Keychain from app store app in testflight build

Question

Created Apr ’17

Replies 5

Boosts 0

Views 4.1k

Participants 5

Really struggling with an IOS keychain issue, wonder if anybody has any thoughts:

I'm working on a brand new Swift version of an existing (Obj-C) app - plan is to publish this as the same app, overwriting the old app, nothing out of the ordinary so far.

The old app stores some user credentials in the keychain, and when I install a testflight build of the new app over the top of the app store app, my standard keychain methods are returning nothing.

Some observations while trying to work out the problem:

If I run the old app in the simulator, and then the new app in the simulator - everything works fine.
If I install a testflight build of the OLD app on a clean device, then run a testflight build of the new app on top of it - everything is fine.
Interestingly, if I install a testflight build of the OLD app on top of the app store app - everything is fine.

So the only problem I have is installing a test flight build of the new app over the original app store app.

This app is used by a large number of users, and we really need to test that migration works correctly on the new version.

Keychain sharing is not enabled for the app, we're using the same provisioning etc...

Boost

Answer 1

DTS Engineer OP

Apple

Apr ’17

It sounds like you’re having keychain access group problems. If you dump the entitlements of the old app and the new TestFlight app, what do you see? You can do this using:

$ codesign -d --entitlements :- /path/to/your.app

This post explains how the entitlements work together to determine the available keychain access groups and the default keychain access group.

Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

0

Answer 2

shaymanjohn OP

May ’17

Thanks very much for the info - problem is now solved 🙂

0

Answer 3

heatherb OP

Aug ’17

Hello!

I am having the exact same issue as you were where installing a new TestFlight build over the app store build results in all keychain entries being lost. However! I dumped the entitlements of both apps and they keychain access group, team id, and application id are exactly the same. Would you mind describing exactly what you changed that solved your problem? Thanks so much!

0

Answer 4

davelevi OP

Sep ’17

Did you ever get a solution for his? Seeing the same issue...

0

Answer 5

karmatoad OP

Mar ’18

Apologies for not replying, I wasn't notified of these follow on questions...(just came back to check the thread as we were having a similar problem with a Siri intent).

For our app we just had to specify the Keychain Access Group in the new app as:

$(AppIdentifierPrefix)*

and that resolved the problem...

0