# Guideline 5.2.3 - Legal: Unauthorized Access to Third-Party Content

**Guideline:** 5.2.3 · **Store:** Apple App Store · **Risk:** high · **Difficulty:** hard · **Typical turnaround:** 3-7 days

Canonical URL: https://appstorereject.com/rejections/apple/5/guideline-523-legal-unauthorized-access-to-third-party-content

## Description

Apple flagged your app for potentially providing unauthorized access to third-party streaming content, catalogs, or discovery services. This is typically triggered when your app appears to scrape, aggregate, or redistribute content from platforms like YouTube, Spotify, Netflix, or similar services without proper licensing agreements. The rejection language is standardized but serious - Apple is concerned about copyright infringement liability. This isn't usually an automated rejection; a human reviewer likely identified specific functionality that appears to access third-party content without clear authorization. The fastest compliant path depends on your actual implementation: if you're legitimately using public APIs with proper attribution, you need to document this clearly. If you're scraping or circumventing restrictions, you'll need to either obtain proper licensing or pivot to original/licensed content only.

## Common variations

- The app provides unauthorized access to third-party streaming content without proper licensing agreements
- Your app appears to scrape or redistribute content from third-party services in violation of their terms of service
- The app contains functionality that may infringe upon the intellectual property rights of content providers
- We identified features that provide access to copyrighted material without documented authorization from rights holders
- The app aggregates or displays third-party content in a manner that may violate platform terms of service or copyright law

## Example rejection email

```
Guideline 5.2.3 - Legal

We found that your app contains content or features that may violate the rights of one or more third parties. Specifically, the app provides potentially unauthorized access to third-party audio or video streaming, catalogs, and discovery services.

The app and its contents should not infringe upon the rights of another party. In the event the app infringes another party's rights, you are responsible for any liability to Apple because of a claim.

Next Steps

To resolve this issue, please attach documentary evidence in the App Review Information section in App Store Connect evidencing that you have all necessary rights or permissions to the third-party audio or video streaming, catalogs, and discovery services in the app.

Once we have reviewed your documentation and confirmed its validity, we will proceed with the review of the app.
```

## Resolution steps

## Quick Assessment
- **Risk level:** High
- **Resolution path:** Strategic Documentation or Compliance Fix
- **Typical turnaround:** 3-7 days

## The Fix

01. **Document Your Legal Standing**
   Upload licensing agreements, API terms compliance, or partnership agreements to the App Review Information section in App Store Connect. Include screenshots showing proper attribution and terms compliance.

02. **Remove Unauthorized Access (if applicable)**
   If you're scraping content or circumventing platform restrictions, remove these features entirely and replace with properly licensed alternatives or original content.

03. **Add Clear Attribution and Disclaimers**
   For legitimate API usage, add prominent attribution to content sources and disclaimers about third-party ownership. Include links to original sources where appropriate.

04. **Implement Content Filtering**
   Add mechanisms to respect content creators' wishes and platform policies, such as honoring robots.txt, respecting rate limits, and providing opt-out mechanisms.

05. **Prepare Detailed Technical Documentation**
   Create a technical brief explaining exactly how your app accesses content (official APIs, RSS feeds, etc.) and why this constitutes fair use or authorized access.

## Prevention
- Always use official APIs and SDKs rather than scraping
- Obtain explicit licensing agreements for any content aggregation
- Include proper attribution and source links for all third-party content
- Regularly review and comply with third-party platform terms of service updates

## Before / after examples

**Before:** App scrapes YouTube videos and displays them without attribution or proper API usage.
**After:** App uses YouTube's official API with proper attribution, developer key, and compliance with usage policies.
**Why it works:** Official API usage with documentation demonstrates authorized access rather than unauthorized scraping.

**Before:** Music streaming app aggregates content from Spotify without licensing agreements.
**After:** App only displays user's own playlists via official Spotify API or uses properly licensed music catalog.
**Why it works:** Proper API integration with user consent eliminates copyright infringement concerns.

## Common questions

**How long does this typically take to fix?**

Typical turnaround is 3-7 days (difficulty: hard). After resubmission, most re-reviews complete within 24-48 hours.

---
*Machine-readable source: https://api.appstorereject.com/api/rejections/detail?slug=guideline-523-legal-unauthorized-access-to-third-party-content*