iOS 13 Location Permissions

Apple showcased the changes in the Core Location framework during WWDC 2019. Location permissions have changed for the better in iOS 13. More weight has been put behind the user’s privacy.

Not only has Apple added a new permission type Allow Once, but also they’ve changed the way Always Allow permission used to work.

What’s Changed in Core Location?

With the release of iOS 13, Core Location framework has changed. Now you'll see a different kind of permission dialog for location permission. It has the new permission Allow Once.

The following illustration shows the permission model change from iOS 12 to iOS 13.

Core Location Permission Authorisation

In order to show location permissions, we need to configure the CLLocationManager instance in either of two ways:

  • requestAlwaysAuthorization

  • requestWhenInUseAuthorization

iOS 13 requires adding the following two privacy usage descriptions in the info.plist file:

  • NSLocationWhenInUseUsageDescription

  • NSLocationAlwaysAndWhenInUseUsageDescription

Setting Up Core Location

Here’s the code to get you started with Core Location in your iOS application:

var locationManager = CLLocationManager()
locationManager.requestAlwaysAuthorization()
//or use requestWhenInUseAuthorization()
locationManager.desiredAccuracy = kCLLocationAccuracyBest
locationManager.startUpdatingLocation()
locationManager.allowsBackgroundLocationUpdates = true
locationManager.pausesLocationUpdatesAutomatically = false

For allowsBackgroundLocationUpdates, ensure that you’ve enabled the Background mode location from the Capabilities in your Xcode project.

Without wasting any more time, let’s deep dive into the new location permission model.

Location Permissions: Under the Hood

iOS 13 has the following three location permissions (ignore Denied since it ignores the permission):

  • Allow While In Use — has superpowers of Allowed

  • Allow Once — temporary Allow While In Use

  • Allowed — deferred until really needed

Here’s the flow of how the new permission model works under the hood:

Allow Once Permission

Allow Once is similar to Allow While Using, but only for one foreground session. That means that once you leave the application for a considerable time, the permission state changes to notDetermined.

The next time the user starts the application, the developer can ask for the permissions again, depending on their use case. This gives users some finer control over the location data and also allows the developers to handler one-off location cases easily.

Allow Always Hides in Allow While Using Permission

Allow While Using permission defers the Allow Always permission.

Always Allow permission isn’t there by default in the new permission dialog. It’s there in a provisional form so that it can be used when it’s actually required.

Let’s see how that works with the different kinds of location authorizations.

Case 1: requestAlwaysAuthorization

  • Allow While Using permission handles Allows Allow permission only if you've requested location authorization using requestAlwaysAuthorisation.

  • With the above type of authorization, the user sees it as foreground permission, but CoreLocation informs the Delegate that it’s always permission. This way, it can monitor location events in the background, but the CLLocationManagerDelegate cannot receive those events.

  • CoreLocation holds onto the events and asks the user at an appropriate time whether they would like to Allow Always?. After that, the location events can be received in the background as well.

  • This way, Always Allow is deferred until a stage where it really requires the user’s consent for location updates in the background.

  • The above case makes Always Allow a provisional authorization.

Case 2requestWhenInUseAuthorization

  • In this case, Always Allowed never happens since the developers themselves hadn’t set it on the CLLocationManager instance.

  • Location is only accessed when the application is in the foreground (though it continues to access it for a very short interval once the user switches to the background).

Conclusion

The new permission model is much simpler since it hides the Always Allowed Option from the prompt and makes it a part of the While Using permission.

For Always Allow, it asks for the user’s consent when you try to access the location in the background. This way, it strives to provide clarity and transparency to the user about when the location is accessed.

That sums up this article. Here’s an example of MapKit and CoreLocation with the new iOS 13 location permissions.