Important: Starting May 1, 2024, Apple requires Privacy Manifests and signatures for iOS applications that use commonly-used SDKs, including GoogleSignIn-iOS. Upgrade to GoogleSignIn-iOS v7.1.0+ before May 1, 2024. Follow our upgrade guide.

Enable App Check enforcement

AI-generated Key Takeaways

App Check enforcement can be enabled to ensure only verified requests are accepted, rejecting unverified ones.
Enforcement can be enabled through the Google API Console or the Firebase Console, with options for specific or all iOS clients.
Enabling enforcement involves navigating to the respective platform's console, locating the App Check or Google Identity for iOS settings, and clicking the 'Enforce' button.
After enabling, it takes up to 15 minutes for the changes to take effect, impacting all subsequent requests.
Firebase Console provides granular control, allowing enforcement overrides for individual iOS OAuth clients linked to your project.

When you understand how App Check will affect your users and you're ready to proceed, you can enable App Check enforcement.

Enable enforcement in the Google API Console

To enable enforcement, complete the following steps:

Go to the edit view of your iOS client in the Credentials page. There, you will see metrics to the right of the page under the Google Identity for iOS section.
Click the ENFORCE button and confirm your choice. Once enforcement is active, all unverified requests from your client will be rejected.

Note : After you enable enforcement, it can take up to 15 minutes for the changes to take effect.

Enable enforcement in the Firebase Console

App Check can be enforced for specific iOS clients or for all your iOS clients

Enable enforcement for all iOS clients

To enable enforcement for Google Sign-in on iOS, complete the following steps. Once you enable enforcement, all unverified requests will be rejected, including requests associated with iOS OAuth clients that aren't linked to a Firebase app.

Open the App Check section of the Firebase console.
Expand the Google Identity for iOS section.
Click Enforce and confirm your choice.

Note that it can take up to 15 minutes after you enable enforcement for it to take effect.

Enable enforcement for specific iOS clients

You can also configure App Check enforcement for specific iOS OAuth clients. To do so:

Open OAuth clients under the App Check section of the Firebase console.
Expand the metrics view for the OAuth client you want to configure.
If the client is not yet linked to an app, do so.
Click Create enforcement override.
Choose whether to enforce or unenforce App Check for this OAuth client. This setting overrides your project's global Google Identity for iOS enforcement setting.