Why App Attest doesn’t work in Simulator
Apple’s App Attest service requires a physical Secure Enclave — a hardware chip present in real iPhones and iPads, but not in the iOS Simulator. There is no workaround for this; it’s a deliberate hardware requirement. This means:- Real device required for production attestation flows
- Simulator / development can use API key fallback — a lower-trust path that skips the cryptographic attestation but lets you build and test everything else
Configure API key fallback
1. Get a development API key
In the Grantiva dashboard, go to Settings → API Keys and create a key with thedevelopment role. Copy the key — it starts with gpat_.
2. Initialize with the API key
Pass the key when initializing the SDK. The SDK detects that App Attest is unavailable and switches to API key auth automatically:#if targetEnvironment(simulator) to keep production builds clean:
3. Call validateAttestation() normally
The API is identical — the SDK handles the fallback transparently:Trust differences
Requests made via API key fallback are treated as unattested on the server:| Property | Real device (App Attest) | Simulator (API key) |
|---|---|---|
| Cryptographic proof | Yes — hardware-backed | No |
| Risk scoring | Full (0–100) | Limited |
JWT attest claim | hardware | api_key |
| Accepted in production | Yes | Dev environments only |
Next steps
Quick Start (physical device)
Set up full hardware attestation when you have a device available.
Error handling
Handle GrantivaError.deviceNotSupported and other errors.