accessControlFlags property

Keychain access control flags define security conditions for accessing items. These flags can be combined to create custom security policies.

Using Logical Operators:

• Use AccessControlFlag.or to allow access if any of the specified conditions are met.
• Use AccessControlFlag.and to require that all specified conditions are met.

Rules for Combining Flags:

• Only one logical operator (or or and) can be used per combination.
• Logical operators should be placed after the security constraints.

Supported Flags:

• userPresence: Requires user authentication via biometrics or passcode.
• biometryAny: Allows access with any enrolled biometrics.
• biometryCurrentSet: Requires currently enrolled biometrics.
• devicePasscode: Requires device passcode authentication.
• watch: Allows access with a paired Apple Watch.
• privateKeyUsage: Enables use of a private key for signing operations.
• applicationPassword: Uses an app-defined password for encryption.