Overview

With the release of iOS / iPadOS / tvOS 14, Apple requires applications to provide more transparency to users for the the data the application and the application's third-parties are accessing from the user.

New Apple Requirements

• Privacy Nutrition Label on App Store. For more information, see The iOS SDK and Apple's Privacy Nutrition Label.
• App Tracking Transparency Permission Prompts. For more information, see Configuring App Tracking Transparency Prompts for Mobile Apps.

👍

Watch the App Tracking Transparency Technical Implementation Webinar to help you measure and report the impact of the iOS 14 App Tracking Transparency IDFA prompt.

Displaying a Pre/Post-Prompt

The OneTrust SDK will automatically determine if a Pre/Post-Prompt should be shown based on the parameters passed to showConsentUI(). Applications only need to specify:

• A permission type: .idfa
• A ViewController presenting the UI: self
• How to manage the completion handler once the prompt UI is dismissed

OTPublishersHeadlessSDK.shared.showConsentUI(for: .idfa, from: self) {
	// code to be executed once the OneTrust Prompt dismisses from view
}

📘

Make sure that startSDK() has been successfully downloaded at least once prior to calling this method.

Check and Log Consent

Since the App Tracking Transparency permission can be changed at any time by a user in device settings, the OneTrust SDK needs a way to become aware of that consent change to update the backend with the latest consent value. For this scenario, the checkAndLogConsent() method should be used. There are two ways this method can be called:

• Automatically by the OneTrust SDK each time is called
• Manually by the application whenever necessary (ex: on app launch)

📘

If you are calling this method manually, ensure that startSDK() has been successfully downloaded at least once.

OTPublishersHeadlessSDK.shared.checkAndLogConsent(for: .idfa)

UI Styling

The pre and post prompt UIs can only be styled locally in the project via plists.

👍

For more information, see Customize User Interfaces.

Important Notes

• It is recommended that the application calls startSDK API on every launch to make sure that the latest status of ATT is in sync with our server.
• Starting 202504.1.0, we will be supporting ATT with hierarchical purposes. That means, you can now link not only standalone categories but also categories/purposes that are part of a hierarchy.

FAQs

1. Can the OneTrust SDK change the consent value for the App Tracking Transparency permission?

No, Apple does not allow this. The App Tracking Transparency permission can only be updated in the following ways:

• User interacts with Apple's App Tracking Transparency permission prompt
• User updates the App Tracking Transparency permission value in the device's settings

The OneTrust SDK can only:

• Show Apple's App Tracking Transparency permission prompt to the user, via Pre-Prompt
• Deep link the user to the application's device settings for updating App Tracking Transparency permission, via Post-Prompt

2. What happens when the user closes the app or turns off their device while the App Tracking Transparency permission prompt is being displayed?

Apple records this as a Ask App Not to Track user selection. This will impact the application in the following ways:

• The application will not be allowed to show the App Tracking Transparency permission prompt to the user again, since it was already shown once.
• Calling OneTrust SDK's showConsentUI() method will result in a Post-Prompt, not a Pre-Prompt.
• If Consent Logging feature is enabled, the next time startSDK() or checkAndLogConsent() is called, the OneTrust SDK will log a consent transaction for the App Tracking & Transparency purpose with status Opted Out.

3. What happens when the user closes the app or turns off their device while the OneTrust SDK's Pre-Prompt is being shown?

Nothing really happens:

• The OneTrust SDK will not log any consent transactions.
• The next time OneTrust SDK's showConsentUI() method is called, the Pre-Prompt will still be shown because the App Tracking Transparency permission prompt has yet to be shown to the user.

4. What happens if the user updates the App Tracking Transparency toggle in device settings to a new value and returns to the application?​

The application will restart (Apple device does this automatically).

If Consent Logging is enabled on Geolocation rule, the next time startSDK() or checkAndLogConsent() is called, the OneTrust SDK will log a consent transaction for ​App Tracking & Transparency​​ purpose with status of Confirmed or Opted Out (depending on user’s new selection).

5. How does OneTrust SDK handle Opt-Out consent models (ex: CCPA) for Categories linked to App Tracking Transparency?

This answer depends on the user journey your application takes with regard to the OneTrust CMP + the user's App Tracking Transparency selection. See below for details:

Scenario 1: User interacts with SDK banner before interacting with ATT

• User sees a banner and clicks on Accept All / Reject All
• Next user sees the ATT system prompt
  • If ATT accepted:
    • If user selected Accept All: Linked category should be enabled.
    • If user selected Reject All: Linked category should be disabled.
  • If ATT rejected: Linked category will always be disabled.

Scenario 2: No SDK banner, but user interacts with ATT

• User interacts with ATT system prompt
  • If ATT accepted: Linked category should follow user’s last given consent.
    • If last consent not available, fall back to category's default consent model.
  • If ATT rejected: Linked category will always be disabled.

Scenario 3: No interaction with ATT or banner

• The toggle status should reflect the default consent model
  • If linked category + Opt Out model + no ATT interaction: category enabled.
  • If linked category + Opt In model + no ATT interaction: category disabled.