Verify clients using App Store receipt validation

tatey / trace_privately

A robust and fully featured key server for the TracePrivately iOS app

https://trace-privately-demo.herokuapp.com

MIT License

1 stars 0 forks source link

Verify clients using App Store receipt validation #9

Closed tatey closed 4 years ago

tatey commented 4 years ago

Client validation, so only the app can submit/retrieve keys (i.e. not malicious third-parties). This could be achieved using several methods, including App Store receipt validation on the server

I've never done this before so will need to do a bit of desk research. Assuming it's tied to provisioning.

See https://github.com/CrunchyBagel/TracePrivately/blob/77d93f846540f011ffb0318ab32ce52fecc29fcd/KeyServer/README.md

tatey commented 4 years ago

Superseded by https://github.com/tatey/trace_privately/issues/12.