Add Privacy Manifest #807
Comments
|
Hello, Do you have any idea which key should be defined regarding AppAuth? |
|
AppAuth is explicitly listed by Apple as needing a privacy manifest: Can you please let us know when one will be provided? |
|
Apps that include your library will be rejected if this isn't provided. Would you be able to include it in your next release? |
|
I wanted to bring this topic to your attention once again. Since AppAuth is explicitly listed, this will pose a barrier for all iOS apps using the framework. Therefore, this topic is rather important. Are there any insights into whether and within what timeframe this will be implemented? It is also crucial for app developers to be able to make a feasible plan. Thank you for your great work, and this is not intended to be a complaint. I am not pleased with the move Apple made here, leveraging all app developers to enforce changes in frameworks within a relatively short time. |
|
Hi all. Thank you for the issue and the comments. I appreciate your patience. :) I have begun researching what is needed for the privacy manifest, and will follow up shortly (on the order of a few weeks) with a pull request. I will get a release out thereafter. |
|
When attempting to update the App Auth from the Pod, the "PrivacyInfo.xcprivacy" file is not included with the library. this file is required, do I need to be added manually. Regarding permissions based on Apple's documentation, the sample manifest does not specify the permissions needed according to Apple's guidelines. To address this, it's essential to understand the details of the SDK usage. For example, if the app accesses file timestamps via an API (NSPrivacyAccessedAPIType), the permissions required should be specified accordingly in PrivacyInfo.xcprivacy can you help with this two. Thank you in advance. |
|
@snehalvaishnav28 The screenshots in #822 show that the privacy manifest is bundled with an app built via Swift Package Manager and CocoaPods. Please use the latest release: https://github.com/openid/AppAuth-iOS/releases/tag/1.7.3. The privacy manifest is empty because AppAuth does not do any tracking (or use any required reasons APIs) itself. Rather, it is the host app and its identity provider that may do the tracking. Host apps should declare their privacy impacting usage (including what their identity providers track) in their own privacy manifest files. |
|
Thank you @mdmathias |
Is your feature request related to a problem you're having? Please describe.
We recently became aware that, according to the new Apple privacy regulations, third-party SDKs will also be required to provide a Privacy Manifest to ensure compliance with privacy policies in the future.
Describe the solution you'd like
Add a privacy manifest.
Describe alternatives you've considered
Additional context
Privacy Manifest
The text was updated successfully, but these errors were encountered: