iOS Privacy Manifest & Usage Strings

Build PrivacyInfo.xcprivacy + Info.plist usage strings (required-reason APIs, tracking) to pass App Store review.

Generate PrivacyInfo.xcprivacy and Info.plist usage strings — required-reason APIs, tracking domains, NS…UsageDescription — to pass App Store review. Free.

About iOS Privacy Manifest & Usage Strings

The iOS Privacy Manifest & Usage Strings generator builds the two things Apple now rejects apps for getting wrong — entirely in your browser. First, the Info.plist NS…UsageDescription strings: if your app calls an API like the camera or location without a usage string, iOS terminates the app and App Store review rejects it. Pick the APIs you use and edit the purpose text. Second, the PrivacyInfo.xcprivacy privacy manifest: since 2024 Apple requires you to declare the 'required reason' APIs your code or bundled SDKs use (User Defaults, file timestamp, system boot time, disk space, active keyboards) with an approved reason code, plus whether the app tracks users and which domains it tracks to. The tool writes the exact plist XML for both. Nothing is uploaded.

How to use iOS Privacy Manifest & Usage Strings

  1. On the Usage strings tab, tick every API your app touches — camera, photos, microphone, location, contacts, Face ID, tracking, and more.
  2. Edit each purpose string so it specifically describes what your app does with that data; vague strings ("We need access") get rejected.
  3. Copy the generated Info.plist key/string pairs into your target's Info.plist.
  4. Switch to the Privacy manifest tab and set whether your app (or an SDK) tracks users, adding any tracking domains.
  5. Tick each required-reason API your code or SDKs use and choose the approved reason code from the dropdown.
  6. Download the PrivacyInfo.xcprivacy file and add it to your app target (and to each bundled framework that needs its own).

Frequently asked questions

What is a privacy manifest (PrivacyInfo.xcprivacy)?
It's a property-list file Apple requires that declares your app's tracking, tracking domains, collected data types, and the 'required reason' APIs it uses. Apps (and many third-party SDKs) must include one, and missing or incomplete manifests are rejected at upload since 2024.
What are required-reason APIs?
A set of common APIs — User Defaults, file timestamp, system boot time, disk space, and active keyboards — that can fingerprint users. If your code or a bundled SDK calls them, Apple requires you to declare an approved reason code (like CA92.1 for app-only User Defaults access) in the manifest.
Why was my app rejected for a missing usage description?
If your app accesses a protected resource (camera, photos, location, contacts, etc.) without the matching NS…UsageDescription string in Info.plist, iOS crashes the app on first access and App Store review rejects the build. This tool generates every string you need.
Do my usage strings need to be specific?
Yes. Apple rejects generic strings like "This app needs access." Describe exactly what the app does with the data — e.g. "We use the camera so you can take and attach photos" — which is what the editable defaults here give you a head start on.
Where do I put the PrivacyInfo.xcprivacy file?
Add it to your app target at the top level (name it exactly PrivacyInfo.xcprivacy). Each bundled framework or SDK that uses required-reason APIs or collects data needs its own manifest too.
Is any of this sent to a server?
No. Both files are generated locally in your browser — your selections and purpose strings never leave your device, and there's no signup or watermark.

People also search for

iOS Privacy Manifest & Usage Strings is also known as privacy manifest generator, PrivacyInfo.xcprivacy, required reason api, info.plist usage description, NSPrivacyAccessedAPITypes, app store privacy manifest, NSCameraUsageDescription.