We have a native iOS mobile application that uses the Salesforce mobile sdk -- specifically to use OAuth 2.0 authentication (user-agent) and the REST API to manipulate salesforce objects. We have no Apex or other code that needs to be hosted on salesforce.com. This application will be used by different companies (i.e., it is not an internal application).
My understanding is that in order to get the consumer key required for use by OAuth, we need to create a managed Package for AppXChange and define our appication as a "Remote Access Application". Per Salesforce packaging guide "Designing Packages for Remote Access Using OAuth". Since this application will be used by many different customers, my understanding is to get a single consumer key for my iOS app, I need to create this managed package that customers will then install on their salesforce orgs to allow my app to talk to their org.
The question is, what is the best practice for what else needs to be added to this package? If I only define the remote access application, I cannot upload the package. However, I don't think it's correct to create some random custom object that I'll never use.
I have not been able to find any directions on enabling a "native client only" application to get the consumer key and would appreciate any pointers to more information.