Hi,
We are implementing Platform SSO and using attestKey during registration via ASAuthorizationProviderExtensionLoginManager.
Could you clarify whether the attestKey flow involves sending attestation data to an Apple server for verification (similar to App Attest in the DeviceCheck framework), or if the attestation certificate chain is generated and signed entirely on-device without any Apple server interaction?
The App Attest flow is clearly documented as using Apple’s attestation service, but the Platform SSO process is less clearly described.
Thank you.