AppleConnect (CLI)

From The iPhone Wiki
Revision as of 11:16, 7 March 2021 by Ilikeiphone123 (talk | contribs) (added internal software infobox)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This article discusses software internally used by Apple.

Acquiring a copy without Apple's consent is illegal and may result in being scammed.
Engaging in illegal activity is not condoned. This information is provided for educational purposes only.

Summary

appleconnect is a tool that is installed into /usr/local/bin/ along with AppleConnect (Application), through a package called AppleConnect.pkg.

Usage

usage: appleconnect <command> [command-options-and-arguments]
   or  appleconnect <command> --help for help on a specific command

available commands:
appleconnect authenticate: Authenticate command will initiate AppleConnect to perform Sign In process. It will perform stealth signing in, if user specifies password and path to file which contains it. If there is no password file specified, expect password to be entered interactively from the command prompt. Also SSO Login window will be presented if user specifies option --show-signIn-dialog. If realm is not specified then default realm will be used. In case no account name is specified, AppleConnect will try to use default account name from preferences or account name of current user which signed in to requested realm. If account name is not specified and default account name is not set in preferences and no user is signed in to requested realm then command will fail.
usage: appleconnect authenticate [-a account | --account=account [-r realm | --realm=realm] [[-f filepath | --password-file=filepath] | [-d | --show-signIn-dialog]]] | [-h | --help]

appleconnect serviceTicket: Initiates AppleConnect to perform Sign In process and then will generate service ticket. User interaсtion is not allowed if specified --noninteractive option. It will read password from file if user specifies path to it. If there is no password file specified, expect password to be entered interactively from the command prompt. If there is a built-in TOTP code generator configured it will read verification code from it, otherwise expect verification code to be entered interactively from the command prompt. If realm is not specified then default realm will be used. In case no account name is specified, AppleConnect will try to use default account name from preferences or account name of current user which signed in to requested realm. If account name is not specified and default account name is not set in preferences and no user is signed in to requested realm then command will fail. Command will generate DAW token instead of service ticket if specified --dawToken option. Application ID is mandatory to generate DAW token. In case no application ID is specified, AppleConnect will try to infer it from serviceName. If application ID is not specified and it could not be inferred then AppleConnect will use default application ID which might not work for specific application.
usage: appleconnect serviceTicket [-a account | --account=account [-r realm | --realm=realm] [-f filepath | --password-file=filepath] [-n | --noninteractive] [-N service-name | --serviceName=service-name] [-H service-host | --serviceHost=service-host] [-d | --dawToken [-I applicationId | --appId=applicationId]]] | [-h | --help]

appleconnect signOut: Signs out specified user. If realm and account are not specified, it signs out all users. If realm is specified, but account is not, signs out all users for specified realm. If account is specified but realm is not specified then default realm will be used.
usage: appleconnect signOut [-a account | --account=account [-r realm | --realm=realm]] | [-h | --help]

appleconnect currentUser: Returns signed user name for specified realm.
usage: appleconnect currentUser [-r realm | --realm=realm] | [-h | --help]

appleconnect network: Connects or disconnects user to/from Apple Network. To prevent showing UI, SSO should be used. To connect/disconnect to/from VPN or Secure Wi-Fi specify 'vpn' or 'secure-wifi' service correspondingly. If service is not specified, secure Wi-Fi will be preferable. User interaсtion is not allowed if specified --noninteractive option. Also shows information about Apple Network configuration and status. It is possible to show status and configuration only for specific service (VPN or Secure Wi-Fi) if corresponding service is specified in parameters. Replaces deprecated command 'vpn'.
usage: appleconnect network [-a <connect|disconnect> | --action=<connect|disconnect> [-s <secure-wifi|vpn> | --service=<secure-wifi|vpn> [-t <ssl|l2tp> | --type=<ssl|l2tp>] | [-c name | --configuration=name]] [-n | --noninteractive]] | [-i | --info [-s <secure-wifi|vpn> | --service=<secure-wifi|vpn>]] | [-h | --help]

appleconnect setupGenerator: Command is used to setup AppleConnect built-in TOTP code generator. Start with 'https://appleconnect.apple.com/account/manage#!devices' web page to add new code generator and get a secret key. Then use this command to set up code generator with this secret key. If account is not specified then default account name from AppleConnect preferences will be used. If no default account name is set in preferences then account name of current signed in user will be used. In case no account name is specified and default account name is not set in preferences and no user is signed in then command will fail. Account name could be 128 characters long. If issuer is not specified then default name 'AppleConnect-CLI' will be used. Issuer name could be 64 characters long.
usage: appleconnect setupGenerator [-a account | --account=account [-i issuer | --issuer=issuer]] | [-h | --help]

appleconnect verificationCode: Command is used to get two-step verification code using AppleConnect built-in TOTP code generator. If remainingTime option is specified the remaining time will be printed within the code.
usage: appleconnect verificationCode [-r | --remainingTime] | [-h | --help]

appleconnect currentVersion: Returns current version of AppleConnect. Will return short version if specified --short option. Will return bundle version if specified --bundle option. Will return full version if no options are specified or if both --short and --bundle options are specified.
usage: appleconnect currentVersion [-s | --short] | [-b | --bundle] | [-h | --help]

appleconnect uninstall: Uninstalls AppleConnect from the system. This option works only if appleconnect command is invoked by super user. If there is a valid device approval and keepApproval option is specified the approval will not be removed on uninstall.
usage: appleconnect uninstall [-a | --keepApproval] | [-h | --help]

See Also