Have ideas to improve npm?Join in the discussion! »


    2.0.0 • Public • Published


    You may use this tiny module to validate Apple DeviceCheck tokens with the Apple DeviceCheck API.

    Worker implementation

    const deviceCheck = require("@bearologics/devicecheck");
    const deviceCheckPassed = await deviceCheck(request, {
        iss: APPLE_JWT_ISS,
        kid: APPLE_JWT_KID,
        privateKeyPEM: APPLE_JWT_PRIVATE_KEY,
    if (!deviceCheckPassed) {
        return new Response("Unauthorized", { status: 401 });

    Client-side implementation

    Generating a DeviceCheck token, as of writing this, only works on a real iOS / iPadOS device. You should import and use the DeviceCheck.framework for this.

    We'll now generate a device token and send it to our Worker using a custom header, which is called X-Apple-Device-Token, this header is parsed by the Worker and sent to the Apple Server for verification.

    When using a development certificate, you also want to set the header X-Apple-Device-Development: true for the Worker to target Apple's Development Server rather than the production one.

    import DeviceCheck
    guard DCDevice.current.isSupported else {
      fatalError("Device not supported") // todo: handle error
    DCDevice.current.generateToken { data, error in
      guard let data = data else {
        fatalError("Could not generate device token") // todo: handle error
      let tokenString = data.base64EncodedString() // going to use this in our header
      let request = URLRequest(url: "https://my-worker.my-handle.workers.dev")
      request.setValue(tokenString, forHTTPHeaderField: "X-Apple-Device-Token")
      // optional when signing using a development certificate
      // this will use the development DeviceCheck server
      request.setValue("true", forHTTPHeaderField: "X-Apple-Device-Development")
      let config = URLSessionConfiguration.default
      let session = URLSession(configuration: config)
      let task = session.dataTask(with: request, completionHandler: { data, response, error in
        // handle result


    See LICENSE.md


    npm i @bearologics/devicecheck

    DownloadsWeekly Downloads






    Unpacked Size

    4.8 kB

    Total Files


    Last publish


    • avatar
    • avatar