Skip to main content

Choose your setup

Physical device

Recommended. Full attestation, risk scoring, and JWT. Requires an iPhone or iPad running iOS 18+. Continue reading below.

Simulator / CI

No device handy? Start here. API key fallback — build and test everything today, switch to hardware attestation when ready.

Prerequisites

  • Xcode 16+ with Swift 6.0+
  • A physical iOS 18+ device
  • Your Apple Team ID (found in the Apple Developer portal under Membership)
  • Your app’s Bundle ID

1. Create an account

Sign up at grantiva.io/get-started with email, GitHub, or Google. Then add your first app from the dashboard — you’ll need your Apple Team ID and Bundle ID.

2. Add the SDK

Add the Grantiva Swift package to your Xcode project: 
https://github.com/grantiva/ios-sdk
Or add it to your Package.swift: 
dependencies: [
    .package(url: "https://github.com/grantiva/ios-sdk", from: "1.0.0")
]
Then add Grantiva to your target dependencies.
Requires iOS 18+ / macOS 15+ and Swift 6.0+. The SDK has zero external dependencies.

3. Initialize Grantiva

import Grantiva

let grantiva = Grantiva(teamId: "YOUR_TEAM_ID")
That’s it. The SDK reads your Bundle ID automatically from Bundle.main.

4. Attest the device

do {
    let result = try await grantiva.validateAttestation()
    print("Device verified: \(result.isValid)")
    print("Risk score: \(result.deviceIntelligence.riskScore)")
    // Send result.token to your backend as a Bearer token
} catch {
    print("Attestation failed: \(error)")
}
The returned JWT token contains device intelligence, risk score, and any custom claims you’ve configured in the dashboard.

5. Verify on your backend

Include the token in API requests from your app: 
var request = URLRequest(url: apiURL)
request.setValue("Bearer \(result.token)", forHTTPHeaderField: "Authorization")
Your backend can decode the JWT to read device intelligence and make trust decisions. See Backend JWT Verification for working examples in Node.js, Python, and Go.

Next steps

Test your integration

Verify attestation is working correctly — checklist, sample responses, and common errors.

Attestation deep dive

Token caching, refresh, and the full attestation flow.

Risk scoring

Understanding risk scores and how to set thresholds.

Feature flags

Toggle features remotely from the dashboard.

In-app feedback

Add feature requests and support tickets to your app.