iOS

DeviceCheck and App Attest

DeviceCheck allows servers to set and query two bits of per-device state and to verify that a request is coming from a genuine Apple device. App Attest, exposed through the same service, lets a server cryptographically verify that requests are coming from an authentic, uncompromised instance of an app. The API is JWT-authenticated (ES256) and is used as an anti- fraud / anti-abuse signal alongside iOS apps.

DeviceCheck and App Attest is one of 8 APIs that iOS publishes on the APIs.io network.

Tagged areas include Device Attestation, Anti-Fraud, App Attest, and Security. The published artifact set on APIs.io includes API documentation and an API reference.

GitHub

Documentation

📖
Documentation
https://developer.apple.com/documentation/devicecheck
📖
APIReference
https://developer.apple.com/documentation/devicecheck/accessing-and-modifying-per-device-data

Other Resources

🔗
Sandbox
https://api.development.devicecheck.apple.com

API entry from apis.yml

apis.yml Raw ↑ 
aid: ios:devicecheck
name: DeviceCheck and App Attest
description: DeviceCheck allows servers to set and query two bits of per-device state and to verify that
  a request is coming from a genuine Apple device. App Attest, exposed through the same service, lets
  a server cryptographically verify that requests are coming from an authentic, uncompromised instance
  of an app. The API is JWT-authenticated (ES256) and is used as an anti- fraud / anti-abuse signal alongside
  iOS apps.
humanURL: https://developer.apple.com/documentation/devicecheck
baseURL: https://api.devicecheck.apple.com
tags:
- Device Attestation
- Anti-Fraud
- App Attest
- Security
properties:
- type: Documentation
  url: https://developer.apple.com/documentation/devicecheck
- type: APIReference
  url: https://developer.apple.com/documentation/devicecheck/accessing-and-modifying-per-device-data
- type: Sandbox
  url: https://api.development.devicecheck.apple.com