This is a follow up to this question.

If I'm going to store a user's username and password with Keychain Services, should I simply create my own prompt view with an NSSecureTextField for the password, and then once the user enters their info pass it to a Keychain Services API (I found this one)?

I'm concerned Apple won't like me interacting with a users sensitive data directly like that.

this sounds like the appropriate thing to do. The following function calls will do the stuff you need.

SecKeychainAddGenericPassword();
SecKeychainFindGenericPassword();
SecKeychainItemModifyAttributesAndData();
SecKeychainItemCopyContent();
SecKeychainItemFreeContent();
SecKeychainItemDelete();

It appears that the only way use a user's password for Apple's Autoingest tool is to handle the password directly in code. I make sure to not hold onto it longer than I need it, and of course I store it with Keychain Services in order to keep it secure.