Team-scoped keys introduce the ability to restrict your token authentication keys to either development or production environments. Topic-specific keys in addition to environment isolation allow you to associate each key with a specific Bundle ID streamlining key management. For detailed instructions on accessing these features, read our updated documentation on establishing a token-based connection to APNs.

I've been working a lot with the FamilyControls API and App Shield recently but have encountered a problem with no documentation. I used the FamilyActivitySelection to select the app store to shield(This is just for testing), and then printed out the application token: 1wfY¸êB ò S« öi #×(É?âðw ù/jQ ¿ J ïE¢? ·¿ º<Òd?ý r7¥Ãn N átJ¹ÿ85B_{VAF fC8. ,,¸¯3 T7F ±õü; ¹?v@¯ô Ä \-õ# Ò I know the application token is a Codable object so I was wondering, How do I create an application token using the Token<Application> initializer init(from: any Decoder) throws Creates a new instance by decoding from the given decoder. Using the above data? Do I have to encode first in order to decode it? For reference, the code I tried to use is: newValue.applicationTokens.encode(to: JSONEncoder) if let encoded = try? JSONEncoder().encode(newValue.applicationTokens) { data = encoded print(String(data: data, encoding: .utf8)!) } if let app = try? JSONDecoder().decode(Token<Application>.self, from: data) { let token = Application(token: app) print(token) } else { print("didn't work") } But it prints didn't work every time. What should I do differently?

I'm encountering an issue with Apple Pay on both Wallet and the Watch app where the app name is not showing up on the back of the payment card(Card details). The pass was successfully provisioned, and everything seems to be working, but the expected app name or brand isn't displayed, and instead, I see the generic "Something went wrong. Try again Later" message. Do we need to configure something to get this displayed in Wallet app?

I'm developing an AppIntent with a Duration parameter, the definition looks like this: @Parameter(title: "Duration", description: "Time entry duration") var duration: Measurement<UnitDuration> When I run this AppIntent using Siri voice command (by a shortcut) the system asks for the duration value, however when I try to say "1 hour 10 minutes" the "hour" component is ignored, in the AppIntent's perform() method I see only the minutes set (so in this case only 10 minutes). Is there any way to use the Duration type for this type of natural language input? When I try to set only 10 minutues, or 1 hour separately it works, just the combination of these two fails. Thank you

Hi everyone, I’m Jaswanth. My friends and I are students working on a project where we’ve developed a website and a companion app. Here’s the key functionality: When two users enter a virtual room, one of them is prompted to download a desktop app. The app is built with Python and uses psutil to check for certain running processes. It does not send any data over the internet. It has a GUI that clearly shows the system is being monitored , it’s not hidden or running in the background silently. We want to sign and notarize the app to make sure it runs on macOS without warning users. However, we’re concerned that since the app accesses system process information, it might be flagged as malicious. Before we pay for the Apple Developer Program, we wanted to ask: Will an app like this (which only reads running processes and does not exfiltrate or hide activity) be eligible for notarization? Thanks in advance for any insights. We'd appreciate any clarity before moving forward. Best, Jaswanth

I've been working on a new application and beta testing with TestFlight. When iOS 18.3 came out, my widgets stopped working due to using too much memory. I've been trying to debug for a while now, but not making much progress. Now that iOS 18.4 is out, I noticed the widgets are working again. I'm wondering if there was some change made in iOS 18.3 that was rolled back in iOS 18.4 that I'm not seeing in the iOS Release Notes etc? I haven't seen much in the Developer Forums, either. My concern is that perhaps Apple decided to make the 30MB Widget memory limit a "hard" limit, but then rolled it back, perhaps temporarily, so I'd like some clarity on the situation if possible. Otherwise, I did notice that it seemed as if all of my widgets were loaded at once, even if only one widget was installed, this boosting the memory usage significantly. If so, that might indicate that a bug was fixed in the Widget Provider system? In any case, I'd appreciate any information or advice on this. Thanks!

Is there any resource which describes this type of errors? I was integrating SKADNetwork view through Ad attribution and everything from the source app side is done and this error appears after the target app is installed and opened. Here is the full error Error setting install attribution pingback registered for app: <APP ID>, error: Error Domain=ASDErrorDomain Code=1209 "SKAdNetwork: Could not set registered for pingback that does not exist." UserInfo={NSLocalizedDescription=SKAdNetwork: Could not set registered for pingback that does not exist.}, result: 0 I cannot find any resource on the internet which gives any info about this ASDErrors. If anyone can help, you would be doing me a solid, Thanks in advance.

There is a problem with the Apple local network setting api, iOS18 system, you turn off the local network permissions of the APP, uninstall the APP, and then re-install, the local network permissions even if opened, there is no effect, only restart the phone is useful

Does someone know how to debug ios app on mac designed for iPad? i can debug on real iOS device but cant attach Tunnel to work for mac.

I'm trying to launch a command line app from my objective C application (sandboxed) using NSTask and I keep getting "launch path not accessible" Here is the path: [task setLaunchPath:@"/usr/local/bin/codeview"]; I have set the appropriate attributes for codeview and it is working perfectly when I use it from the command line and /usr/local/bin IS in the $PATH I know I have NSTask configured correctly because this WILL work: [task setLaunchPath:@"/usr/bin/hexdump"]; With the exception being that I'm using a command already in /usr/bin. But I can't copy codeview into /usr/bin due to SIPS. I've tried moving codeview to various other non-SIPS protected locations all to no avail. Must all NSTask commands come from /usr/bin? Where might I put codeview so that it can be launched. Today I'm going to use an older computer and disable SIPS to put my command in /usr/bin and see if that works. If it does. I will do it on my main machine.

Dear Apple Support Team, Hello! I am currently developing the in-app subscription functionality using Apple IAP API and have encountered a serious technical issue while processing subscription data. I would like to report this issue to you. Issue Description: When calling the subscription API endpoint, the same OriginalTransactionId returns inconsistent results. Specifically, a particular transaction ID (let's call it TransactionId_A) should belong to the subscription order with OriginalTransactionId_A, but it is currently incorrectly associated with OriginalTransactionId_B. This issue severely affects our ability to accurately manage and process subscription data. Here are the relevant log details for your reference: API Endpoint Requested: https://api.storekit.itunes.apple.com/inApps/v1/subscriptions/{TransactionId_A} (Note: The link is a placeholder for the actual API endpoint.) Log Information on February 21, 2025, at 09:40:09: { "AppAccountToken": "{AppAccountToken}", "BundleId": "{BundleId}", "Currency": "CNY", "Environment": "Production", "ExpiresDate": {ExpiresDate}, "InAppOwnershipType": "PURCHASED", "IsUpgraded": false, "OfferDiscountType": "", "OfferIdentifier": "", "OfferType": 0, "OriginalPurchaseDate": {OriginalPurchaseDate}, "OriginalTransactionId": "{OriginalTransactionId_A}", "Price": {Price}, "ProductId": "{ProductId}", "PurchaseDate": {PurchaseDate}, "Quantity": 1, "RevocationDate": 0, "RevocationReason": 0, "SignedDate": {SignedDate}, "Storefront": "CHN", "StorefrontId": {StorefrontId}, "SubscriptionGroupIdentifier": "{SubscriptionGroupIdentifier}", "TransactionId": "{TransactionId_A}", "TransactionReason": "PURCHASE", "Type": "Auto-Renewable Subscription", "WebOrderLineItemId": "{WebOrderLineItemId}" } Log Information on March 21, 2025, at 09:38:49: { "AppAccountToken": "{AppAccountToken}", "BundleId": "{BundleId}", "Currency": "CNY", "Environment": "Production", "ExpiresDate": {ExpiresDate}, "InAppOwnershipType": "PURCHASED", "IsUpgraded": false, "OfferDiscountType": "", "OfferIdentifier": "", "OfferType": 0, "OriginalPurchaseDate": {OriginalPurchaseDate}, "OriginalTransactionId": "{OriginalTransactionId_B}", "Price": {Price}, "ProductId": "{ProductId}", "PurchaseDate": {PurchaseDate}, "Quantity": 1, "RevocationDate": 0, "RevocationReason": 0, "SignedDate": {SignedDate}, "Storefront": "CHN", "StorefrontId": {StorefrontId}, "SubscriptionGroupIdentifier": "{SubscriptionGroupIdentifier}", "TransactionId": "{TransactionId_A}", "TransactionReason": "PURCHASE", "Type": "Auto-Renewable Subscription", "WebOrderLineItemId": "{WebOrderLineItemId}" } From the above logs, it is evident that the same transaction (TransactionId_A) returns different OriginalTransactionId values at different times, which is clearly not expected and severely impacts our ability to correctly process and manage subscription data. I hope you can address and investigate this issue as soon as possible. If you need any further information or assistance, please feel free to contact me. Thank you for your support! Best regards!

Team, We are currently checking out on Apple Pay using ALL and MRU as currencies. We have authorized the payment via Touch ID; however, we are not receiving the onPaymentAuthorized event. Could you please confirm if Apple Pay supports ALL and MRU currencies? We have confirmed that it works with other currencies. Thank you!

Issue Description I am experiencing persistent 401 Unauthorized errors when attempting to access the App Store Server API using JWT authentication. Despite following Apple's documentation and regenerating keys, I am unable to successfully authenticate. Implementation Details I'm implementing JWT authentication for the App Store Server API to retrieve transaction information from the following endpoint: https://api.storekit.itunes.apple.com/inApps/v1/transactions/{transactionID} My JWT generation code (in PHP/Laravel) follows Apple's documentation: php$kid = '6W6H649LJ4'; $header = [ "alg" => "ES256", "kid" => $kid, "typ" => "JWT" ]; $iss = 'b8d99de7-b43b-4cbb-aada-546ec784e249'; // App Store Connect API Key Issuer ID $bid = 'com.gitiho.learnCourse'; // Bundle ID $payload = [ "iss" => $iss, "iat" => time(), "exp" => time() + 3600, "aud" => "appstoreconnect-v1", "bid" => $bid ]; $pathFileAuthKeyP8 = "AuthKey_6W6H649LJ4.p8"; $contentFileAuthKey = \File::get(base_path($pathFileAuthKeyP8)); $alg = "ES256"; $jwt = \Firebase\JWT\JWT::encode($payload, $contentFileAuthKey, $alg, null, $header); Steps Taken to Troubleshoot Verified that the Issuer ID is correct and in UUID format Confirmed that the Key ID matches the private key filename Regenerated the key with proper App Store Server API permissions Ensured the private key file is properly formatted with correct headers and footers Verified that the JWT is being properly encoded using the ES256 algorithm Confirmed the bundle ID is correct for our application Checked that the API endpoint URL is correct Additional Information This implementation previously worked correctly We started experiencing 401 errors recently without changing our implementation We are using the Firebase JWT library for PHP to encode the JWT Request Could you please help identify what might be causing these authentication failures? Is there any recent change in the authentication requirements or endpoint URLs that might be affecting our integration? Thanks for support me.

Hi there, We have an app targeted for children and we want to use the SkAdNetwork to track installs for campaigns. We don't want to track further in-app events (purchase etc.), just the install event. We added the SDK to our Unity app, listed the network identifiers in the plist file, configured the external campaign according to their instructions, but struggle to see any events for several weeks now. We see the following logs in the app: Registering install attribution pingback. Failed to migrate Install Attribution database schema from 17001 => 17400. SkAdNetwork: No pingbacks found while attempting to register/update. Error setting install attribution pingback registered for app: 1509727806, error: Error Domain=ASDErrorDomain code=1208 How can we debug this further? What does the error mean? Thank you very much! (I hope I posted in the correct forum topic. Apologies if not)

Nice to meet you, I'm currently trying to create an app like a data logger using BLE. When a user uses the above app, they will probably put the app in the background and lock their iPhone if they want to collect data for a long period of time. Therefore, the app I want to create needs to continue scanning for BLE even when it goes into the background. The purpose is to continue to obtain data from the same device at precise time intervals for a long period of time (24 hours). In that case, can I use the above function to continue to read and record advertising data from the same device periodically (at intervals of 10 seconds, 1 minute, or 5 minutes) after the app goes into the background? Any advice, no matter how small, is welcome. Please feel free to reply. Also, if you have the same question in this forum and it has already been answered, I would appreciate it if you could let me know.

I have multiple app ids that are registered with Push Notification, however they do not hsow up in the Push Notification Console for testing.

Hello everyone! We are observing a significant number of failures in the fetch of the products with StoreKit1, meaning that in a completely random way, some product identifiers are considered invalid in the response that we receive from Apple, and after some minutes these products are considered once again valid. The issue started on Thursday 04/24 around 12.00 am (UTC + 02.00) and from our dashboard we can clearly see the trend of these failures has some spikes at precise times. I am attaching a view that we use for monitoring purposes showing this trend, considering the data of this week. We are noticing this problem on multiple developer accounts and on multiple apps, which is leading us to think it could be an issue in the Apple backend processing the request. In our case, the apps are not launched correctly until all the products are fetched, and therefore the impact of this problem is very high. Is anyone experiencing something similar or do you have logs which allows you to identify such issues? The issue happens only in production, while in debug and TestFlight environment everything works well. Thank you for your support

We have an application. We are monitoring the fence event. We are using 'startMonitoringForRegion' API. but we are not getting any fence event. Steps Create a fence using 'startMonitoringForRegion' API BG on APNS trigger. initial fence state 'didDetermineState' not received. From Syslogs we can see OS has detected but event is not given to Application We are compiling code using SDK18.0 Error ** locationd Fence: LAC monitoring is not sufficient for / ocationd Fence: no allowing wifi monitor for, 400.0, fence Feedback Ticket ID: FB17250308 Syslogs Snippet: debug 2025-04-15 12:45:40.890193 -0500 locationd FenceCal: combine non-fine non-large fence, distance, 0.0, / //OS detetected fence state default 2025-04-15 12:45:44.706232 -0500 locationd Fence: fenceUpdate, , bundle, , type, GPS , loc, 33.1171776, -96.6606076, acc, 19, distance, 17, tech, LC...+, trans, 0, state, 0, cont, 1, fence, 33.11728835, -96.66048288, 1011.0, 766431742.6, sCount, 0, 0, trig, 0, 3, sinceLastLoc, 10.0, events, 0x00001810, status, (Inside) => (Inside) , settled state, (Unknown) ==> (Unknown), cantShiftButNeedTo, 0, sinceLastTransition, -1.0, significant, 0, loi, 0, lastProximityStateTimestamp, -1.000000, lastProximityState, 0, lastApproachingState, 0 // debug 2025-04-15 12:45:44.706247 -0500 locationd Fence: LAC monitoring is not sufficient for / // debug 2025-04-15 12:45:44.706263 -0500 locationd Fence: no allowing wifi monitor for, 400.0, fence, Fence, []//, latitude, 33.11728835, longitude, -96.66048288, refFrame, 0, distance, 1011.0, eFistance, 1011.0, lDown, -1.0, time, 766431742.6, ctime, -1.0, flags, EX------, key, -1506186373, throttled, N, polygon, 0, envType, 2, locType, 0

I'm building a macOS + iOS SwiftUI app using Xcode 14.1b3 on a Mac running macOS 13.b11. The app uses Core Data + CloudKit. With development builds, CloudKit integration works on the Mac app and the iOS app. Existing records are fetched from iCloud, and new records are uploaded to iCloud. Everybody's happy. With TestFlight builds, the iOS app has no problems. But CloudKit integration isn't working in the Mac app at all. No existing records are fetched, no new records are uploaded. In the Console, I see this message: error: CoreData+CloudKit: Failed to set up CloudKit integration for store: <NSSQLCore: 0x1324079e0> (URL: <local file url>) Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service named com.apple.cloudd was invalidated: failed at lookup with error 159 - Sandbox restriction." UserInfo={NSDebugDescription=The connection to service named com.apple.cloudd was invalidated: failed at lookup with error 159 - Sandbox restriction.} I thought it might be that I was missing the com.apple.security.network.client entitlement, but adding that didn't help. Any suggestions what I might be missing? (It's my first sandboxed Mac app, so it might be really obvious to anyone but me.)

Hi, We’re developing a BLE peripheral device and encountered a connection issue when connecting two devices (Device A and Device B) simultaneously to an iOS device. Problem: On iOS 18, we are experiencing occasional BLE timeouts and disconnections when both devices are connected at the same time. On iOS 16, we did not encounter this issue under the same conditions. What we’ve tried: Adjusted the connection interval from 30ms to 15ms. This seems to have improved stability somewhat. However, we still observe intermittent timeout/disconnection issues. Questions: Are there any known changes in BLE connection handling or timing constraints in iOS 18? Are there recommended connection parameter settings (interval, latency, timeout, etc.) for multi-device BLE connections in iOS? Is there a way to debug or log more details about the disconnection reasons on the iOS side? Any guidance or suggestions would be greatly appreciated.

I'm looking for help with a network extension filtering issue. Specifically, we have a subclass of NEFilterDataProvider that is used to filter flows based upon a set of rules, including source IP and destination IP. We've run into an issue where the source IP is frequently 0.0.0.0 (or the IPv6 equivalent) on outgoing flows. This has made it so rules based upon source IP don't work. This is also an issue as we report these connections, but we're lacking critical data. We were able to work around the issue somewhat by keeping a list of flows that we allow that we periodically check to see if the source IP is available, and then report after it becomes available. We also considered doing a "peekBytes" to allow a bit of data to flow and then recheck the flow, but we don't want to allow data leakage on connections that should be blocked because of the source IP. Is there a way to force the operating system or network extension frameworks to determine the source IP for an outbound flow without allowing any bytes to flow to the network? STEPS TO REPRODUCE Create a network filtering extension for filtering flows using NEFilterDataProvider See that when handleNewFlow: is called, the outgoing flow lacks the source IP (is 0.0.0.0) in most cases There is this post that is discussing a similar question, though for a slightly different reason. I imagine the answer to this and the other post will be related, at least as far as NEFilterDataProvider:handleNewFlow not having source IP is considered. Thanks!