> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cognite.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Certifying a Flows custom app for production

> Run the four skill-driven steps that certify a Flows custom app for deployment to a customer production environment.

**Application certification** authorizes a specific Flows custom app version to deploy to a customer production environment. The certification confirms the app meets the same security, data, and UX standards that builders are trained against in [Builder certification](/cdf/flows/guides/builder-certification), and it applies to every app independently.

<Warning>
  Application certification is required for **every** Flows custom app deployed to a customer production CDF project, even when built by a certified builder. Each app is certified independently, and **every code change** (new feature, bug fix, refactor, dependency bump) requires re-certification before redeploying to production.
</Warning>

## When you need it

| You're deploying to ...                                                                              | Application certification                                                                                             |
| ---------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- |
| A customer **production** project, first deploy                                                      | **Required** before deploy                                                                                            |
| A customer **production** project, **any code change** (feature, bug fix, refactor, dependency bump) | **Required** before redeploy                                                                                          |
| A customer **dev or test** project                                                                   | Not required (signing may be waived for certified builders on request. Contact your Cognite customer representative.) |

**Prerequisites**:

* Active [Builder certification](/cdf/flows/guides/builder-certification) (valid, not expired).
* Enterprise license to **Cursor**, **Claude Code**, or another agentic coding tool (required to run the certification skills).
* A Flows custom app created with `npx @cognite/cli@latest apps create`.

<Tip>
  **The flow is skill-driven.** Each step is a slash command in your agentic coding tool. The skills generate artifacts in your app's repository, and the final submit skill verifies that every prior artifact exists before packaging the build for submission.
</Tip>

## How the certification flow works

<Steps>
  <Step title="Capture the App Brief">
    Run `/flows-app-brief` immediately after creating the app, **before** you start building.

    The skill acts as a certification coach: it pre-scans `app.json` and any spec files for context, then asks targeted questions about your user, the problem the app solves, the one-sentence value statement, and how you'll measure success. It writes `App-Brief.md` at the repo root.

    `App-Brief.md` is the user-context document reviewers read first. The final submit skill blocks submission until every required field is populated.
  </Step>

  <Step title="Build the app">
    Develop your app using the latest Flows template. Follow the [Get started with Flows](/cdf/flows/guides/getting-started) guide for setup.

    Pull skills as you go (`npx @cognite/cli@latest apps skills pull`) so AI coding agents stay aligned with current Cognite best practices.
  </Step>

  <Step title="Run the code review">
    Run `/flows-code-review` to perform the technical review.

    The skill produces three artifacts under `reviews/code-review/feedback-round-N/`:

    * `code-review-report.md` — scored report covering correctness, SDK usage, dependencies, test coverage, dead code, patterns, Data Modeling Service (DMS) query efficiency, pagination, rate limiting, and Aura usage.
    * `review-files.md` — per-file inventory.
    * `review-packages.md` — dependency audit including `npm audit` results.

    The report's `Summary` block reports a `Must Fix open:` count. Re-run the skill (it creates a new `feedback-round-N`) until the count is **0**.
  </Step>

  <Step title="Run the design review">
    Run `/flows-design-review` to score the app against the [10 design quality questions](/cdf/flows/guides/quality-guidelines).

    The skill is semi-automated: for each question it runs concrete repo probes (grep, lint, build) and proposes a draft 1–5 score. You confirm or override each score after walking your tasks end-to-end in the running app. It writes `design-review-report.md` under `reviews/design-review/feedback-round-N/`.

    Target overall average: **3.8 or higher**.
  </Step>

  <Step title="Verify and submit">
    Before running this skill, ensure you have run:

    * `npx @cognite/cli@latest apps deploy` — builds the app automatically (`npm run build`) and uploads it, creating the deploy bundle at `.cognite-bundles/<externalId>-<versionTag>.zip`
    * `npx @cognite/cli@latest apps sign` — signs the bundle and writes `.dev.sig`

    <Tip>
      Ensure your working tree is clean (`git status` shows nothing uncommitted) before running `apps deploy`. The build runs automatically and the source archive must match the deployed bundle exactly. See [Deploy a Flows custom app](/cdf/flows/guides/deploying) for build options.
    </Tip>

    Run `/flows-external-app-submit`. The skill verifies five gates before packaging anything:

    | Gate                                                                                                                                                                   | Required |
    | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- |
    | `App-Brief.md` complete (required fields: `appName`, `customer`, `tier`, `owner`, `userRole`, `currentProblem`, `oneSentenceStory`, `successCriteria`, `userEvidence`) | Yes      |
    | Latest `code-review-report.md` reports `Must Fix open: 0`                                                                                                              | Yes      |
    | Latest `design-review-report.md` reports `Average score: 3.8` or higher                                                                                                | Yes      |
    | No secrets in tracked files (`.env*`, `.pem`, `.key`, `.p12`, etc.)                                                                                                    | Blocked  |
    | Working tree clean                                                                                                                                                     | Blocked  |

    On all-pass, the skill runs `npx @cognite/cli@latest apps submit`, which collects the source archive (`src-<sha>.zip`) and the deploy bundle into `dist/certification/`, then prompts you to add your screen recording to that folder before opening the pre-filled Zendesk form.
  </Step>

  <Step title="Submit through Cognite Zendesk">
    Open the [Cognite Zendesk submission form](https://cognite.zendesk.com/hc/en-us/requests/new?ticket_form_id=360001234312\&tf_priority=normal\&tf_subject=App+Review+Request%3A+%5BApp+name%5D\&tf_360015295097=cognite_flows\&tf_description=Dear+Cognite+Platform+Team%2C%3Cbr%3E%3Cbr%3EI+would+like+to+submit+my+Flows+app+for+review+and+certification.%3Cbr%3E%3Cbr%3EApp+name%3A+%5BApp+name%5D%3Cbr%3EApp+external+ID%3A+%5BexternalId%5D%3Cbr%3EVersion%3A+%5BversionTag%5D%3Cbr%3E%3Cbr%3E%60npx+%40cognite%2Fcli+apps+submit%60+verified+App-Brief.md%2C%3Cbr%3Ecode-review-report.md%2C+and+design-review-report.md+are+committed%3Cbr%3Eand+present+in+the+source+archive.%3Cbr%3E%3Cbr%3EAttached%3A%3Cbr%3E%5B+%5D+Source+archive+%28.zip%29+generated+by+%60npx+%40cognite%2Fcli+apps+submit%60%3Cbr%3E%5B+%5D+Screen+recording+of+the+application+%28required+for+design+review%29%3Cbr%3E%3Cbr%3EBest+regards%2C%3Cbr%3E%5BYour+name%5D). The form, subject, description, and **Cognite Flows** product field are pre-filled. Update the placeholders with your app's details.

    Place your screen recording in `dist/certification/` (the CLI prompts you to do this), then attach all files from that folder:

    * **`src-<sha>.zip`** — source archive (committed code only; `design-review-report.md` is included inside)
    * **`<externalId>-<versionTag>.zip`** — deploy bundle; required for signature verification
    * **Screen recording** of the application walking through the primary tasks (required for the design review)

    Submit the ticket. Your submission is reviewed manually.
  </Step>

  <Step title="Respond to the review outcome">
    For dev / staging projects, the signing requirement may be waived by Cognite on request. Deploy your app, publish it, then activate it.

    For production projects, you'll receive one of two outcomes from the Zendesk review:

    * **Feedback:** Address reviewer comments, re-run the relevant skills, commit the updated artifacts, and reply in the same Zendesk ticket with a fresh `dist/certification/` folder (new `src-<sha>.zip`, deploy bundle, and updated screen recording if the UI changed).
    * **Approval:** Download the `.cert.sig` from the [Yopass](https://yopass.se/) link in the ticket. Place it alongside your `.dev.sig` file, run `npx @cognite/cli@latest apps publish`, then `npx @cognite/cli@latest apps activate`.

    <Note>
      No committed SLA at launch. Reviews are first-in, first-out as the team scales the process.
    </Note>
  </Step>
</Steps>

## App tiers

The App Brief asks you to pick a tier so reviewers can calibrate expectations. Pick the closest match; "not sure" is fine, and the reviewer can adjust.

| Tier                               | Scope                                                                             | Examples                                                        |
| ---------------------------------- | --------------------------------------------------------------------------------- | --------------------------------------------------------------- |
| **Tier 1: Monitoring & reporting** | Read-only dashboards, asset/equipment overviews, KPI reports                      | Asset health dashboard, production KPI overview                 |
| **Tier 2: Operational support**    | Interactive workflows that support an operator's day, typically single user group | Work-order triage, data validation, shift handover              |
| **Tier 3: Business critical**      | Multi-step workflows, multiple roles, write-back into systems of record           | Approval workflows, multi-user collaboration with state changes |

## Submission requirements

| Item                                                      | Source                                                                                                           |
| --------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------- |
| Source archive `src-<sha>.zip`                            | `dist/certification/` — created by `npx @cognite/cli@latest apps submit`                                         |
| Deploy bundle `<externalId>-<versionTag>.zip`             | `dist/certification/` — copied from `.cognite-bundles/` by `apps submit`; must match the signed hash             |
| Screen recording of the application                       | `dist/certification/` — placed there by the builder; should cover the primary user tasks named in `App-Brief.md` |
| `App-Brief.md` (inside `src-<sha>.zip`)                   | Generated by `/flows-app-brief`                                                                                  |
| Latest `code-review-report.md` (inside `src-<sha>.zip`)   | Generated by `/flows-code-review`                                                                                |
| Latest `design-review-report.md` (inside `src-<sha>.zip`) | Generated by `/flows-design-review`                                                                              |

## Self-check before submitting

Run this checklist immediately before you open the Zendesk ticket:

* [ ] The app is targeting a customer **production** project (skip certification for dev or test).
* [ ] `App-Brief.md` exists at the repo root and every required field is populated.
* [ ] The latest `reviews/code-review/feedback-round-N/code-review-report.md` reports `Must Fix open: 0`.
* [ ] The latest `reviews/design-review/feedback-round-N/design-review-report.md` reports `Average score:` of **3.8** or higher.
* [ ] All skill-generated artifacts (`App-Brief.md` and the latest `reviews/` reports) are committed to git (`git add` + `git commit`); the submit skill packages only committed files.
* [ ] `npx @cognite/cli@latest apps deploy` has been run; deploy bundle exists at `.cognite-bundles/`.
* [ ] `npx @cognite/cli@latest apps sign` has been run; `.dev.sig` exists.
* [ ] `/flows-external-app-submit` ran and printed PASS for every gate.
* [ ] Screen recording of the app's primary tasks has been placed in `dist/certification/`.
* [ ] All files in `dist/certification/` (`src-<sha>.zip`, deploy bundle, screen recording) are ready to attach.

<Check>
  If every box is ticked, the submission is ready. Submit through the [Cognite Zendesk submission form](https://cognite.zendesk.com/hc/en-us/requests/new?ticket_form_id=360001234312\&tf_priority=normal\&tf_subject=App+Review+Request%3A+%5BApp+name%5D\&tf_360015295097=cognite_flows\&tf_description=Dear+Cognite+Platform+Team%2C%3Cbr%3E%3Cbr%3EI+would+like+to+submit+my+Flows+app+for+review+and+certification.%3Cbr%3E%3Cbr%3EApp+name%3A+%5BApp+name%5D%3Cbr%3EApp+external+ID%3A+%5BexternalId%5D%3Cbr%3EVersion%3A+%5BversionTag%5D%3Cbr%3E%3Cbr%3E%60npx+%40cognite%2Fcli+apps+submit%60+verified+App-Brief.md%2C%3Cbr%3Ecode-review-report.md%2C+and+design-review-report.md+are+committed%3Cbr%3Eand+present+in+the+source+archive.%3Cbr%3E%3Cbr%3EAttached%3A%3Cbr%3E%5B+%5D+Source+archive+%28.zip%29+generated+by+%60npx+%40cognite%2Fcli+apps+submit%60%3Cbr%3E%5B+%5D+Screen+recording+of+the+application+%28required+for+design+review%29%3Cbr%3E%3Cbr%3EBest+regards%2C%3Cbr%3E%5BYour+name%5D).
</Check>

## Troubleshooting common issues

<AccordionGroup>
  <Accordion title="`/flows-external-app-submit` keeps blocking on Must Fix items">
    Open the latest `reviews/code-review/feedback-round-N/code-review-report.md` and work the `Must Fix` section top to bottom. Re-run `/flows-code-review` after each batch of fixes; it creates a new feedback round so reviewers can see your progression. Submission stays blocked until the most recent round reports `Must Fix open: 0`.
  </Accordion>

  <Accordion title="My design average is below 3.8 but my app feels fine">
    The skill proposes scores from repo probes and your walkthrough notes; you can override any score it gets wrong. Re-run `/flows-design-review` in a new feedback round, override the scores you disagree with, and add an `Improvement note` explaining the reasoning so reviewers can follow your thinking.
  </Accordion>

  <Accordion title="What counts as a customer production project?">
    Any CDF project the customer uses for production decisions, dashboards, or workflows; typically the project with `production` (or similar) in the name and `published: true` on deployments. If you're unsure, ask the customer's CDF administrator. When in doubt, certify.
  </Accordion>

  <Accordion title="Can I submit without a screen recording?">
    No. The design review needs to see the app in motion across your primary user tasks. A short walkthrough (2–5 minutes) is enough; narration is optional but helpful.
  </Accordion>

  <Accordion title="The app changed after it passed. Do I need to recertify?">
    Yes. Application certification is **per-version** and applies to every code change (new feature, bug fix, refactor, or dependency bump). Re-run the four skills against the new version and submit a fresh zip referencing the new commit hash before redeploying to the customer's production project.
  </Accordion>

  <Accordion title="Even for a one-line bug fix?">
    Yes. Certification is per-commit, not per-change-size. The re-run is fast when nothing meaningful has changed (the code-review and design-review skills produce reports quickly against a known-good codebase), so the friction is small. The guarantee that production only ever runs certified code is what matters.
  </Accordion>

  <Accordion title="Reviewers asked for changes. How do I resubmit?">
    Make the fixes, re-run `/flows-code-review` and `/flows-design-review` (each in a new feedback round), then re-run `/flows-external-app-submit` to produce a fresh zip. Open a new Zendesk ticket and note in the description that this is a re-certification, referencing the original ticket number.
  </Accordion>
</AccordionGroup>

## Further reading

* [Builder certification](/cdf/flows/guides/builder-certification) — Certify yourself before you certify an app.
* [Quality guidelines](/cdf/flows/guides/quality-guidelines) — The 10 design quality questions the design review skill scores against.
* [Skills](/cdf/flows/concepts/skills) — How skills are delivered and refreshed in your app.
* [Get started with Flows](/cdf/flows/guides/getting-started) — Scaffold a new app.
