Integrating with the Apple® Wallet Extension

HID Approve SDK enables a targeted subset of capabilities to run directly inside an Apple Wallet provisioning extension to deliver a seamless authentication flow during card activation. It leverages an existing HID Approve credential so users can complete activation without leaving Apple Wallet.

The extension securely invokes HID Approve functions to:

  • Generate OTPs (TOTP/HOTP/OCRA)

  • Generate cryptographic signatures using the user’s registered private key, fully within the extension

  • Submit signatures for server‑side validation, allowing the backend to confirm and complete card activation

For integration instructions, see the sample package provided in the SDK delivery and the API documentation for HID Approve SDK for Apple Wallet Extension.

Prerequisites:  

  • Both the app and extension must:

    • Be signed with the same Apple Developer Team ID and provisioning profile identity

    • Add the App Groups capability and declare the same App Group identifier

    • Add the Keychain Sharing capability and declare the same Keychain Access Group identifier

  • The primary application must share the active container using the new HID Approve SDK method HIDContainer.shareContainer()

Important:

  • This feature is supported on iOS only

    It is not supported on macOS.

  • It requires a host application embedding the full HID Approve SDK

  • The Wallet Extension must embed the HID Approve Wallet SDK subset only

  • Shared container configuration is required for credential access

Note: This feature is additive and does not impact existing provisioning or authentication flows.