code. If you are using add-ons with dynamic or self-modifying native code, enable them according to the add-on documentation.

Allow Unsigned Executable Memory 4

Allows creating writable and executable memory without JIT restrictions. If you are using add-ons with dynamic or self-modifying native code, enable them according to the add-on documentation.

Allow DYLD Environment Variables 4

Allows app to uss dynamic linker environment variables to inject code. If you are using add-ons with dynamic or self-modifying native code, enable them according to the add-on docume