Secure the data your app manages. Protect information and control access to your app.


This collection of documents provides the API reference for the Security framework, which defines C interfaces for protecting information and controlling access to software.



Authorization Services

The programming interface you use to access restricted areas of the operating system, and to control access to particular features of your macOS app.

Certificate, Key, and Trust Services

The functions and constants of the Security Framework used to manage certificates, keys, and trust policies.

Cryptographic Message Syntax Services

Cryptographic Message Syntax Services is an API that implements Cryptographic Message Syntax (CMS) digital signatures and encryption for S/MIME messages.

Keychain Services

Keychain Services is a programming interface that enables you to find, add, modify, and delete keychain items.

Randomization Services


Secure Transport

This document describes the Apple platforms implementation of the following cryptographic protocols: Secure Sockets Layer version 3.0 (SSLv3), Transport Layer Security (TLS) versions 1.0 through 1.2, and Datagram Transport Layer Security (DTLS) version 1.0.

Shared Web Credentials

Shared web credentials is a programming interface that enables native iOS apps to share credentials with their website counterparts. For example, a user may log in to a website in Safari, entering a user name and password, and save those credentials using the iCloud Keychain. Later, the user may run a native app from the same developer, and instead of the app requiring the user to reenter a user name and password, shared web credentials gives it access to the credentials that were entered earlier in Safari. The user can also create new accounts, update passwords, or delete her account from within the app. These changes are then saved and used by Safari.

Security StructuresSecurity EnumerationsSecurity ConstantsSecurity FunctionsSecurity Data Types



A reference to a SecCode object, representing signed code running on the system.


A reference to a SecRequirement object, representing a code requirement.


A reference to a SecStaticCode object, representing signed code on disk.


See Also

Related Documentation