Team-scoped keys introduce the ability to restrict your token authentication keys to either development or production environments. Topic-specific keys in addition to environment isolation allow you to associate each key with a specific Bundle ID streamlining key management. For detailed instructions on accessing these features, read our updated documentation on establishing a token-based connection to APNs.

I've been working a lot with the FamilyControls API and App Shield recently but have encountered a problem with no documentation. I used the FamilyActivitySelection to select the app store to shield(This is just for testing), and then printed out the application token: 1wfY¸êB ò S« öi #×(É?âðw ù/jQ ¿ J ïE¢? ·¿ º<Òd?ý r7¥Ãn N átJ¹ÿ85B_{VAF fC8. ,,¸¯3 T7F ±õü; ¹?v@¯ô Ä \-õ# Ò I know the application token is a Codable object so I was wondering, How do I create an application token using the Token<Application> initializer init(from: any Decoder) throws Creates a new instance by decoding from the given decoder. Using the above data? Do I have to encode first in order to decode it? For reference, the code I tried to use is: newValue.applicationTokens.encode(to: JSONEncoder) if let encoded = try? JSONEncoder().encode(newValue.applicationTokens) { data = encoded print(String(data: data, encoding: .utf8)!) } if let app = try? JSONDecoder().decode(Token<Application>.self, from: data) { let token = Application(token: app) print(token) } else { print("didn't work") } But it prints didn't work every time. What should I do differently?

I'm encountering an issue with Apple Pay on both Wallet and the Watch app where the app name is not showing up on the back of the payment card(Card details). The pass was successfully provisioned, and everything seems to be working, but the expected app name or brand isn't displayed, and instead, I see the generic "Something went wrong. Try again Later" message. Do we need to configure something to get this displayed in Wallet app?

在watchOS11.5下，Apple watch无法加载天气。无论是否连接自己的iPhone均无法加载

Hi there, We have an app targeted for children and we want to use the SkAdNetwork to track installs for campaigns. We don't want to track further in-app events (purchase etc.), just the install event. We added the SDK to our Unity app, listed the network identifiers in the plist file, configured the external campaign according to their instructions, but struggle to see any events for several weeks now. We see the following logs in the app: Registering install attribution pingback. Failed to migrate Install Attribution database schema from 17001 => 17400. SkAdNetwork: No pingbacks found while attempting to register/update. Error setting install attribution pingback registered for app: 1509727806, error: Error Domain=ASDErrorDomain code=1208 How can we debug this further? What does the error mean? Thank you very much! (I hope I posted in the correct forum topic. Apologies if not)

I've been working on a new application and beta testing with TestFlight. When iOS 18.3 came out, my widgets stopped working due to using too much memory. I've been trying to debug for a while now, but not making much progress. Now that iOS 18.4 is out, I noticed the widgets are working again. I'm wondering if there was some change made in iOS 18.3 that was rolled back in iOS 18.4 that I'm not seeing in the iOS Release Notes etc? I haven't seen much in the Developer Forums, either. My concern is that perhaps Apple decided to make the 30MB Widget memory limit a "hard" limit, but then rolled it back, perhaps temporarily, so I'd like some clarity on the situation if possible. Otherwise, I did notice that it seemed as if all of my widgets were loaded at once, even if only one widget was installed, this boosting the memory usage significantly. If so, that might indicate that a bug was fixed in the Widget Provider system? In any case, I'd appreciate any information or advice on this. Thanks!

I'm device manufacturer and in future planning to get my device matter certified. If I want my device data for analytics purpose into my cloud than what is the best way possible. My research says that the most latest approach suggested by apple is, developing a custom mobile app using device homekit sdk and subscribe to device state and send it to my cloud. If I go that route, will it work even though the device was onboarded via homekit app and homekit hub device is also there. I want to make sure that both path will be active, device to hub to home app and device to custom app to my cloud, and both on matter ecosystem. The homekit sdk and matter support mentioned here https://developer.apple.com/apple-home/matter, are these two same thing?

We have an application. We are monitoring the fence event. We are using 'startMonitoringForRegion' API. but we are not getting any fence event. Steps Create a fence using 'startMonitoringForRegion' API BG on APNS trigger. initial fence state 'didDetermineState' not received. From Syslogs we can see OS has detected but event is not given to Application We are compiling code using SDK18.0 Error ** locationd Fence: LAC monitoring is not sufficient for / ocationd Fence: no allowing wifi monitor for, 400.0, fence Feedback Ticket ID: FB17250308 Syslogs Snippet: debug 2025-04-15 12:45:40.890193 -0500 locationd FenceCal: combine non-fine non-large fence, distance, 0.0, / //OS detetected fence state default 2025-04-15 12:45:44.706232 -0500 locationd Fence: fenceUpdate, , bundle, , type, GPS , loc, 33.1171776, -96.6606076, acc, 19, distance, 17, tech, LC...+, trans, 0, state, 0, cont, 1, fence, 33.11728835, -96.66048288, 1011.0, 766431742.6, sCount, 0, 0, trig, 0, 3, sinceLastLoc, 10.0, events, 0x00001810, status, (Inside) => (Inside) , settled state, (Unknown) ==> (Unknown), cantShiftButNeedTo, 0, sinceLastTransition, -1.0, significant, 0, loi, 0, lastProximityStateTimestamp, -1.000000, lastProximityState, 0, lastApproachingState, 0 // debug 2025-04-15 12:45:44.706247 -0500 locationd Fence: LAC monitoring is not sufficient for / // debug 2025-04-15 12:45:44.706263 -0500 locationd Fence: no allowing wifi monitor for, 400.0, fence, Fence, []//, latitude, 33.11728835, longitude, -96.66048288, refFrame, 0, distance, 1011.0, eFistance, 1011.0, lDown, -1.0, time, 766431742.6, ctime, -1.0, flags, EX------, key, -1506186373, throttled, N, polygon, 0, envType, 2, locType, 0

If a notification: ONE_TIME_CHARGE is used to ship the IAP content, it involves a point where the client might not finish the transaction, yet the item is shipped. Will an unfinished purchase affect refunds?

I'm currently still on StoreKit 1, and am testing the paymentQueueShouldShowPriceConsent delegate function. In my local .storekit file, I have a renewable subscription set up with a promotional offer. My test flow is as follows: User subscribes to renewable subscription Let subscription auto-renew once or twice User subscribes to renewable subscription with promotional offer with significant price reduction Promotional offer lapses and price increases to normal Expect paymentQueueShouldShowPriceConsent delegate function to trigger However, #5 never does get invoked, despite re-trying the subscription and promotional offers in various configurations. Manually triggering the Request Price Increase Consent option in the Xcode StoreKit transactions list does invoke the delegate function, but letting the promotional offer lapse does not. My storefront is set to Korea, and my simulator region is set to Korea as well. According to the documentation here and here, consent is required for all price increases in Korea. Is there some way I could check if things are working as intended?

Hi everyone, We're using the react-native-device-activity package to implement app blocking via Apple's Screen Time API. The blocking functionality works well: when the user selects apps and taps "Done," those apps get blocked as expected. However, we're facing an issue with unblocking apps that the user later unselects. Even after the user unchecks some apps and taps "Done" again, those previously selected (now unselected) apps remain blocked and still show the shield.

Team, We are currently checking out on Apple Pay using ALL and MRU as currencies. We have authorized the payment via Touch ID; however, we are not receiving the onPaymentAuthorized event. Could you please confirm if Apple Pay supports ALL and MRU currencies? We have confirmed that it works with other currencies. Thank you!

Issue Description I am experiencing persistent 401 Unauthorized errors when attempting to access the App Store Server API using JWT authentication. Despite following Apple's documentation and regenerating keys, I am unable to successfully authenticate. Implementation Details I'm implementing JWT authentication for the App Store Server API to retrieve transaction information from the following endpoint: https://api.storekit.itunes.apple.com/inApps/v1/transactions/{transactionID} My JWT generation code (in PHP/Laravel) follows Apple's documentation: php$kid = '6W6H649LJ4'; $header = [ "alg" => "ES256", "kid" => $kid, "typ" => "JWT" ]; $iss = 'b8d99de7-b43b-4cbb-aada-546ec784e249'; // App Store Connect API Key Issuer ID $bid = 'com.gitiho.learnCourse'; // Bundle ID $payload = [ "iss" => $iss, "iat" => time(), "exp" => time() + 3600, "aud" => "appstoreconnect-v1", "bid" => $bid ]; $pathFileAuthKeyP8 = "AuthKey_6W6H649LJ4.p8"; $contentFileAuthKey = \File::get(base_path($pathFileAuthKeyP8)); $alg = "ES256"; $jwt = \Firebase\JWT\JWT::encode($payload, $contentFileAuthKey, $alg, null, $header); Steps Taken to Troubleshoot Verified that the Issuer ID is correct and in UUID format Confirmed that the Key ID matches the private key filename Regenerated the key with proper App Store Server API permissions Ensured the private key file is properly formatted with correct headers and footers Verified that the JWT is being properly encoded using the ES256 algorithm Confirmed the bundle ID is correct for our application Checked that the API endpoint URL is correct Additional Information This implementation previously worked correctly We started experiencing 401 errors recently without changing our implementation We are using the Firebase JWT library for PHP to encode the JWT Request Could you please help identify what might be causing these authentication failures? Is there any recent change in the authentication requirements or endpoint URLs that might be affecting our integration? Thanks for support me.

For the pushToken sent by APNS to register a wallet pass for update notifications, is there a max length or size that APNS will send? I save the token in my database and have it defined as varchar(256), but I have had some instances where the pushToken is larger than that. I'd like to know if there's an absolute max size that APNS will send. Then I'll know if I should reject requests with tokens larger than what's expected, and/or if I need to make the token size larger in the database.

reposting this in case it got missed the first time around here https://developer.apple.com/forums/thread/775900 We had a question that came up when we comparing data from WeatherKit to other sources - WeatherKit visibility was well beyond the boundaries we had historically, even from Darksky. That raises two questions: is visibility actually in meters like the docs say? is this visibility at ground level, 500ft, or some other height? We were seeing visibility numbers of up to 40 miles (after converting the number the API sent to miles), where all of our other sources are usually within 10 miles

I am writing regarding an issue I have encountered while attempting to complete a payment using test users created within the Sandbox environment of Apple Pay. The problem persists specifically when trying to make payments through the demo page at https://applepaydemo.apple.com/. Problem Description: When initiating a payment process with either of the following test user accounts. The flow proceeds as follows: The Apple Pay window appears correctly. Processing begins but does not conclude successfully. After processing concludes, there is no prompt for 'Pay with Touch ID'. Additional Information: Device & OS Version: MacOS 15.3.2 Browser & Version: Safari 18.3.1 Real Device or Simulator: Real device used First Occurrence: Before January 1st, 2025 Custom Configurations or Backend Used: No custom configurations or backend modifications are being utilized during interaction with the demo page. Could you please provide assistance in resolving this issue?

Our app server has subscription feature and processes purchase life cycles based on App Store Server Notification v1. Last year, when users purchased subscriptions during the following timeframe, we received "INITIAL_BUY" notifications with "unified_receipt.Latest_receipt_info.purchase_date" set to future date(approx. 1 hour after the actual purchase). 2024-11-03 08:00:00 - 2024-11-03 09:00:00 Etc/GMT (UTC) For example, we received the following v1 notification at 2024-11-03 08:36:33 Etc/GMT. "notification_type": "INITIAL_BUY" "unified_receipt.latest_receipt_info[].purchase_date": "2024-11-03 09:36:02 Etc/GMT" Our server grants subscription entitlement based on "purchase_date" so the users had to wait 1 hour before the subscription features became available. The timeframe coincided with the end of daylight saving time in the U.S., so we assume that it affected the behavior, but our country doesn't adopt daylight saving time. We have some questions regarding this behavior. In countries without daylight saving time, how should we handle such notifications with future purchase date in order to properly grant subscription entitlement? In App Store Server Notification v2, could purchase date be set to future date at the end of daylight saving time in the U.S., just as in v1 notifications? JWSTransactionDecodedPayload.purchaseDate

The stuff I've found by searching has confused me, so hopefully someone can help simplify it for me? I have an app (I use it for logging which books I've given away), and I could either add a bunch of things to the app, or I could have another app (possibly a CLI tool) to generate some reports I'd like.

I have made a Swift App for MacOS 15 under XCode 16.3, which runs fine. I also want to run it under the previous MacOS 14. Unfortunately it crashes without even starting up (it does not even reach the first log output statement on the first view) The crash reason is Crashed Thread: 0 Dispatch queue: com.apple.main-thread Exception Type: EXC_BAD_INSTRUCTION (SIGILL) Exception Codes: 0x0000000000000001, 0x0000000000000000 Termination Reason: Namespace SIGNAL, Code 4 Illegal instruction: 4 Terminating Process: exc handler [2970] I have set the miminium deployment to MacOS 14.0 but to no effect. The XCode machine is a MacOS 15.4 on Arm M3 and the target machine is MacOS 14.7.5 on Intel (MacBook Air) I think it might be related to the compiler and linker settings.

Based on Cooordinate with the companion app in this article by Apple https://developer.apple.com/documentation/healthkit/running-workout-sessions if a workout were to be started on the iPhone companion app but with no Watch available, given HKLiveWorkoutBuilder not available in iOS, does the iPhone app need to implement it's own workout tracking such as a timer for counting the elapsed time and location updates for distance and GPS tracking? If so in an instance where a paired Apple Watch were to exist and the workout is continued in the Watch app should the iPhone companion app stop this custom workout tracking and revert to the mirrored workout from the Watch to ensure accurate and synchronised data between the apps?

I'm looking for help with a network extension filtering issue. Specifically, we have a subclass of NEFilterDataProvider that is used to filter flows based upon a set of rules, including source IP and destination IP. We've run into an issue where the source IP is frequently 0.0.0.0 (or the IPv6 equivalent) on outgoing flows. This has made it so rules based upon source IP don't work. This is also an issue as we report these connections, but we're lacking critical data. We were able to work around the issue somewhat by keeping a list of flows that we allow that we periodically check to see if the source IP is available, and then report after it becomes available. We also considered doing a "peekBytes" to allow a bit of data to flow and then recheck the flow, but we don't want to allow data leakage on connections that should be blocked because of the source IP. Is there a way to force the operating system or network extension frameworks to determine the source IP for an outbound flow without allowing any bytes to flow to the network? STEPS TO REPRODUCE Create a network filtering extension for filtering flows using NEFilterDataProvider See that when handleNewFlow: is called, the outgoing flow lacks the source IP (is 0.0.0.0) in most cases There is this post that is discussing a similar question, though for a slightly different reason. I imagine the answer to this and the other post will be related, at least as far as NEFilterDataProvider:handleNewFlow not having source IP is considered. Thanks!