Sourcepoint's Diagnose iOS SDK extends the scanning and monitoring capabilities of Diagnose to your iOS mobile apps. Add the Diagnose iOS SDK to understand the privacy risk of your vendors, keep track of your compliance journey, and visualize the vendor supply chain for your mobile apps.
The Diagnose SDK leverages the iOS native URLProtocol interface in order to intercept network calls made by your app and 3rd-party libraries.
There are certain limitations, namely the fact that it can only intercept requests that use the URLSessionConfiguration.default.
The SDK sends the request domain to Diagnose APIs. Our backend, based on a proprietary dictionary, maps the domain collected to a particular vendor name.
In the following sections, we will cover the necessary steps to configure and integrate the SDK into your iOS app project.
SPDiagnoseConfig.plist- Declare Diagnose SDK as dependency
- Set up using SwiftUI
- Set up using Storyboard
- Signaling consent
Add a property list file called SPDiagnoseConfig.plist to your project. This file contains the key account configurations needed to map your setup to your Diagnose account in the Sourcepoint portal.
Review the table below for all the required key-value pairs in the property list file:
| Key | Value Type | Value Description |
|---|---|---|
| appName | string | Name of the app property added or imported into your Diagnose account. Value can be retrieved by visiting the App > Properties page. |
| propertyId | integer | ID assigned to the app property added or imported into your Diagnose account. Value can be retrieved by visiting the App > Properties page. |
| accountId | integer | Associates the property with your organization's Sourcepoint account. Value can be retrieved by contacting your Sourcepoint Account Manager or via the My Account page. |
| key | integer | Contact your Account Manager to retrieve the API key for your organization. |
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>appName</key>
<string>myApp</string>
<key>propertyId</key>
<integer>123</integer>
<key>accountId</key>
<integer>22</integer>
<key>key</key>
<string>YOUR KEY GOES HERE</string>
</dict>
</plist>Once a property list file is added to your project containing the required account credentials, the Diagnose SDK can be declared as a dependency using Swift Package Manager (SPM).
If you are using SwiftUI to build your app, declare an @UIApplicationDelegateAdaptor in your app:
@main
struct iOSExampleApp: App {
@UIApplicationDelegateAdaptor(SPDiagnoseAppDelegate.self) var appDelegate
}If you are using Storyboard to build your app, in your app delegate, add a reference to SPDiagnose and instantiate it during app launch:
public class SPDiagnoseAppDelegate: NSObject, UIApplicationDelegate {
var diagnose: SPDiagnose?
public func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey : Any]? = nil) -> Bool {
diagnose = SPDiagnose()
return true
}
}The Diagnose SDK is CMP agnostic by design. In order to determine the consent status of a given user, your app needs to call the method updateConsent(status: SPDiagnose.ConsentStatus), ideally as soon as the user makes a consent choice (pressing an accept all vendors/purposes button for example).
The SPDiagnose.ConsentStatus enum can assume the following values:
| Value | Description |
|---|---|
noAction |
This is the default consent status of a new user, or a user that has not yet made a consent choice. |
consentedAll |
Used to signal the user accepted all vendors/purposes on a consent prompt |
consentedSome |
Used to signal the user has accepted some, but not all, vendors/purposes on a consent prompt (eg by enabling only some vendors). |
rejectedAll |
Used to signal the user rejected all vendors/purposes on a consent prompt. |
In the future, when integrating both Diagnose and Dialogue SDKs together, this step won't be necessary. The Dialogue SDK will automatically signal consent choice to Diagnose.
We're currently investigating whether we're able to intercept requests made by network libraries without interfering with Apple's App Store policies.
- Request domain (and domain only, no path, no query params, etc)
- The TCF consent string (stored by CMPs in the UserDefaults according to the TCF spec)
- Request timestamp
- IP address. IP is not collected in the client side, but is registered when our backend receives a request from the SDK.
No. The Diagnose SDK does not access the payload of the request and it is blind to the response as well. No access to cookie or any other data with the exception of the ones listed in the section above.