Application integrity

App integrity levels

In the Token Server configuration you can select one of the two app integrity levels:

• FULL - the SDK will perform several checks for the app, including a tampering/modification check by validating the Application Signature of the app. The Application Signature used by the iOS app is the App ID obtained by the SDK at runtime during the DCR and it is verified against the App ID (Application Signature) stored in the Token Server. To obtain the App ID for the Token Server configuration please use the guide below.
• NONE - the SDK will perform only the most basic additional sanity checks like the app's name verification.

Obtaining the App ID

The App ID is unique for every app. It consists of a unique Team ID generated by Apple and the Bundle ID of the app supplied by you. You can find more info about the App ID in Apple documentation. Locating your Team ID is described here. The App ID used for integrity check needs to be explicit (wildcards are NOT allowed). Once you obtain the App ID (eg. A1B2C3D4E5.com.domainname.applicationname) you can store it in the Token Server.

Storing the App ID

The App ID that is obtained must be stored in the Token Server admin console. Since the App ID might theoretically change (app is distributed under a different Bundle ID or different App Developer), therefore every application version has its own configuration. The Token Server application version documentation provides more info on where and how to store the App ID for a specific application version.