Project setup (iOS)

Setup IDK as dependency

Note that IDK should be added as dependency using CocoaPods. Follow these steps to successfully add IDK as dependency in your project:

1. Add the following repo at the top of your Podfile. Important: contact Digidentity for access to this repo:

source 'git@gitlab.com:ddy-dmtw/development/mobile/mobile-sdks/ios-specs.git'

1. Add IDK as dependency in the Podfile:

pod 'DigidentityIDK'

1. Add post_install script at the bottom of your Podfile:

DigidentityIDKDependencies = ['KeychainAccess', 'Japx', 'Alamofire', 'R.swift', 'R.swift.Library']

post_install do |installer|
    installer.pods_project.targets.each do |target|
        target.build_configurations.each do |config|
            # workaround for https://github.com/CocoaPods/CocoaPods/issues/11153
            if DigidentityIDKDependencies.include? target.name
                config.build_settings['BUILD_LIBRARY_FOR_DISTRIBUTION'] = 'YES'
            end

            # set deployment target to 12.0 to avoid Xcode warnings
            if Gem::Version.new(config.build_settings['IPHONEOS_DEPLOYMENT_TARGET']) < Gem::Version.new('12.0')
                config.build_settings['IPHONEOS_DEPLOYMENT_TARGET'] = '12.0'
            end
        end
    end
end

Setup IDK dependencies

The IDK depends on a number of system functions which may require additional project setup if not already configured.

• Camera access
• NFC
• Push notifications
• Dynamic links
• App check

Camera access

The IDK requires device camera access as several flows depend on it (e.g. QR code scanning, taking selfies, and capturing documents). For this reason, please make sure the NSCameraUsageDescription string is included in the app's Info.plist file.

NFC

The IDK makes use of NFC to scan identity documents. For this reason, please make sure the following items are included in the app's Info.plist file:

• NFCReaderUsageDescription string
• A list of application identifiers for NFC Tag Reader Session:

    <key>com.apple.developer.nfc.readersession.iso7816.select-identifiers</key>
    <array>
        <string>A0000002471001</string>
        <string>A00000045645444C2D3031</string>
    </array>

Push notifications

The IDK uses push notifications to notify the app about external events (e.g. log in authorization requests and purchase status changes). The IDK is not able to enable push notification support on its own, so this must be configured in the app itself.

Please refer to the Apple documentation to support this function in the mobile app.

Configuration

1. Inside your project in the Firebase console, select the gear icon, select Project Settings, and then select the Cloud Messaging tab.
2. In APNs authentication key under iOS app configuration, click the Upload button.
3. Browse to the location where you saved your key, select it, and click Open. Add the key ID for the key (available in the Apple Developer Member Center) and click Upload.
4. Continue with these steps to handle received notifications.

Dynamic links

To resolve deeplink URLs into IDK flows, the IDK relies on Firebase Dynamic Links, which in turn rely on iOS Universal Links. Please refer to the Apple documentation to support this function in the mobile app.

Configuration

1. In the Info tab of your app's Xcode project, create a new URL type to be used for Dynamic Links. Set the Identifier field to a unique value and the URL scheme field to be your bundle identifier.
2. In the Capabilities tab of your app's Xcode project, enable Associated Domains and add applinks:your_dynamic_links_domain to the list.
3. If you use a fully-custom domain go to your Xcode project's Info.plist file and create a list called FirebaseDynamicLinksCustomDomains. Set it to your app's Dynamic Links URL prefixes. For example: https://your_custom_domain.com

App check

To protect backend resources from abuse, the IDK relies on Firebase App Check, which in turn relies on iOS Device Check. Please refer to the Apple documentation to support this function in the mobile app.

Apple developer configuration

Initial preparations are done on Apple developer site

Create a DeviceCheck private key:

• From Certificates, Identifiers & Profiles > Keys register a new key with DeviceCheck enabled.
• Download the key for later usage. Be aware, that after downloading your key, it cannot be re-downloaded as the server copy is removed. Be sure to save a backup of your key in a secure place.

Add App Attest capability to your app for each application which uses IDK, by doing the following in Certificates, Identifiers & Profiles > Identifiers:

• Select an application identifier.
• In Capabilities tab select App Attest capability.
• Save the changes. Adding capabilities will invalidate any provisioning profiles that include this App ID and they must be regenerated for future use.

Firebase configuration

Rest of preparations are done in App Check section of Firebase console

Register your apps to use App Check with the DeviceCheck provider:

• Open Apps and for each application using IDK do the following:
  • Select app and press DeviceCheck.
  • In the expanded section, attach previously generated key and fill all necessary fields:
    • Key ID (can be found in the Apple Developer Center > Certificates, Identifiers & Profiles)
    • Team ID (can be found in the Apple Developer Center > Membership).
    • Set TTL to 30 minutes.
  • Save the changes.

After configuration is completed, IDK will be able to perform App Check. No code changes required.