Play Integrity has several levels. GrapheneOS MEETS_BASIC_INTEGRITY, which I believe only requires a locked bootloader and no superuser.
replyThere's also been some discussion of spoofing MEETS_DEVICE_INTEGRITY, since before Android 13 it didn't rely on a TPM, and many apps don't want to lock out older devices, but it's been decided against it [0].
[0] https://github.com/GrapheneOS/os-issue-tracker/issues/1986
I saw on the GrapheneOS forums that some people had managed to get it working, but I was unable to do so.
replyMy bootloader is locked, because I re-locked it after installing GrapheneOS. The app runs, but refuses to let me log in. I even tried (temporarily) using a browser to login, and let the browser switch to the app in the process. Nada.
It's ridiculous that Google bills their "DEVICE INTEGRITY" initiative as a security feature, when GrapheneOS, which is a more secure platform, cannot use it.
Hmmmm.... Actually you can have an unlocked bootloader for the basic integrity level.[0]
reply[0] https://developer.android.com/google/play/integrity/verdicts