App Store Compliance
The complete Required Reason API reference for PrivacyInfo.xcprivacy
Every Required Reason API category Apple gates, the approved reason codes for each, and what each code means. The reference for resolving ITMS-91053.
Apple’s “Required Reason APIs” are five categories of common iOS APIs that can fingerprint a device. Since May 1, 2024, using any of them requires declaring an approved reason code in your PrivacyInfo.xcprivacy. Pick the wrong code and you either get ITMS-91053 (missing) or a future App Review issue (mismatched). This is the complete reference: every category, every approved code, what each means.
Apple’s canonical source: Describing use of required reason API. For the broader submission picture, see every URL and file Apple requires.
How the declaration is structured
In PrivacyInfo.xcprivacy, NSPrivacyAccessedAPITypes is an array; each entry pairs one category with one or more reason codes:
<key>NSPrivacyAccessedAPITypes</key>
<array>
<dict>
<key>NSPrivacyAccessedAPIType</key>
<string>NSPrivacyAccessedAPICategoryUserDefaults</string>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>CA92.1</string>
</array>
</dict>
</array>
You declare the categories your binary (and your code, not the SDKs — they ship their own) actually uses, each with a code that honestly matches your usage.
Category 1: File timestamp APIs
NSPrivacyAccessedAPICategoryFileTimestamp — APIs like stat, fstat, getattrlist, NSFileModificationDate, .contentModificationDateKey.
| Code | Meaning |
|---|---|
DDA9.1 |
Display timestamps to the user for files in the app’s container or user-granted files. |
C617.1 |
Access timestamps of files inside the app container, app group container, or app’s CloudKit container. |
3B52.1 |
Access timestamps of files/directories the user specifically granted access to (e.g., via a document picker). |
0A2A.1 |
Third-party SDK wrapping the API on behalf of the app it’s bundled in (SDK-only code). |
Category 2: System boot time APIs
NSPrivacyAccessedAPICategorySystemBootTime — systemUptime, mach_absolute_time-derived boot time, kern.boottime sysctl.
| Code | Meaning |
|---|---|
35F9.1 |
Measure elapsed time for events within the app (e.g., performance timing). |
8FFB.1 |
Calculate absolute timestamps from relative ones for app operations like networking. |
3D61.1 |
Third-party SDK wrapping the API on behalf of the app. |
Category 3: Disk space APIs
NSPrivacyAccessedAPICategoryDiskSpace — volumeAvailableCapacityKey, statfs, NSFileSystemFreeSize, etc.
| Code | Meaning |
|---|---|
E174.1 |
Write/delete files only when there’s adequate space, to avoid errors. |
85F4.1 |
Display disk space to the user (in-app storage management UI). |
7D9E.1 |
Check disk space to comply with an Apple framework’s requirement (e.g., a download API). |
B728.1 |
Third-party SDK wrapping the API on behalf of the app. |
Category 4: Active keyboard APIs
NSPrivacyAccessedAPICategoryActiveKeyboards — UITextInputMode.activeInputModes and related.
| Code | Meaning |
|---|---|
3EC4.1 |
A custom-keyboard-extension app reading the active keyboards (only for keyboard-extension apps). |
54BD.1 |
Determine the keyboards to provide a localized/customized experience for the user. |
Category 5: User defaults APIs
NSPrivacyAccessedAPICategoryUserDefaults — UserDefaults / NSUserDefaults, and CFPreferences APIs.
| Code | Meaning |
|---|---|
CA92.1 |
Access UserDefaults to read/write information only accessible to the app itself. |
1C8F.1 |
Access UserDefaults to read/write information accessible across the app’s app group (shared with extensions/other apps in the group). |
C56D.1 |
Third-party SDK wrapping the API on behalf of the app (SDK-only code). |
AC6B.1 |
Access UserDefaults from an app extension to read/write info shared with the host app via app groups. |
How to pick the right code
Three rules:
- Match your actual usage, not the most permissive code. If you only use
UserDefaultsfor the app’s own settings,CA92.1— not1C8F.1(app group) unless you actually share via an app group. - The
*.1“third-party SDK wrapping” codes are for SDK code, not your app. If you callUserDefaults, use the app-usage code. The SDK-wrapper code is for when the call lives inside a bundled SDK that declares its own manifest. - Multiple reasons are allowed. If your app uses
UserDefaultsboth for its own settings and for app-group sharing, declare bothCA92.1and1C8F.1.
Finding which categories your binary actually triggers
# Apple's own approach: build, then check the binary for the symbols.
# A practical grep across your source + first-party code:
grep -rl "UserDefaults\|NSUserDefaults\|statfs\|systemUptime\|\
volumeAvailableCapacity\|activeInputModes\|contentModificationDate" \
Sources/ YourApp/ 2>/dev/null
# Then map each hit to its category above and pick the honest reason code.
Third-party SDKs declare their own — you don’t add reasons for SDK usage in your app’s manifest (that’s ITMS-91061, a separate problem).
How OrbitKit handles it
OrbitKit’s privacy manifest generator derives the NSPrivacyAccessedAPITypes declarations and the right reason codes from a wizard, and keeps them consistent with the data categories in your privacy policy and App Privacy questionnaire — so the three surfaces App Review cross-checks agree by construction. Start free or see features.
Related
- Resolving ITMS-91053 — the rejection this reference resolves.
- ITMS-91061: missing privacy manifest for a third-party SDK
- Every URL and file Apple requires