✨ Handy helpers for reading values from an applications embedded provision profile.
Embedded provision profiles can answer many questions about where and how an iOS or macOS application is running, like:
- Is this app deployed to the AppStore or distributed internally?
- Which push notification environment is the application signed for?
- What's the Apple developer team ID that was used to sign the app?
... and more!
You can take a look at the provided example project, or simply play with yourself.
import EmbeddedProvision
do {
if let provision = try EmbeddedProvision.load() {
print("Your app was signed with \(provision.name).")
} else {
print("Your app is likely running in a Simulator right now.")
}
}
catch EmbeddedProvisionError.decodingError {
fatalError("Decoding errors should not happen. Please file an issue.")
}
catch {
fatalError("Generally errors are very unexpected, and so is this: \(error) ")
}You can load your applications embedded provisioning profile by using EmbeddedProvision.load(). This will look for the profile inside your apps bundle under embedded.mobileprovision (on iOS) or Contents/embedded.provisionprofile (on macOS).
Once you have an instance of EmbeddedProvision at hand you have access to the following properties that are more about describing the profile itself:
| Property | Signature | Discussion |
|---|---|---|
name |
String |
The name of the profile that was used to sign your app |
appIDName |
String |
The name of the app ID (as provided in the developer portal) |
platform |
[String] |
A list of supported platforms (i.e. iOS, visionOS, xrOS and more) |
isXcodeManaged |
Bool? |
Wether the profile is managed by Xcode |
creationDate |
Date |
When the profile was created |
expirationDate |
Date |
When the profile will expire |
entitlements |
Entitlements |
The actual content of the profile. See the below. |
Apple supports a lot of different entitlements. This library is at the moment only decoding a minimum of them. If you need any other entitlement, please add it and open a PR.
| Entitlement | Signature | Discussion |
|---|---|---|
keychainAccessGroups |
[String] |
A list of application IDs (including wildcards) of keychains this app can access |
getTaskAllow |
Bool |
Wether a debugger can attach to the running app. Should be false for distributed builds |
apsEnvironment |
APSEnvironment? |
If the app supports push notifications, this property tells you which APNs (formerly APS) environment to use |
teamId |
String |
The identifier of the developer team this app was signed for. This impacts i.e. which APNs push keys should be used |
To install MagicBell using CocoaPods, add this entry to your Podfile:
pod 'EmbeddedProvision', '>=1.1.1'IMPORTANT: Make sure you specify use_frameworks! in your Podfile.
Then, run pod install.
To install the library using Swift Package Manager, just add the dependency as follows to your project:
dependencies: [
.package(url: "https://github.com/magicbell/embedded-provision", .upToNextMajor(from: "1.1.1"))
]To install the library using Carthage, add the following dependency to the Carfile :
github "magicbell/embedded-provision" "1.1.1"Then, run carthage update --use-xcframeworks --platform [iOS|macOS] --no-use-binaries (selecting the desired platform) to resolve dependencies.
Add the EmbeddedProvision.xcframework to your project-linked frameworks, together with the other dependencies resolved by Carthage.
I short, they are Apples way to allow your app to run on their platforms. They are a codesigned definition of where you're app can run, what it can do. But nobody explains it better than Applie itself in TN3125 - Provisioning profile fundamentals.
If the app is not signed to run on a device, there won't be a profile. This typically happens when the app is running in a Simulator.
It should! It wasn't extensively tested though. Please file an issue if you run into any problems.