Convert iOS Entitlements Plist to JSON

Entitlements Plist

Entitlements define the capabilities and permissions granted to an iOS or macOS application. They are stored in a plist file (typically .entitlements) and embedded in the app during code signing.

Plist Structure

<dict>
  <key>com.apple.security.app-sandbox</key>
  <true/>
  <key>com.apple.security.network.client</key>
  <true/>
  <key>com.apple.security.files.user-selected.read-write</key>
  <true/>
  <key>keychain-access-groups</key>
  <array>
    <string>$(AppIdentifierPrefix)com.example.myapp</string>
    <string>$(AppIdentifierPrefix)com.example.shared</string>
  </array>
  <key>aps-environment</key>
  <string>production</string>
  <key>com.apple.developer.associated-domains</key>
  <array>
    <string>applinks:example.com</string>
    <string>webcredentials:example.com</string>
  </array>
</dict>

JSON Output

{
  "com.apple.security.app-sandbox": true,
  "com.apple.security.network.client": true,
  "com.apple.security.files.user-selected.read-write": true,
  "keychain-access-groups": [
    "$(AppIdentifierPrefix)com.example.myapp",
    "$(AppIdentifierPrefix)com.example.shared"
  ],
  "aps-environment": "production",
  "com.apple.developer.associated-domains": [
    "applinks:example.com",
    "webcredentials:example.com"
  ]
}

Boolean Entitlements

Most sandbox entitlements use <true/> to enable capabilities. These become JSON booleans, making it straightforward to check which capabilities an app requests.

String and Array Entitlements

Some entitlements use strings (aps-environment) or arrays of strings (keychain-access-groups, associated-domains). The JSON output preserves these types and makes it easy to diff entitlements across builds or app versions.

Build Variable Placeholders

Entitlements often contain Xcode build variables like $(AppIdentifierPrefix). These are preserved as literal strings in both plist and JSON. They are resolved by Xcode during the build process, not by the converter.