Dev Solve

English

中文
日本語

English

中文
日本語

Appearance

Related Posts

Resolving PLA Update Available Error in Xcode

Resolving 'You do not have required contracts' iOS App Store Connect Error

Enabling Developer Mode on iPhone or iPad

Resolving "Build Input File Cannot Be Found" Error in Xcode

Fixing "Your Ruby version is 2.6.8, but your Gemfile specified 2.7.5" in React Native

Resolving ITMS-91053 Missing API Declaration Privacy Manifest Errors

Problem Statement

When submitting iOS/macOS apps to the App Store, developers receive warnings starting March 2024 (with enforcement from May 1, 2024) for missing privacy declarations. The Apple review system generates errors like:

ITMS-91053: Missing API declaration - Your app’s code references one or more APIs that require reasons, including the following API categories: 
NSPrivacyAccessedAPICategoryFileTimestamp
NSPrivacyAccessedAPICategorySystemBootTime
NSPrivacyAccessedAPICategoryDiskSpace
NSPrivacyAccessedAPICategoryUserDefaults

These warnings occur because your app uses Apple APIs that can indirectly identify users through device fingerprinting. To comply, you must declare why your app uses these APIs in a privacy manifest file.

Solution Overview

  1. Create a PrivacyInfo.xcprivacy file with required API declarations
  2. Map each API category to approved reason codes
  3. Include the file in your Xcode target
  4. Handle third-party dependencies
  5. Verify the privacy report

Key Deadline

Enforcement started May 1, 2024—new submissions require valid declarations.

Step-by-Step Implementation

1. Create Privacy Manifest

Xcode Instructions:

  1. File → New → File
  2. Select "Resource" → App Privacy File Type
  3. Name it PrivacyInfo.xcprivacy
  4. Check your app target(s)
  5. Click “Create”

New Privacy File in Xcode

2. Configure the Manifest

Add XML entries for every API category mentioned in your Apple warning:

xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>NSPrivacyAccessedAPITypes</key>
    <array>
        <!-- EXAMPLE CATEGORIES - USE YOUR WARNING TYPES -->
        <dict>
            <key>NSPrivacyAccessedAPIType</key>
            <string>NSPrivacyAccessedAPICategoryFileTimestamp</string>
            <key>NSPrivacyAccessedAPITypeReasons</key>
            <array>
                <string>C617.1</string> <!-- Reason code -->
            </array>
        </dict>
        <dict>
            <key>NSPrivacyAccessedAPIType</key>
            <string>NSPrivacyAccessedAPICategoryUserDefaults</string>
            <key>NSPrivacyAccessedAPITypeReasons</key>
            <array>
                <string>CA92.1</string>
            </array>
        </dict>
    </array>
</dict>
</plist>

Crucial Notes

  • Never copy-paste reason codes blindly—select applicable ones from Apple's Required Reason API Reference
  • Each category must match those in your Apple warning email exactly
  • Use multiple <string> tags if multiple reasons apply to one API

3. Set Target Membership

Right-click PrivacyInfo.xcprivacyTarget Membership → Select your main app target and any extensions using the APIs.

Target Membership Settings

Handling Third-Party Dependencies

Libraries using restricted APIs can cause warnings even if your code doesn’t directly use them.

Solutions:

  1. Update dependencies: Ensure SDKs include their own PrivacyInfo.xcprivacy
  2. Manually add manifests: If a library lacks privacy declarations:
    • Create library-specific privacy manifests
    • Add them to the library’s Xcode target (not your main project target)
  3. Generate boilerplates: Use scanners like PrivacyInfoDemo tools to find missing declarations
  4. Generate privacy reports:
    terminal
    xcrun stapler staple YourApp.ipa

Platform-Specific Implementation

Flutter / Expo / React Native

xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist>
<plist version="1.0">
<dict>
    <key>NSPrivacyAccessedAPITypes</key>
    <array>
        <!-- Add your categories here -->
    </array>
</dict>
</plist>

Xamarin / MAUI

After creating PrivacyInfo.xcprivacy, set its Build Action to BundleResource:

xml
<BundleResource Include="PrivacyInfo.xcprivacy" />

Expo

json
{
  "expo": {
    "ios": {
      "privacyManifests": {
        "NSPrivacyAccessedAPITypes": [
          {
            "NSPrivacyAccessedAPIType": "NSPrivacyAccessedAPICategoryUserDefaults",
            "NSPrivacyAccessedAPITypeReasons": [ "CA92.1" ]
          }
        ]
      }
    }
  }
}

Verification Steps

  1. Generate privacy report:
    • Xcode → Window → Organizer → Archives → Right-click archive → Generate Privacy Report
  2. Inspect output:
    Privacy Report Example
  3. Test submission: Upload to TestFlight to confirm warnings resolved

Common Pitfalls & Fixes

IssueSolution
Warnings persist after adding manifestEnsure all API categories from Apple’s email are declared
Errors mention extensionsAdd separate PrivacyInfo.xcprivacy for each extension target
Reason codes rejectedVerify codes match your app’s functionality in official docs
Objective-C APIs causing issuesCheck both Swift and Objective-C dependencies

Incorrect Approach

Avoid universal manifests without customization:

diff
 <!-- DON’T: Blindly copying all categories -->
 <dict>
     <key>NSPrivacyAccessedAPIType</key>
     <string>NSPrivacyAccessedAPICategoryDiskSpace</string>
     <key>NSPrivacyAccessedAPITypeReasons</key>
     <array>
-        <string>7D9E.1</string> <!-- Possibly invalid -->
+        <string>85F4.1</string> <!-- Valid only for specific use cases -->
     </array>
 </dict>

Reference Material