Adding a sandboxed app to an app group
This is a relatively simple task that is complicated by confusing documentation. After viewing the documentation it looked relatively simple to add applications to a group. Just add some magic to the entitlements and use the containerURLForSecurityApplicationGroupIdentifier: method of NSURL. The only problem was that as far as I can tell NSURL does not have a containerURLForSecurityApplicationGroupIdentifier: method.
The key to add looks something like this:
<key>com.apple.security.application-groups</key> <array> <string>DG29478A379Q6483R9214.com.company.whatever</string> </array>
The random numbers are your development team ID. I believe that can be found by looking at your developer ID certificate in keychain viewer (someone correct me if I am wrong). After the period you can put whatever you want as long as it matches the string in the other applications you want to be part of a group.
Once you do this all applications sharing that key will have access to:
Without the containerURLForSecurityApplicationGroupIdentifier: there isn’t a great way to get this path. I just did:
NSString *groupContainer = [@"~/../../../Group Containers/DG29478A379Q6483R9214.com.company.whatever" stringByExpandingTildeInPath];
Let me know if anyone knows of a better way to create app groups.