Chapter 18. Security

iOS 11 didn’t change much with regard to the Security framework. A few things were added, mainly about the keychain. There are also some additions that are about Application Transport Security, or ATS. ATS is now incorporated into iOS, so all apps compiled with the new Xcode, and running under the latest iOS version, will by default use HTTPS for all their network traffic. There are some pros and cons to this: it is good because it strongly encourages the use of secure connections for everything, but sometimes it can be annoying to force using a secure connection for everything!

There are also some changes that affect the way we can store values in the keychain, but overall, not much to worry about.

18.1 Supporting Password Autofill with iCloud Keychain

Problem

You have a companion website to your iOS app through which users can register for your service, using their username (or email address) and a password. You would like the users who have registered through the website to be able to log in to your app without having to enter their username and password each time. The app can find these credentials in iCloud, where the user has placed them using Touch ID.

Solution

Follow these steps:

  1. Create a file called apple-app-site-association and place the following content in it:

    {
  "webcredentials" : {
    "apps" : ["TEAMID.X.Y.Z"]
  }
}

    Where the italicized items are:

    TEAMID

    Your iOS app developer team identifier. You can find this identifier on Apple’s developer ...

Get iOS 11 Swift Programming Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial