Ios shortcuts security settings9/17/2023 ![]() These requests were almost always using protobuf: POST /ckdatabase/api/client/record/save HTTP/1.1 This API used headers to specify what container was being used. The iCloud assets, like Notes and Photos on used one API: POST /database/1//production/public/records/resolve?.Īnd the developer portal at had a different API: POST /r/v4/user//Production/public/records/query?team_id=9DCADDBE3F HTTP/1.1Ī lot of iOS-apps used a third API at. After looking it through I noticed that Apple used different ways to connect to CloudKit. By just proxying everything from the iPad, the browser and using all apps, I could gather a bunch of requests and responses. To be able to understand where the CloudKit service was used by Apple themselves, I started to see in what ways all different apps connected to it. Could it be that this was not only complex for me to understand, but also for teams using it internally at Apple? I started investigating where it was being used and for what. It was quite complex to understand all different authentication flows, and security roles, and this made me curious. You can enable public tokens that give you access to the public scope, but with the combination of authenticating as your own user gives access to the Private and Shared scopes. For the Public scope, you can have the ability to both read and write to the scope without personal authentication. ![]() There are even more features to it of course, for example the ability to create indexes and security roles with permissions.įor Private and Shared scopes, you always need to authenticate as yourself. Each record is always connected to a record type.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |