Ship the app.
Not the keys.
Your API keys never ship inside your iOS app. AppAttest stores them and delivers each one at runtime — into the Keychain, and only after the install proves it's genuine.
A key in your code ships to everyone.
Any API key placed in your iOS source ends up inside the downloadable app — identical on every device, and readable straight out of the binary. Hiding or obfuscating it only slows someone down.
Anyone who downloads the app can unzip the .ipa and read the key straight out of the plist — plain text.
An .xcconfig is just another build input; its value lands in the shipped bundle, exposed just the same.
Obfuscation only buries it in the binary — strings, grep, or an LLM pull it back out in seconds.
From launch to your first secret.
At launch, the SDK requests a secret. Nothing sensitive is in the app — the request goes to AppAttest.
It uses Apple's App Attest to confirm this is your real, unmodified app on a real device — not a clone or a tampered build.
Only then is the secret released — at runtime, into the Keychain, on that device only. It was never in the binary.
Tampered builds, jailbroken clones, and copies pulled from another device fail the check and receive nothing.
Change a secret in the dashboard and genuine installs pick up the new value on their next launch — no rebuild, no App Store review.
Delivered to your real app
Apple's App Attest confirms a genuine, unmodified install before any secret is released. Clones and tampered builds get nothing.
Nothing to extract
Your secrets live in AppAttest, not your source. The app you upload to the App Store contains none of them.
Change a key, no update
Rotate from the dashboard and genuine installs pick up the new value on next launch. No rebuild, no resubmission.
Native Swift, plus React Native, Flutter, and Capacitor for cross-platform apps.
Manage apps, store and edit secrets, rotate keys, watch usage and billing.
Test the whole flow with debug builds before you go live.
Prepaid credit refills before it runs out, so deliveries never stall.
Keep your keys out of your binary.
Add the SDK, store your first secret, and deliver it only to the installs that prove they're genuine.