Sharing keychain items between an app and a tool is tricky. As with all things keychain on the Mac, there’s two approaches you can take:
Using the traditional Mac file-based keychain (A)
Using the iOS-style database keychain (B)
With A, access control is managed by an ACL. The item’s creator needs to set up the ACL to allow the other party to access it.
The problem with this approach is that critical APIs involved have been deprecated (specifically,
With B, the problem is that access to the iOS-style keychain is gated by a provisioning profile, and it’s not easy to give a command line tool such a profile. You can get around this by packaging the command-line tool into an app-like bunch, but it’s all a bit strange.
If I were in your shoes I’d probably go for B.
Share and Enjoy
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"