Stack Overflow
Stack Overflow

Questions tagged [devicecheck]

41 questions
1
vote
1 answer

iOS 403 App attestation failed but Android is fine?

I just cannot get App Check to work with iOS. My config is fine with Android. I have created a key and used it to configure DeviceCheck. I am testing on a physical device (iPhone 6s). Running in debug mode I get the following when my app tries to…
Luke
  • 1,149
  • 1
  • 7
  • 15
1
vote
0 answers

iOS - Limitations of DCAppAttestService for generating attestation object

I was checking out the documentation for attestKey(_:clientDataHash:completionHandler:) method. The general idea is for our app to use these measures to assert its legitimacy with any server requests for sensitive or premium content. How often can I…
DesperateLearner
  • 1,115
  • 3
  • 19
  • 45
1
vote
0 answers

iOS DeviceCheck query two bits not working

I have updated two bits last week on my iPad 7th generation. iPadOS 13.5.1 using iPad app I'm developing. When I query device check (query two bits) next day I did get two bytes as I updated. I tried again after 1 week query two bits, unfortunately…
Pradeep Sakharelia
  • 23
  • 3
1
vote
0 answers

Unique identifier per device, over multiple apps

Apple recently brought up their new DeviceCheck API which allows the developer to uniquely identify a device from the same developer / team ID. I am looking for a way to have same functionality but through all apps. Meaning App independent. The…
davidOhara
  • 1,008
  • 5
  • 17
  • 39
1
vote
1 answer

DeviceCheck Without A Server

I am trying to implement DeviceCheck for my app. I am new to coding and do not have the resources to build a server to be an intermediary between the client and Apple's servers. Is it possible to just query for and update the DeviceCheck bits just…
ap123
  • 916
  • 1
  • 8
  • 22
1
vote
2 answers

Can the `DeviceCheck` API generate a token when there is no internet connection?

Can the DeviceCheck API generate a token when the device is offline? if DCDevice.curDevice.isSupported { DCDevice.current.generateToken(completionHandler: { (data, error) in if let tokenData = data { print("Received token…
SPatel
  • 4,768
  • 4
  • 32
  • 51
1
vote
1 answer

Device check API: Error: Unable to verify authorization token

I am using Xcode10, Swift 5 and SwiftJWT to generate JSON Web token in order to authenticate Device Check API. Below is the method let key8 = """ -----BEGIN PRIVATE KEY----- MIGTAgEAMBMGByqGSM49AgEGCCq... -----END PRIVATE KEY----- """ let myHeader…
Ashfaque
  • 1,254
  • 1
  • 22
  • 38
1
vote
0 answers

Question about Devicecheck in iOS > 11 and basically how to ensure a user is a real one?

I'm implementing a sign-up system which uses SMS to authentify the user. As I pay for each SMS sent, I would like to prevent that one could send 100000 request to my server, which would result to send 100000 SMS to random users. I would like for…
Jerem Lachkar
  • 1,008
  • 11
  • 24
1
vote
1 answer

Generating a JWT for Apple's DeviceCheck API

I'm attempting to use the DeviceCheck API from Apple. I can't seem to craft a request that doesn't fail with a 401 Unable to verify authorization token I've tried a handful of minor variations. import java.security.KeyFactory import…
Parth Mehrotra
  • 2,712
  • 1
  • 23
  • 31
1
vote
1 answer

Cloud Functions and DeviceCheck, not getting response from Apple

I'm testing out DeviceCheck, but I'm occasionally having an issue where I don't receive body, response, or error values from Apple. I'm using request to communicate with them. I've tried using request-promise and switched to api.devicecheck.apple…
injerainjera
  • 11
  • 2
1
vote
1 answer

Is DeviceCheck or indentifierForVendor safe?

I am planning on using DeviceCheckor indentifierForVendor to ensure that the same device is not being used to redeem multiple times the same gift (free money for example sake) offered to new users. I am wondering however, if it is possible to trick…
Anters Bear
  • 1,816
  • 1
  • 15
  • 41
1
vote
1 answer

If DeviceCheck is device specific not app specific, so it's possible for another app to mess with the 4 bits?

If DeviceCheck is device specific and not app specific, is it possible for another app to mess with the 4 bits and hence mess up your app in the process?
Jason Mantra
  • 105
  • 1
  • 8
0
votes
1 answer

App Attest - Hash verification of public key is failing

I'm implementing App Attest server verification on a PHP server. I'm stuck on step 5 of the Verify the assertion documentation: Create the SHA256 hash of the public key in credCert, and verify that it matches the key identifier from your app. At…
gbalduzzi
  • 9,356
  • 28
  • 58
0
votes
0 answers

Quotas and limits for App Attest and device check in firebase for iOS per day or per device?

what is the Quotas and limits for App Attest and device check in firebase for iOS per day or per device? How many api calls is allowed per day or per device per day ?
Hariharan Sivakumar
  • 82
  • 4
0
votes
0 answers

Is Firebase with App Attest and DeviceCheck able to detect that the App is running on a Jailbroken Iphone?

I see jailbreak detection questions being asked, but they mostly prior to DeviceCheck. I understand that AppCheck with Play's Integrity API is able to check if the App is running on "... a genuine Android device". Is AppCheck with App Attest and…
Diogo Melo
  • 1,735
  • 3
  • 20
  • 29
1
2
3