I'm trying to create, update, insert records into the iCloud along with my app's ID. I did created my record type in the icloud dashboard and it is working only when the device contains icloud account has been logged in. How to use the icloud service for all the devices which is only using the app ? I saw API access and how to implement the token based access ? Please help me with this problem.
Here a screenshot of the showing the permissions box.
You can see from here you can even grant read access to anonymous users if you so wish, although you would be very unwise to do so if your plan was release your app on the apps store for obvious reasons I would hope.
Related
I'm working on a social media project where users can sign in with their different profiles on different platforms (Facebook, Twitter etc.)
Currently, the app hasn't got a sign in option via Apple. The thing I want to achieve is, after signing in with Apple, storing that respective user's app store id(s) (if there is any) to later make it possible to query (and show) the reviews made under user's particular applications.
I search through app store connect API documents, but cannot find any solid info. And, run into some outdated discussions, thus cannot be sure about the questions in my mind:
Is it possible to retrieve an Apple User's app store ID(s) after make her signing in with Apple?
If yes, what is the necessary endpoint to retrieve app store IDs?
Lastly, I understand I also need to create an account on Apple for my app to make these sign in features possible on my app. Should I require to pay for my Apple account to make these kind of features (signin in, making API endpoint calls etc.) activated on my app?
Thank you in advance.
If I notice fraudulent activity on my application by an authenticated user (by Firebase Authentication), can I block the device associated with this user so that he can no longer access my application? And if so, how do I do it?
Thanks for your attention !
A Firebase Authentication user has a UID, that you can use to allow them to access certain resources. To block a specific user from Firebase Authentication itself, you can disable their account. So don't delete it (as they can just recreate it in that case), but disable it. After doing that, they won't be able to sign in, and will be unable to refresh their ID token (which happens hourly).
If you use one of the Firebase databases (Cloud Firestore, or Realtime Database), you can also implement a list of banned UIDs in there, and then check against that in your security rules.
I am building an iOS app that is going to be used internally within my company. An administrator wants to be able to give certain employees logins to use the app across multiple devices.
For example, Administrator will assign Employee A and Employee B their own username and password. The app will be installed on Device X, Y, and Z. Employees A and B need to be able to login to any device (say, Device X), do stuff in the app and save their changes, and then login to another device (say, Device Z) and see their changes. Administrator would like to be able to manage the logins within the app (i.e. after entering an administrator password).
I have looked into iCloud Keychain to store the username/password pairs but it sounds like Keychain is meant to only be used with one Apple ID (which I assume all company devices would be attached to one Apple ID so maybe Keychain could work).
In summary, my questions are:
Where can I securely store user login information (if not on Keychain)? Do I need my own server or are there services within the Apple API that would help accomplish this?
How can I utilize the logins from any device with my app?
Are there any APIs or Wrappers that would simplify this process? I found Locksmith but I'm not sure if it will work for what I need.
I appreciate any suggestions!
You will need a back-end server. However, if you are looking for a simpler solution, I would recommend AWS Mobile Hub:
https://aws.amazon.com/mobile/
They provide Authentication and NoSQL services without having to setup your own servers. All in all, it's a pretty comprehensive offering.
I have a developer account and I'm developing an app for someone. I want him to be able to change datas in CloudKit so I want to use his iCloud account(He doesn't have a developer account, just personal account). However, i don't know how to differentiate my developer account and his iCloud account.
Thank You
I believe CloudKit's notion of public and private databases may achieve what you need to do. As a reference, I am referring to slide 45 in Apple's WWDC presentation on cloudkit (http://devstreaming.apple.com/videos/wwdc/2014/208xx42tf0hw3vv/208/208_introducing_cloudkit.pdf)
Considering that each app has a container, and that container includes 1 public database (that all users of the app can access) plus a multitude of private databases (one per user), if the data you're storing isn't private, then consider storing it in the public database. You can modify it as needed during development by being logged into your iCloud account, and your client can modify it as well by being logged into his iCloud account. (Apple docs say the public database is stored in the App developer's iCloud space)
If you store the data in the private database, however, it will be written to an instance of the private database belonging to the currently signed-in user. So anything you write would go into a private database instance (which Apple docs says resides in each user's personal iCloud space) and anything he writes would go into his private database instance. Until recently, that was the end of the story. However, now, cloudKit supports CKShare which, in a nutshell, allows a user to grant access to specific shared items inside their private db. So you could still write the data to a private DB but allow access via a CKshare.
Finally, there's another option, but I don't recommend it. In the device settings, you can log out of iCloud and log back in as another user. In which, you're still developing on your device, but you're logged into iCloud as your client. This has many drawbacks, though. First and foremost, credential sharing is always a bad security practice. But, probably a more immediate consequence will be your device will no longer be sharing with/backing up to your iCloud account, but instead with the client's.
It's hard to give more specific advice without better understanding the scenarios you're implementing.
** update based on OP's comment **
I see now. Using the development cloudkit dashboard probably isn't going to work. AFAIK, you must log in with a development account, not just an iCloud account, to use the cloudkit dashboard. So your client won't be able to get in at all, anyway. You could add your client's email address as a member of your development team, which will let them log into your cloudkit dashboard; however, that also gives them access into portions of your iTunesConnect as well. And, it really won't scale to support additional users of your app.
I am doing one application.In that i want to store the data permanently in my iCloud account.If i use the icloud feature in my app,data is store into users iCloud account or developer icloud account.
With iCloud, apps can only access the user's iCloud account. The app can access whatever account the user has configured on their device, and there's no API for accessing any other account. The entire system is designed as a way for people to sync their data across multiple devices, so there's no option to share data or access other accounts in any way.
I'm not sure what you're trying to do, but if you're looking for some kind of server-side component for your app, there are lots of options. Parse is very popular, as is Azure, but there are many other services. If you're not prepared to set up your own server, you can integrate one of them. But your app will only access your iCloud account when it runs on your device.