I am using Xcode 7.0 (7A220), targeting iOS 9.0 and watchOS 2.0.
I haven't gotten keychain sharing to work in a watchOS 2 app of my own, but it works in this example project, which is part of my question.
There is a good talk from NatashaTheRobot (here) where she goes over keychain sharing with watchOS.(Working code from github here), see for yourself that her iOS app and watch app are able to share via keychain in the simulator.
Here's what I have done to her project and it still works:
- Removed the access group string from the KeychainItemWrapper init method. This makes sense because the simulator isn't code signed and the access group gets deleted in KeychainItemWrapper initWithIdentifier: (checkout the comment in initWithIdentifier:)
- Removed the identifier string from KeychainItemWrapper initWithIdentifier in both view controllers
- Removed the keychain-access-groups key from both entitlements that specifies a keychain access group key
You can remove these three things and keychain sharing still works in the simulator for this project. Why? Shouldn't entitlements at least be necessary?
The thing that finally breaks this project is changing the development team/provisioning profile, which makes me think project settings are the real key to this issue.
In my own project I have added a watchOS 2 extension, added the keychain sharing capability to both targets, added appropriate access groups even with my bundle seed ID, I have tried creating separate provisioning profiles for the iOS app, watchkit app, and watchkit extension. I'm sure I am forgetting things I've already tried, I have been attempting to solve this for about a week to no avail. What am I missing?
Apple's docs on creating capabilities are not super specific on project settings. It says to click and turn on capabilities in the project. Done that.
Apple's other docs on generic keychain use didn't clear it up for me either. They have a project with 2 targets that share a keychain, but as far as I can tell my project settings and theirs aren't significantly different.
This answer goes over the useyourloaf article from 2010 on keychain sharing, but like I mentioned before, it seems like the simulator completely ignores those keychain access group identifiers.
I keep thinking there must be something obvious I have missed throughout all of this. Any pointers would be greatly appreciated.
