Important: Starting
May 1, 2024, Apple
requires Privacy Manifests and signatures for iOS applications that use commonly-used SDKs, including GoogleSignIn-iOS. Upgrade to GoogleSignIn-iOS v7.1.0+ before May 1, 2024. Follow
our upgrade guide.
Enable App Check enforcement
Stay organized with collections
Save and categorize content based on your preferences.
When you understand how App Check will affect your users
and you're ready to proceed, you can enable App Check enforcement.
Enable enforcement in the Google API Console
To enable enforcement, complete the following steps:
Go to the edit view of your iOS client in the
Credentials page. There, you will see metrics to the right of the page
under the Google Identity for iOS section.
Click the ENFORCE button and confirm your choice. Once enforcement is
active, all unverified requests from your client will be rejected.
Note : After you enable enforcement, it can take up to 15 minutes for the
changes to take effect.
Enable enforcement in the Firebase Console
App Check can be enforced for specific iOS clients or for all your iOS clients
Enable enforcement for all iOS clients
To enable enforcement for Google Sign-in on iOS, complete the following steps.
Once you enable enforcement, all unverified requests will be rejected, including
requests associated with iOS OAuth clients that aren't linked to a Firebase app.
Open the App Check section of the Firebase console.
Expand the Google Identity for iOS section.
Click Enforce and confirm your choice.
Note that it can take up to 15 minutes after you enable enforcement for it to
take effect.
Enable enforcement for specific iOS clients
You can also configure App Check enforcement for specific iOS OAuth clients. To
do so:
Open OAuth clients under the App Check section of
the Firebase console.
Expand the metrics view for the OAuth client you want to configure.
If the client is not yet linked to an app, do so.
Click Create enforcement override.
Choose whether to enforce or unenforce App Check for this OAuth client. This
setting overrides your project's global Google Identity for iOS enforcement
setting.
Note that it can take up to 15 minutes after you enable enforcement for it to
take effect.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-08-28 UTC.
[null,null,["Last updated 2025-08-28 UTC."],[[["\u003cp\u003eApp Check enforcement can be enabled to ensure only verified requests are accepted, rejecting unverified ones.\u003c/p\u003e\n"],["\u003cp\u003eEnforcement can be enabled through the Google API Console or the Firebase Console, with options for specific or all iOS clients.\u003c/p\u003e\n"],["\u003cp\u003eEnabling enforcement involves navigating to the respective platform's console, locating the App Check or Google Identity for iOS settings, and clicking the 'Enforce' button.\u003c/p\u003e\n"],["\u003cp\u003eAfter enabling, it takes up to 15 minutes for the changes to take effect, impacting all subsequent requests.\u003c/p\u003e\n"],["\u003cp\u003eFirebase Console provides granular control, allowing enforcement overrides for individual iOS OAuth clients linked to your project.\u003c/p\u003e\n"]]],[],null,["When you [understand how App Check will affect your users](/identity/sign-in/ios/appcheck/monitor-metrics)\nand you're ready to proceed, you can enable App Check enforcement.\n\nEnable enforcement in the Google API Console\n\nTo enable enforcement, complete the following steps:\n\n1. Go to the edit view of your iOS client in the\n [Credentials page](https://console.cloud.google.com/apis/credentials). There, you will see metrics to the right of the page\n under the **Google Identity for iOS** section.\n\n2. Click the **ENFORCE** button and confirm your choice. Once enforcement is\n active, all unverified requests from your client will be rejected.\n\n**Note** : After you enable enforcement, it can take up to 15 minutes for the\nchanges to take effect.\n\nEnable enforcement in the Firebase Console\n\nApp Check can be enforced for specific iOS clients or for all your iOS clients\n\nEnable enforcement for all iOS clients\n\nTo enable enforcement for Google Sign-in on iOS, complete the following steps.\nOnce you enable enforcement, all unverified requests will be rejected, including\nrequests associated with iOS OAuth clients that aren't linked to a Firebase app.\n\n1. Open the [App Check](https://console.firebase.google.com/project/_/appcheck) section of the Firebase console.\n\n2. Expand the **Google Identity for iOS** section.\n\n3. Click **Enforce** and confirm your choice.\n\nNote that it can take up to 15 minutes after you enable enforcement for it to\ntake effect.\n\nEnable enforcement for specific iOS clients\n\nYou can also configure App Check enforcement for specific iOS OAuth clients. To\ndo so:\n\n1. Open [OAuth clients](https://console.firebase.google.com/project/_/appcheck/products/oauth) under the App Check section of\n the Firebase console.\n\n2. Expand the metrics view for the OAuth client you want to configure.\n\n3. If the client is not yet linked to an app, do so.\n\n4. Click **Create enforcement override**.\n\n5. Choose whether to enforce or unenforce App Check for this OAuth client. This\n setting overrides your project's global Google Identity for iOS enforcement\n setting.\n\nNote that it can take up to 15 minutes after you enable enforcement for it to\ntake effect."]]