8.6. Sharing Keychain Data Between Multiple Apps
You want two of your apps to be able to share keychain storage.
When storing your keychain data, specify the
kSecAttrAccessGroup key in the dictionary that
gets passed to the
function. The value of this key has to be the access group, which you
can find in the Entitlements section of your provision profile, as
explained in this chapter’s Introduction.
Multiple apps from the same developer portal can share a keychain area. To avoid complications, we are going to limit our thoughts to only two apps for now, but this same technique applies for any number of apps.
In order for two apps to be able to share a keychain area, the following criteria must be met:
Both apps must have been signed using a provision profile originated from the same iOS Developer Portal.
Both apps have to have the same Group ID in their provision profile. This is usually the Team ID as selected by Apple. I suggest that you don’t change this group ID when you create your own provision profiles.
The first app that stores the value in the keychain must specify the
kSecAttrAccessGroupattribute for the keychain item that is getting stored. This access group must be the same access group that is mentioned in your provision profile. Have a look at this chapter’s Introduction to learn how to extract this value from your provision profiles.
The value stored in the keychain should have been stored with the
kSecAttrServiceattribute set to a value ...