Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.grantiva.io/llms.txt

Use this file to discover all available pages before exploring further.

This endpoint is called automatically by the SDK. You typically don’t need to call it directly.

Request

POST /api/v1/attestation/validate

Headers

HeaderRequiredDescription
X-Bundle-IDYesApp bundle identifier
X-Team-IDYesApple Developer Team ID

Body

{
  "challenge": "a1b2c3d4e5f6...",
  "keyId": "device-key-id",
  "attestationObject": "base64-encoded-attestation",
  "clientDataHash": "base64-encoded-hash",
  "bundleId": "com.yourapp.example",
  "teamId": "ABBM6U9RM5",
  "deviceModel": "iPhone15,2",
  "osVersion": "18.0",
  "appVersion": "2.1.0",
  "appBuildNumber": "42",
  "platform": "iOS"
}
FieldTypeRequiredDescription
challengestringYesChallenge from the challenge endpoint
keyIdstringYesApp Attest key identifier
attestationObjectstringYesBase64-encoded attestation object
clientDataHashstringYesBase64-encoded client data hash
bundleIdstringYesApp bundle identifier
teamIdstringYesApple Team ID
deviceModelstringNoDevice model identifier
osVersionstringNoOS version
appVersionstringNoApp version
appBuildNumberstringNoBuild number
platformstringNoPlatform (iOS, macOS)

Response

{
  "isValid": true,
  "token": "eyJhbGciOi...",
  "expiresAt": "2025-03-11T12:00:00Z",
  "deviceIntelligence": {
    "deviceId": "abc123",
    "riskScore": 12,
    "deviceIntegrity": "valid",
    "jailbreakDetected": false,
    "attestationCount": 5,
    "lastAttestationDate": "2025-03-09T10:00:00Z"
  },
  "customClaims": {
    "user_tier": "premium"
  }
}
FieldTypeDescription
isValidbooleanWhether the device passed attestation
tokenstringSigned JWT token
expiresAtstringToken expiration (ISO 8601)
deviceIntelligenceobjectDevice risk and integrity data
customClaimsobjectYour configured custom claims