{"id":"c39704ec-6630-4f94-8dcc-63f39a162277","shortId":"5gNGpf","kind":"skill","title":"Device Integrity","tagline":"Swift Ios Skills skill by Dpearson2699","description":"# Device Integrity\n\nVerify that requests to your server come from a genuine Apple device running\nyour unmodified app. DeviceCheck provides per-device bits for simple flags\n(e.g., \"claimed promo offer\"). App Attest uses Secure Enclave keys and Apple\nattestation to cryptographically prove app legitimacy on each request.\n\n## Contents\n\n- [DCDevice (DeviceCheck Tokens)](#dcdevice-devicecheck-tokens)\n- [DCAppAttestService (App Attest)](#dcappattestservice-app-attest)\n- [App Attest Key Generation](#app-attest-key-generation)\n- [App Attest Attestation Flow](#app-attest-attestation-flow)\n- [App Attest Assertion Flow](#app-attest-assertion-flow)\n- [Server Verification Guidance](#server-verification-guidance)\n- [Error Handling](#error-handling)\n- [Common Patterns](#common-patterns)\n- [Common Mistakes](#common-mistakes)\n- [Review Checklist](#review-checklist)\n- [References](#references)\n\n## DCDevice (DeviceCheck Tokens)\n\n[`DCDevice`](https://sosumi.ai/documentation/devicecheck/dcdevice) generates a\nunique, ephemeral token that identifies a device. The token is sent to your\nserver, which then communicates with Apple's servers to read or set two\nper-device bits. Available on iOS 11+.\n\n### Token Generation\n\n```swift\nimport DeviceCheck\n\nfunc generateDeviceToken() async throws -> Data {\n    guard DCDevice.current.isSupported else {\n        throw DeviceIntegrityError.deviceCheckUnsupported\n    }\n\n    return try await DCDevice.current.generateToken()\n}\n```\n\n### Sending the Token to Your Server\n\n```swift\nfunc sendTokenToServer(_ token: Data) async throws {\n    let tokenString = token.base64EncodedString()\n\n    var request = URLRequest(url: serverURL.appending(path: \"verify-device\"))\n    request.httpMethod = \"POST\"\n    request.setValue(\"application/json\", forHTTPHeaderField: \"Content-Type\")\n    request.httpBody = try JSONEncoder().encode([\"device_token\": tokenString])\n\n    let (_, response) = try await URLSession.shared.data(for: request)\n    guard let httpResponse = response as? HTTPURLResponse,\n          httpResponse.statusCode == 200 else {\n        throw DeviceIntegrityError.serverVerificationFailed\n    }\n}\n```\n\n### Server-Side Overview\n\nYour server uses the device token to call Apple's DeviceCheck API endpoints:\n\n| Endpoint | Purpose |\n|----------|---------|\n| `https://api.devicecheck.apple.com/v1/query_two_bits` | Read the two bits for a device |\n| `https://api.devicecheck.apple.com/v1/update_two_bits` | Set the two bits for a device |\n| `https://api.devicecheck.apple.com/v1/validate_device_token` | Validate a device token without reading bits |\n\nThe server authenticates with a DeviceCheck private key from the Apple Developer\nportal, creating a signed JWT for each request.\n\n### What the Two Bits Are For\n\nApple stores two Boolean values per device per developer team. You decide what\nthey mean. Common uses:\n\n- **Bit 0:** Device has claimed a promotional offer.\n- **Bit 1:** Device has been flagged for fraud.\n\nBits persist across app reinstall. You control when to reset them via the\nserver API.\n\n## DCAppAttestService (App Attest)\n\n[`DCAppAttestService`](https://sosumi.ai/documentation/devicecheck/dcappattestservice)\nvalidates that a specific instance of your app on a specific device is\nlegitimate. It uses a hardware-backed key in the Secure Enclave to create\ncryptographic attestations and assertions. Available on iOS 14+.\n\nThe flow has three phases:\n1. **Key generation** -- create a key pair in the Secure Enclave.\n2. **Attestation** -- Apple certifies the key belongs to a genuine Apple device running your app.\n3. **Assertion** -- sign server requests with the attested key to prove ongoing legitimacy.\n\n### Checking Support\n\n```swift\nimport DeviceCheck\n\nlet attestService = DCAppAttestService.shared\n\nguard attestService.isSupported else {\n    // Fall back to DCDevice token or other risk assessment.\n    // App Attest is not available on simulators or all device models.\n    return\n}\n```\n\n## App Attest Key Generation\n\nGenerate a cryptographic key pair stored in the Secure Enclave. The returned\n`keyId` is a string identifier you persist (e.g., in Keychain) for later\nattestation and assertion calls.\n\n```swift\nimport DeviceCheck\n\nactor AppAttestManager {\n    private let service = DCAppAttestService.shared\n    private var keyId: String?\n\n    /// Generate and persist a key pair for App Attest.\n    func generateKeyIfNeeded() async throws -> String {\n        if let existingKeyId = loadKeyIdFromKeychain() {\n            self.keyId = existingKeyId\n            return existingKeyId\n        }\n\n        let newKeyId = try await service.generateKey()\n        saveKeyIdToKeychain(newKeyId)\n        self.keyId = newKeyId\n        return newKeyId\n    }\n\n    // MARK: - Keychain helpers (simplified)\n\n    private func saveKeyIdToKeychain(_ keyId: String) {\n        let data = Data(keyId.utf8)\n        let query: [String: Any] = [\n            kSecClass as String: kSecClassGenericPassword,\n            kSecAttrAccount as String: \"app-attest-key-id\",\n            kSecAttrService as String: Bundle.main.bundleIdentifier ?? \"\",\n            kSecValueData as String: data,\n            kSecAttrAccessible as String: kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly\n        ]\n        SecItemDelete(query as CFDictionary) // Remove old if exists\n        SecItemAdd(query as CFDictionary, nil)\n    }\n\n    private func loadKeyIdFromKeychain() -> String? {\n        let query: [String: Any] = [\n            kSecClass as String: kSecClassGenericPassword,\n            kSecAttrAccount as String: \"app-attest-key-id\",\n            kSecAttrService as String: Bundle.main.bundleIdentifier ?? \"\",\n            kSecReturnData as String: true,\n            kSecMatchLimit as String: kSecMatchLimitOne\n        ]\n        var result: AnyObject?\n        let status = SecItemCopyMatching(query as CFDictionary, &result)\n        guard status == errSecSuccess, let data = result as? Data else { return nil }\n        return String(data: data, encoding: .utf8)\n    }\n}\n```\n\n**Important:** Generate the key once and persist the `keyId`. Generating a new\nkey invalidates any previous attestation.\n\n## App Attest Attestation Flow\n\nAttestation proves that the key was generated on a genuine Apple device running\nyour unmodified app. You perform attestation once per key, then store the\nattestation object on your server.\n\n### Client-Side Attestation\n\n```swift\nimport DeviceCheck\nimport CryptoKit\n\nextension AppAttestManager {\n    /// Attest the key with Apple. Send the attestation object to your server.\n    func attestKey() async throws -> Data {\n        guard let keyId else {\n            throw DeviceIntegrityError.keyNotGenerated\n        }\n\n        // 1. Request a one-time challenge from your server\n        let challenge = try await fetchServerChallenge()\n\n        // 2. Hash the challenge (Apple requires a SHA-256 hash)\n        let challengeHash = Data(SHA256.hash(data: challenge))\n\n        // 3. Ask Apple to attest the key\n        let attestation = try await service.attestKey(keyId, clientDataHash: challengeHash)\n\n        // 4. Send the attestation object to your server for verification\n        try await sendAttestationToServer(\n            keyId: keyId,\n            attestation: attestation,\n            challenge: challenge\n        )\n\n        return attestation\n    }\n\n    private func fetchServerChallenge() async throws -> Data {\n        let url = serverURL.appending(path: \"attest/challenge\")\n        let (data, _) = try await URLSession.shared.data(from: url)\n        return data\n    }\n\n    private func sendAttestationToServer(\n        keyId: String,\n        attestation: Data,\n        challenge: Data\n    ) async throws {\n        var request = URLRequest(url: serverURL.appending(path: \"attest/verify\"))\n        request.httpMethod = \"POST\"\n        request.setValue(\"application/json\", forHTTPHeaderField: \"Content-Type\")\n\n        let payload: [String: String] = [\n            \"key_id\": keyId,\n            \"attestation\": attestation.base64EncodedString(),\n            \"challenge\": challenge.base64EncodedString()\n        ]\n        request.httpBody = try JSONEncoder().encode(payload)\n\n        let (_, response) = try await URLSession.shared.data(for: request)\n        guard let httpResponse = response as? HTTPURLResponse,\n              httpResponse.statusCode == 200 else {\n            throw DeviceIntegrityError.attestationVerificationFailed\n        }\n    }\n}\n```\n\n### Server-Side Attestation Verification\n\nYour server validates the attestation object (CBOR), verifies the certificate chain against Apple's App Attest root CA, and stores the public key and receipt for future assertion verification. See [references/device-integrity-patterns.md](references/device-integrity-patterns.md) for the full server verification flow.\n\n## App Attest Assertion Flow\n\nAfter attestation, use assertions to sign individual requests. Each assertion\nproves the request came from the attested app instance.\n\n### Client-Side Assertion\n\n```swift\nimport DeviceCheck\nimport CryptoKit\n\nextension AppAttestManager {\n    /// Generate an assertion to accompany a server request.\n    /// - Parameter requestData: The request payload to sign (e.g., JSON body).\n    /// - Returns: The assertion data to include with the request.\n    func generateAssertion(for requestData: Data) async throws -> Data {\n        guard let keyId else {\n            throw DeviceIntegrityError.keyNotGenerated\n        }\n\n        // Hash the request data -- the server will verify this matches\n        let clientDataHash = Data(SHA256.hash(data: requestData))\n\n        return try await service.generateAssertion(keyId, clientDataHash: clientDataHash)\n    }\n}\n```\n\n### Using Assertions in Network Requests\n\n```swift\nextension AppAttestManager {\n    /// Perform an attested API request.\n    func makeAttestedRequest(\n        to url: URL,\n        method: String = \"POST\",\n        body: Data\n    ) async throws -> (Data, URLResponse) {\n        let assertion = try await generateAssertion(for: body)\n\n        var request = URLRequest(url: url)\n        request.httpMethod = method\n        request.setValue(\"application/json\", forHTTPHeaderField: \"Content-Type\")\n        request.setValue(assertion.base64EncodedString(), forHTTPHeaderField: \"X-App-Assertion\")\n        request.httpBody = body\n\n        return try await URLSession.shared.data(for: request)\n    }\n}\n```\n\n### Server-Side Assertion Verification\n\nYour server decodes the assertion (CBOR), verifies the authenticator data and counter, checks the signature against the stored public key, and confirms the `clientDataHash`. See [references/device-integrity-patterns.md](references/device-integrity-patterns.md) for step-by-step server verification.\n\n## Server Verification Guidance\n\nSee [references/device-integrity-patterns.md](references/device-integrity-patterns.md) for full server architecture guidance including attestation vs. assertion comparison, recommended endpoint design, and risk assessment.\n\n## Error Handling\n\nHandle `DCError` codes from DeviceCheck operations. Key cases:\n\n- `.serverUnavailable` — retry with exponential backoff\n- `.invalidKey` — key invalidated (OS update, Secure Enclave reset); regenerate and re-attest\n- `.featureUnsupported` — fall back to `DCDevice` tokens\n- `.invalidInput` — malformed `clientDataHash` or `keyId`\n\nSee [references/device-integrity-patterns.md](references/device-integrity-patterns.md) for full error handling code, retry strategy, and key invalidation recovery.\n\n## Common Patterns\n\n### Environment Entitlement\n\nSet the App Attest environment in your entitlements file. Use `development`\nduring testing and `production` for App Store builds:\n\n```xml\n<key>com.apple.developer.devicecheck.appattest-environment</key>\n<string>production</string>\n```\n\nWhen the entitlement is missing, the system uses `development` in debug builds\nand `production` for App Store and TestFlight builds.\n\nSee [references/device-integrity-patterns.md](references/device-integrity-patterns.md) for the full integration manager pattern, gradual rollout guidance, and error type definition.\n\n## Common Mistakes\n\n1. **Generating a new key on every launch.** Generate once, persist the `keyId` in Keychain.\n2. **Skipping the fallback for unsupported devices.** Not all devices support App Attest. Use `DCDevice` tokens as fallback.\n3. **Trusting attestation client-side.** All verification must happen on your server.\n4. **Not implementing replay protection.** The server must track and increment the assertion counter.\n5. **Missing the environment entitlement.** Without it, debug builds use `development` and App Store uses `production`. Mismatches cause attestation failures.\n6. **Not handling `DCError.invalidKey`.** Keys can be invalidated by OS updates. Detect and regenerate.\n\n## Review Checklist\n\n- [ ] `DCAppAttestService.isSupported` checked before use; fallback to `DCDevice` when unsupported\n- [ ] Key generated once and `keyId` persisted in Keychain\n- [ ] Attestation performed once per key; attestation object sent to server\n- [ ] Server validates attestation against Apple's App Attest root CA\n- [ ] Assertions generated for each sensitive request; server verifies signature and counter\n- [ ] `DCError` cases handled: `.serverUnavailable` with retry, `.invalidKey` with key regeneration\n- [ ] App Attest environment entitlement set correctly for debug vs. production\n- [ ] Gradual rollout considered; feature flag in place for enabling/disabling\n\n## References\n\n- Extended patterns: [references/device-integrity-patterns.md](references/device-integrity-patterns.md)\n- [DeviceCheck framework](https://sosumi.ai/documentation/devicecheck)\n- [DCDevice](https://sosumi.ai/documentation/devicecheck/dcdevice)\n- [DCAppAttestService](https://sosumi.ai/documentation/devicecheck/dcappattestservice)\n- [Establishing your app's integrity](https://sosumi.ai/documentation/devicecheck/establishing-your-app-s-integrity)","tags":["device","integrity","swift","ios","skills","dpearson2699"],"capabilities":["skill","source-dpearson2699","category-swift-ios-skills"],"categories":["swift-ios-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/dpearson2699/swift-ios-skills/device-integrity","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"install_from":"skills.sh"}},"qualityScore":"0.300","qualityRationale":"deterministic score 0.30 from registry signals: · indexed on skills.sh · published under dpearson2699/swift-ios-skills","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill:v1","enrichmentVersion":1,"enrichedAt":"2026-04-22T03:40:33.792Z","embedding":null,"createdAt":"2026-04-18T20:34:36.425Z","updatedAt":"2026-04-22T03:40:33.792Z","lastSeenAt":"2026-04-22T03:40:33.792Z","tsv":"'-256':788 '/documentation/devicecheck)':1476 '/documentation/devicecheck/dcappattestservice)':377,1484 '/documentation/devicecheck/dcdevice)':134,1480 '/documentation/devicecheck/establishing-your-app-s-integrity)':1492 '/v1/query_two_bits':269 '/v1/update_two_bits':279 '/v1/validate_device_token':289 '0':341 '1':349,418,765,1294 '11':170 '14':412 '2':429,780,1309 '200':244,908 '3':444,796,1327 '4':811,1340 '5':1354 '6':1374 'accompani':993 'across':358 'actor':524 'anyobject':655 'api':263,370,1064 'api.devicecheck.apple.com':268,278,288 'api.devicecheck.apple.com/v1/query_two_bits':267 'api.devicecheck.apple.com/v1/update_two_bits':277 'api.devicecheck.apple.com/v1/validate_device_token':287 'app':26,40,52,66,70,72,77,81,86,90,95,359,372,385,443,477,489,541,592,637,697,716,931,955,976,1105,1235,1249,1271,1320,1366,1423,1448,1487 'app-attest-assertion-flow':94 'app-attest-attestation-flow':85 'app-attest-key-gener':76 'app-attest-key-id':591,636 'appattestmanag':525,741,988,1060 'appl':21,47,155,260,307,323,431,439,711,746,784,798,929,1421 'application/json':218,873,1095 'architectur':1163 'ask':797 'assert':92,97,408,445,519,944,957,962,968,981,991,1009,1054,1081,1106,1118,1124,1168,1352,1427 'assertion.base64encodedstring':1101 'assess':476,1175 'async':178,201,545,756,835,861,1021,1076 'attest':41,48,67,71,73,78,82,83,87,88,91,96,373,406,430,451,478,490,517,542,593,638,696,698,699,701,719,726,734,742,749,800,804,814,826,827,831,857,885,915,921,932,956,960,975,1063,1166,1203,1236,1321,1329,1372,1407,1412,1419,1424,1449 'attest/challenge':842 'attest/verify':869 'attestation.base64encodedstring':886 'attestkey':755 'attestservic':463 'attestservice.issupported':466 'authent':299,1128 'avail':167,409,481 'await':188,233,559,778,806,822,846,897,1048,1083,1111 'back':397,469,1206 'backoff':1190 'belong':435 'bit':32,166,273,283,296,320,340,348,356 'bodi':1006,1074,1086,1108 'boolean':326 'build':1251,1267,1275,1362 'bundle.main.bundleidentifier':599,644 'ca':934,1426 'call':259,520 'came':972 'case':1185,1439 'category-swift-ios-skills' 'caus':1371 'cbor':923,1125 'certif':926 'certifi':432 'cfdictionari':611,619,661 'chain':927 'challeng':771,776,783,795,828,829,859,887 'challenge.base64encodedstring':888 'challengehash':791,810 'check':457,1132,1391 'checklist':122,125,1389 'claim':37,344 'client':732,979,1331 'client-sid':731,978,1330 'clientdatahash':809,1041,1051,1052,1143,1212 'code':1180,1222 'com.apple.developer.devicecheck.appattest':1253 'come':17 'common':111,114,116,119,338,1229,1292 'common-mistak':118 'common-pattern':113 'communic':153 'comparison':1169 'confirm':1141 'consid':1460 'content':57,221,876,1098 'content-typ':220,875,1097 'control':362 'correct':1453 'counter':1131,1353,1437 'creat':310,404,421 'cryptograph':50,405,495 'cryptokit':739,986 'data':180,200,577,578,603,667,670,676,677,758,792,794,837,844,851,858,860,1010,1020,1023,1033,1042,1044,1075,1078,1129 'dcappattestservic':65,69,371,374,1481 'dcappattestservice-app-attest':68 'dcappattestservice.issupported':1390 'dcappattestservice.shared':464,529 'dcdevic':58,62,128,131,471,1208,1323,1396,1477 'dcdevice-devicecheck-token':61 'dcdevice.current.generatetoken':189 'dcdevice.current.issupported':182 'dcerror':1179,1438 'dcerror.invalidkey':1377 'debug':1266,1361,1455 'decid':334 'decod':1122 'definit':1291 'design':1172 'detect':1385 'develop':308,331,1243,1264,1364 'devic':1,9,22,31,143,165,214,227,256,276,286,292,329,342,350,389,440,486,712,1315,1318 'devicecheck':27,59,63,129,175,262,302,461,523,737,984,1182,1472 'deviceintegrityerror.attestationverificationfailed':911 'deviceintegrityerror.devicecheckunsupported':185 'deviceintegrityerror.keynotgenerated':764,1029 'deviceintegrityerror.serververificationfailed':247 'dpearson2699':8 'e.g':36,512,1004 'els':183,245,467,671,762,909,1027 'enabling/disabling':1466 'enclav':44,402,428,502,1197 'encod':226,678,892 'endpoint':264,265,1171 'entitl':1232,1240,1258,1358,1451 'environ':1231,1237,1254,1357,1450 'ephemer':138 'error':106,109,1176,1220,1289 'error-handl':108 'errsecsuccess':665 'establish':1485 'everi':1300 'exist':615 'existingkeyid':550,553,555 'exponenti':1189 'extend':1468 'extens':740,987,1059 'failur':1373 'fall':468,1205 'fallback':1312,1326,1394 'featur':1461 'featureunsupport':1204 'fetchserverchalleng':779,834 'file':1241 'flag':35,353,1462 'flow':84,89,93,98,414,700,954,958 'forhttpheaderfield':219,874,1096,1102 'framework':1473 'fraud':355 'full':951,1161,1219,1281 'func':176,197,543,572,622,754,833,853,1016,1066 'futur':943 'generat':75,80,135,172,420,492,493,534,681,689,707,989,1295,1302,1400,1428 'generateassert':1017,1084 'generatedevicetoken':177 'generatekeyifneed':544 'genuin':20,438,710 'gradual':1285,1458 'guard':181,237,465,663,759,901,1024 'guidanc':101,105,1156,1164,1287 'handl':107,110,1177,1178,1221,1376,1440 'happen':1336 'hardwar':396 'hardware-back':395 'hash':781,789,1030 'helper':569 'httprespons':239,903 'httpresponse.statuscode':243,907 'httpurlrespons':242,906 'id':595,640,883 'identifi':141,509 'implement':1342 'import':174,460,522,680,736,738,983,985 'includ':1012,1165 'increment':1350 'individu':965 'instanc':382,977 'integr':2,10,1282,1489 'invalid':693,1193,1227,1381 'invalidinput':1210 'invalidkey':1191,1444 'io':4,169,411 'json':1005 'jsonencod':225,891 'jwt':313 'key':45,74,79,304,398,419,423,434,452,491,496,538,594,639,683,692,705,722,744,802,882,939,1139,1184,1192,1226,1298,1378,1399,1411,1446 'keychain':514,568,1308,1406 'keyid':505,532,574,688,761,808,824,825,855,884,1026,1050,1214,1306,1403 'keyid.utf8':579 'ksecattraccess':604 'ksecattraccessibleafterfirstunlockthisdeviceon':607 'ksecattraccount':588,633 'ksecattrservic':596,641 'ksecclass':584,629 'ksecclassgenericpassword':587,632 'ksecmatchlimit':649 'ksecmatchlimiton':652 'ksecreturndata':645 'ksecvaluedata':600 'later':516 'launch':1301 'legitim':391 'legitimaci':53,456 'let':203,230,238,462,527,549,556,576,580,625,656,666,760,775,790,803,838,843,878,894,902,1025,1040,1080 'loadkeyidfromkeychain':551,623 'makeattestedrequest':1067 'malform':1211 'manag':1283 'mark':567 'match':1039 'mean':337 'method':1071,1093 'mismatch':1370 'miss':1260,1355 'mistak':117,120,1293 'model':487 'must':1335,1347 'network':1056 'new':691,1297 'newkeyid':557,562,564,566 'nil':620,673 'object':727,750,815,922,1413 'offer':39,347 'old':613 'one':769 'one-tim':768 'ongo':455 'oper':1183 'os':1194,1383 'overview':251 'pair':424,497,539 'paramet':997 'path':211,841,868 'pattern':112,115,1230,1284,1469 'payload':879,893,1001 'per':30,164,328,330,721,1410 'per-devic':29,163 'perform':718,1061,1408 'persist':357,511,536,686,1304,1404 'phase':417 'place':1464 'portal':309 'post':216,871,1073 'previous':695 'privat':303,526,530,571,621,832,852 'product':1247,1255,1269,1369,1457 'promo':38 'promot':346 'protect':1344 'prove':51,454,702,969 'provid':28 'public':938,1138 'purpos':266 'queri':581,609,617,626,659 're':1202 're-attest':1201 'read':159,270,295 'receipt':941 'recommend':1170 'recoveri':1228 'refer':126,127,1467 'references/device-integrity-patterns.md':947,948,1145,1146,1158,1159,1216,1217,1277,1278,1470,1471 'regener':1199,1387,1447 'reinstal':360 'remov':612 'replay':1343 'request':13,56,207,236,316,448,766,864,900,966,971,996,1000,1015,1032,1057,1065,1088,1114,1432 'request.httpbody':223,889,1107 'request.httpmethod':215,870,1092 'request.setvalue':217,872,1094,1100 'requestdata':998,1019,1045 'requir':785 'reset':365,1198 'respons':231,240,895,904 'result':654,662,668 'retri':1187,1223,1443 'return':186,488,504,554,565,672,674,830,850,1007,1046,1109 'review':121,124,1388 'review-checklist':123 'risk':475,1174 'rollout':1286,1459 'root':933,1425 'run':23,441,713 'savekeyidtokeychain':561,573 'secitemadd':616 'secitemcopymatch':658 'secitemdelet':608 'secur':43,401,427,501,1196 'see':946,1144,1157,1215,1276 'self.keyid':552,563 'send':190,747,812 'sendattestationtoserv':823,854 'sendtokentoserv':198 'sensit':1431 'sent':147,1414 'server':16,99,103,150,157,195,249,253,298,369,447,730,753,774,818,913,918,952,995,1035,1116,1121,1152,1154,1162,1339,1346,1416,1417,1433 'server-sid':248,912,1115 'server-verification-guid':102 'serverunavail':1186,1441 'serverurl.appending':210,840,867 'servic':528 'service.attestkey':807 'service.generateassertion':1049 'service.generatekey':560 'set':161,280,1233,1452 'sha':787 'sha256.hash':793,1043 'side':250,733,914,980,1117,1332 'sign':312,446,964,1003 'signatur':1134,1435 'simpl':34 'simplifi':570 'simul':483 'skill':5,6 'skip':1310 'sosumi.ai':133,376,1475,1479,1483,1491 'sosumi.ai/documentation/devicecheck)':1474 'sosumi.ai/documentation/devicecheck/dcappattestservice)':375,1482 'sosumi.ai/documentation/devicecheck/dcdevice)':132,1478 'sosumi.ai/documentation/devicecheck/establishing-your-app-s-integrity)':1490 'source-dpearson2699' 'specif':381,388 'status':657,664 'step':1149,1151 'step-by-step':1148 'store':324,498,724,936,1137,1250,1272,1367 'strategi':1224 'string':508,533,547,575,582,586,590,598,602,606,624,627,631,635,643,647,651,675,856,880,881,1072 'support':458,1319 'swift':3,173,196,459,521,735,982,1058 'system':1262 'team':332 'test':1245 'testflight':1274 'three':416 'throw':179,184,202,246,546,757,763,836,862,910,1022,1028,1077 'time':770 'token':60,64,130,139,145,171,192,199,228,257,293,472,1209,1324 'token.base64encodedstring':205 'tokenstr':204,229 'track':1348 'tri':187,224,232,558,777,805,821,845,890,896,1047,1082,1110 'true':648 'trust':1328 'two':162,272,282,319,325 'type':222,877,1099,1290 'uniqu':137 'unmodifi':25,715 'unsupport':1314,1398 'updat':1195,1384 'url':209,839,849,866,1069,1070,1090,1091 'urlrequest':208,865,1089 'urlrespons':1079 'urlsession.shared.data':234,847,898,1112 'use':42,254,339,393,961,1053,1242,1263,1322,1363,1368,1393 'utf8':679 'valid':290,378,919,1418 'valu':327 'var':206,531,653,863,1087 'verif':100,104,820,916,945,953,1119,1153,1155,1334 'verifi':11,213,924,1037,1126,1434 'verify-devic':212 'via':367 'vs':1167,1456 'without':294,1359 'x':1104 'x-app-assert':1103 'xml':1252","prices":[{"id":"8df876ca-bb30-4dc4-bd2f-53b9ad715cf0","listingId":"c39704ec-6630-4f94-8dcc-63f39a162277","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"dpearson2699","category":"swift-ios-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T20:34:36.425Z"}],"sources":[{"listingId":"c39704ec-6630-4f94-8dcc-63f39a162277","source":"github","sourceId":"dpearson2699/swift-ios-skills/device-integrity","sourceUrl":"https://github.com/dpearson2699/swift-ios-skills/tree/main/skills/device-integrity","isPrimary":false,"firstSeenAt":"2026-04-18T22:00:56.557Z","lastSeenAt":"2026-04-22T00:53:42.689Z"},{"listingId":"c39704ec-6630-4f94-8dcc-63f39a162277","source":"skills_sh","sourceId":"dpearson2699/swift-ios-skills/device-integrity","sourceUrl":"https://skills.sh/dpearson2699/swift-ios-skills/device-integrity","isPrimary":true,"firstSeenAt":"2026-04-18T20:34:36.425Z","lastSeenAt":"2026-04-22T03:40:33.792Z"}],"details":{"listingId":"c39704ec-6630-4f94-8dcc-63f39a162277","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"dpearson2699","slug":"device-integrity","source":"skills_sh","category":"swift-ios-skills","skills_sh_url":"https://skills.sh/dpearson2699/swift-ios-skills/device-integrity"},"updatedAt":"2026-04-22T03:40:33.792Z"}}