Hot off the heels of Facebook’s announcement that it is shutting down it’s Parse Cloud platform, Apple has announced in a press release that they are adding additional capabilities (including server-to-server Web Service requests) to CloudKit, their cloud-storage and Authentication offering. CloudKit, up until now had been restricted to interfacing only with iOS, OSX and Web apps.
In addition to providing a Web interface for users to access the same data as your app, you can now easily read and write to the CloudKit public database from a server-side process or script with a server-to-server key. (Source: Apple)
The latest announcement opens the CloudKit API to consumption by server-side applications and in the course of doing so, takes some extra precautions to secure transmission to and from the CloudKit API. For a server-side app to gain access, the developer must supply that server's public key to the CloudKit dash which in turn generates a unique Request Key ID that Apple pairs to its record of that public key (which is, of course, uniquely associated with the API consuming server). Then, in addition to using the public key's associated private key to sign API calls (one layer of security), API calls must include the Request Key ID in the subpath of future Web service requests (another layer of security). Apple has documented a sample workflow that can be tested with pretty any system capable of generating it's own public key/private key pair and running the CURL command.
CloudKit powers iCloud, which is Apple’s cloud synchronization solution for syncing its client apps, such as Photos and Notes, and allowing data to be synced between devices seamlessly. The timing of Apple’s latest features is impeccable in light of Facebook’s announcements, and with developers no longer being restricted to just OSX and IOS clients, it looks like Apple and CloudKit will be the new benefactor.