Let's say I have an iOS app on the app store. Anyone can download and use it, but I would like to restrict the app from granting access to certain features to a select set of people I can personally vouch for. So, for example, to get access, the app send email to me, you have to convince me I know you, and if you do, I send you back some kind of token string which you can enter into the app.
However, I'd like for that token to not be shareable, and to be locked to that device.
Is there any kind of persistent ID associated with a device that I can use to tie the token I grant to that persistent ID?
Or can someone suggest a way that once I trust a user, I can give them a token which will cannot be shared to anyone else?
Also, does anyone know if restricting access to app features in this way is any kind of issue with regards to the app review process? The app itself is free, and there are no in-app purchases. I simply don't want certain features of the app (which end up sending push notifications) to get abused.