Structure

SecAccessControlCreateFlags

Access control constants that dictate how a keychain item may be used.

Declaration

struct SecAccessControlCreateFlags

Overview

Use these flags with the SecAccessControlCreateWithFlags(_:_:_:_:) function, or as the value associated with the kSecAttrAccessControl key in a keychain item's attribute dictionary, to control keychain item accessibility.

Topics

Constraints

static var devicePasscode: SecAccessControlCreateFlags

Constraint to access an item with a passcode.

static var biometryAny: SecAccessControlCreateFlags

Constraint to access an item with Touch ID for any enrolled fingers, or Face ID.

static var biometryCurrentSet: SecAccessControlCreateFlags

Constraint to access an item with Touch ID for currently enrolled fingers, or from Face ID with the currently enrolled user.

static var userPresence: SecAccessControlCreateFlags

Constraint to access an item with either biometry or passcode.

static var watch: SecAccessControlCreateFlags

Constraint to access an item with a watch.

Conjunctions

static var and: SecAccessControlCreateFlags

Indicates that all constraints must be satisfied.

static var or: SecAccessControlCreateFlags

Indicates that at least one constraint must be satisfied.

Additional Options

static var applicationPassword: SecAccessControlCreateFlags

Option to use an application-provided password for data encryption key generation.

static var privateKeyUsage: SecAccessControlCreateFlags

Enable a private key to be used in signing a block of data or verifying a signed block.

Initializers

init(rawValue: CFOptionFlags)

Initialize an access control creation flags object.

Legacy Constraints

static var touchIDAny: SecAccessControlCreateFlags

Constraint to access an item with Touch ID for any enrolled fingers.

Deprecated
static var touchIDCurrentSet: SecAccessControlCreateFlags

Constraint to access an item with Touch ID for currently enrolled fingers.

Deprecated

Relationships

Conforms To

See Also

Keychain Item Access

Sharing Access to Keychain Items Among a Collection of Apps

Enable apps to share keychain items with each other by adding the apps to an access group.

Keychain Access Groups Entitlement

The identifiers for the keychain groups that the app may share items with.

Key: keychain-access-groups
Restricting Keychain Item Accessibility

Set the conditions under which an app can access a keychain item such as a password.

class SecAccessControl

An opaque type that contains information about how a keychain item may be used.

func SecAccessControlGetTypeID() -> CFTypeID

Returns the unique identifier of the opaque type to which a keychain item access control object belongs.