About Entitlements

Entitlements confer specific capabilities or security permissions to your iOS or macOS app.

At a Glance

Set entitlement values in order to enable iCloud, push notifications, Apple Pay, and App Sandbox. Each entitlement has a default value, which in most cases disables the capability associated with the entitlement. When you set an entitlement, you are overriding the default by providing an appropriate key-value pair.

You can set many entitlements using the Summary tab of the Xcode target editor. Other entitlements require editing a target’s entitlements property list file. Finally, a few entitlements are inherited from the iOS provisioning profile used to run the app.

The sort of value to associate with an entitlement key depends on the key. Many entitlement keys take Boolean values. For entitlements defined in a property list in an Xcode project, a Boolean entitlement value is either <true/> or <false/>. Some entitlement keys take a string or an array of strings as a value. Refer to the chapters in this document for specifics on the values to apply to the various entitlement keys.

To use any entitlement keys, you must code sign your app because an app’s entitlements are built in to its code signature.

Enable iCloud for Sharing Data Among Devices

Xcode’s target editor contains two fields that let you enable iCloud document and key-value storage for your app.

Enable Push Notifications for Alerting the User

You can send push notifications to users, by way of the Apple Push Notification service (APNs), to let users know your app has information for them. To enable the receiving of such notifications in your app, request the appropriate entitlement within your development and distribution provisioning profiles.

Enable Apple Pay and Access to Passes

You can accept in-app payment for goods and services. You can also access your passes in Wallet. Additional entitlements allow the suppression of the Apple Pay interface when working near NFC or other RF readers, and in-app provisioning of payment cards.

Enable App Sandbox to Minimize Damage from Malicious Code

Employ Xcode’s target editor to turn on and configure App Sandbox for targets in an macOS project.

Use App Sandbox Temporary Exceptions, If Needed

If you are unable to transition your entire app to App Sandbox in a single release, you can employ special temporary-exception entitlements.


Understand where entitlements fit into the development process by reading App Programming Guide for iOS or Mac App Programming Guide.

You set iCloud and App Sandbox entitlement values using Xcode. For an introduction to Xcode, read Xcode Overview.

See Also

When adding iCloud features to your app, be sure to read iCloud Design Guide.

When adding push notification capability to your app, refer to Local and Remote Notification Programming Guide.

When configuring your sandbox, use this document in concert with App Sandbox Design Guide.