Hello, I’m currently reviewing and implementing age assurance and parental approval flows using AgeRangeService and PermissionKit (AskCenter) in the context of Texas regulatory compliance requirements. While the high-level APIs are clear, there are several technical aspects where the intended usage patterns are not fully explicit in the documentation. Clarification on these points would help ensure our implementation aligns with system expectations and regulatory obligations. ⸻ Querying the current approval state for SignificantAppUpdateTopic AskCenter.ask(...) returns Void, and AskCenter.responses(for:) provides an AsyncSequence of approval events. Is there an official or recommended way to determine whether a SignificantAppUpdateTopic has already been approved when the app launches, or is listening for future responses events the only supported mechanism? ⸻ Behavior of AskCenter.responses(for:) regarding past approvals When subscribing to AskCenter.responses(for:): • Does the stream replay previously recorded approval or decline decisions? • Or does it only emit events that occur after subscription? This affects whether the listener must be registered early in the app lifecycle. ⸻ Recommended lifecycle timing for registering a responses(for:) listener What is the intended or recommended time to register a responses(for:) listener? • At application launch • Immediately before calling ask(...) • When entering a specific gated feature Clarification on the expected lifecycle usage would be helpful. ⸻ Repeated calls to ask(...) after approval If AskCenter.ask(...) is called again for the same SignificantAppUpdateTopic after parental approval has already been granted: • Is the request ignored? • Is a new approval request sent to the parent? • Or is the call handled idempotently by the system? ⸻ Delivery of approval results when the child app is not running If a parent approves or declines a SignificantAppUpdateTopic while the child app is not running: • Will the approval decision be delivered as a responses(for:) event on the next app launch? • Or is the app expected to persist approval state locally? ⸻ Persistence of approval state Is the approval decision for SignificantAppUpdateTopic persisted by the system at the OS level, or is the app responsible for storing approval state? Additionally, does the approval persist across: • app restarts? • app deletion and reinstallation? ⸻ Meaning of activeParentalControls.significantAppChangeApprovalRequired How is activeParentalControls.significantAppChangeApprovalRequired determined? • Is this value explicitly configured by a parent (for example via Screen Time)? • Or is it automatically determined by the system based on region, age, or regulatory requirements? ⸻ Relationship between significantAppChangeApprovalRequired and AgeRangeService When activeParentalControls contains significantAppChangeApprovalRequired, is it still expected that apps call AgeRangeService.requestAgeRange(...)? Or can the presence of this flag be treated as sufficient indication that the user is a minor for gating purposes? ⸻ Recommended interpretation of AgeRangeDeclaration Is the intended usage of AgeRangeDeclaration to handle each case individually, or is it acceptable and recommended to interpret the values as different trust levels (for example, self-declared vs. government ID or payment verified)? Clarification on these points would help ensure that implementations of age assurance and parental approval flows are consistent with system behavior while meeting regulatory compliance requirements. Thank you for your guidance.

Is it possible to develop for TelephonyMessagingKit on iOS 26 outside of the EU? If so, how is this accomplished? I have added the 'Default Carrier Messaging App' entitlement to my project, but I do not see an option to set my app as a default option in settings on my device. I am not located inside of the EU, but would like to test this functionality.

I followed the method outlined in Apple's documentation to test "Revocation of Consent." Our server received the notification sent by Apple, but the parsed data only contains the following content (some data has been modified for privacy, but the fields remain unchanged): { "receiptType": "Sandbox", "bundleId": "com.xxx.xxxxx", "receiptCreationDate": 1764932591296, "requestDate": 1764932591296, "originalPurchaseDate": 1375340400000, "originalApplicationVersion": "1.0", "appTransactionId": "705020051250081000", "originalPlatform": "iOS" } How can we identify that "a parent/guardian has revoked authorization for a specific user"? We are unable to determine which minor user should be restricted from using certain features of our app. I hope to receive a prompt response from Apple's technical experts! Thanks A Lot ！

Hello, I am unable to figure out how I tell the FamilyActivityPicker whether it should show apps installed on my personal device (to be used with AuthorizationCenter.shared.requestAuthorization(for: .individual)) or apps installed on my child’s device (authenticated their phone via AuthorizationCenter.shared.requestAuthorization(for: .child)). Is there any parameter or SwiftUI modifier I need to apply? Otherwise, how does the user or the app know which token belongs to them and which token belongs to their child’s device? Radar: FB17020977 Thanks a lot for your help!

I'm building a voice-to-text keyboard extension that needs to open the main app briefly for audio recording (since keyboard extensions can't record audio), then return the user to their original app. The flow I'm trying to achieve: User is in WhatsApp (or Messages, Slack, etc.) User taps "Voice" button in my keyboard My main app opens via deep link (myapp://keyboard/dictation) App starts recording App automatically returns user to WhatsApp I cannot find a way to detect which app the keyboard is running inside, or which app opened my main app via the deep link. UIInputViewController.textDocumentProxy - No host app information available UIApplication.OpenURLOptionsKey.sourceApplication in application(_:open:options:) - When opened from a keyboard extension, does this return the host app bundle ID or the keyboard extension bundle ID? Private APIs (for research only, not production): _hostBundleID on UIInputViewController - blocked/returns nil on iOS 18 KVC approaches - all blocked Hardcoded app support - Works but requires maintaining a list of popular apps and showing multiple buttons instead of a single "Voice" button My questions: When a keyboard extension triggers a URL open (via SwiftUI Link or UIApplication.shared.open), what does sourceApplication contain? The host app or the keyboard extension? Is there any supported way for a main app to know which app it was launched from, specifically when that launch originated from a keyboard extension? How do apps like "Wispr Flow" achieve seamless return-to-app with a single voice button? They seem to auto-return to whatever app the user was in. Environment: iOS 18.0+ Xcode 16 SwiftUI keyboard using KeyboardKit Any guidance on the recommended approach would be greatly appreciated. I understand there may be privacy reasons for limiting host app detection, but the UX of requiring users to manually swipe back (or tap app-specific buttons) is significantly worse than automatic return.

Hello, I have noticed that the ShieldConfiguration is only requested when opening a target app, and never when the application token is moved to a different shield while the target app remains in foreground. This causes problems because many times the wrong ShieldConfiguration is displayed (recycled) instead of requesting a new ShieldConfiguration. This bug has been around since the introduction of the Screen Time API in 2020 and is has not been addressed. Bug reports: FB14237883 FB17902392 Please fix asap!! Not acceptable to have bugs not being addressed for more than 5 years. Most concerning: This is still reproducing on iOS 26 beta 7!! Thanks a lot for your help.

Hello, I’m developing a third-party VoIP app called Heyno and trying to support Siri-initiated calls so they behave like WhatsApp / FaceTime, especially from the lock screen. Target behavior From the locked device, the user says: “Hey Siri, call <contact> using Heyno” Expected result: • System CallKit audio-call UI appears. • No “continue in ” sheet, no forced unlock or foregrounding. • Our app handles the VoIP leg in the background via CXProviderDelegate. WhatsApp already does this with: “Hey Siri, call <contact> on WhatsApp” I’m trying to reproduce that behavior for Heyno using public APIs. I have followed the SiriKit + CallKit VoIP docs but cannot get a clean Siri → CallKit → app flow from the lock screen without either: Being forced into .continueInApp (unlock + foreground), or Hitting CallKit transaction errors when starting the call from the app in response to the intent. Current implementation Intents extension (INStartCallIntentHandling) • resolveContacts(for:with:) normalizes to E.164 and returns INPersonResolutionResult.success. • resolveDestinationType → .success(.normal). • resolveCallCapability → .success(.audioCall). Confirm / handle currently: func confirm(intent: INStartCallIntent, completion: @escaping (INStartCallIntentResponse) -> Void) { completion(INStartCallIntentResponse(code: .ready, userActivity: nil)) } func handle(intent: INStartCallIntent, completion: @escaping (INStartCallIntentResponse) -> Void) { completion(INStartCallIntentResponse(code: .ready, userActivity: nil)) } Earlier, I used .continueInApp with an NSUserActivity carrying the normalized number and metadata, but that always produced a “Continue in Heyno” sheet that requires unlock and foreground, which breaks the lock-screen Siri flow. App target – CallKit provider In the app I have CXProvider + CXProviderDelegate, which work correctly when calls are initiated from inside the app: func provider(_ provider: CXProvider, perform action: CXStartCallAction) { let handle = action.handle.value // Start VoIP / WebRTC / LiveKit / Asterisk call here provider.reportOutgoingCall(with: action.callUUID, startedConnectingAt: Date()) provider.reportOutgoingCall(with: action.callUUID, connectedAt: Date()) action.fulfill() } If I construct a CXStartCallAction and submit it via CXCallController.request(...) from the app, CallKit UI appears and our pipeline runs correctly. What I tried and what fails Starting CallKit from the Intents extension Calling CXCallController.request(...) directly from handle(intent:completion:) in the extension always yields: com.apple.CallKit.error.requesttransaction error 1 (unentitled) The extension does not have the CallKit entitlement, and the docs say not to initiate calls from the extension, so this path seems unsupported. Using .continueInApp + NSUserActivity Pattern: • handle(intent:) builds NSUserActivity (activityType = NSStringFromClass(INStartCallIntent.self), title = "Heyno Start Call", userInfo with E.164 handle, etc.). • Returns INStartCallIntentResponse(code: .continueInApp, userActivity: activity). • App receives the activity, then starts CallKit + VoIP. Functionally this works, but iOS always requires unlock + foreground (“Continue in Heyno”), which is not acceptable for a Siri lock-screen call. App group + Darwin notification (extension → app → CallKit) Experiment: • Extension writes the normalized number into an app-group UserDefaults. • Extension posts a Darwin notification. • App (if running) listens, reads the number, and initiates CXStartCallAction + VoIP. Observed: • Works only when the app is already running in the background; a killed app is not woken. • In some states I see CXErrorCodeRequestTransactionError.invalidAction (error 6) if I try to issue a CXStartCallAction while CallKit is already doing something as part of the Siri flow. • Siri sometimes replies “There was a problem with the app,” likely because CallKit rejects the transaction or sees duplicate/conflicting actions. My understanding so far • The Intents extension should resolve/confirm the intent but not start the call. • The source of truth for starting a call should be: Siri → CallKit → app’s CXProviderDelegate.provider(_:perform: CXStartCallAction) • The app then starts the VoIP leg, reports started/connected, and fulfills. Where I am stuck What is not clear is how Siri is supposed to route an INStartCallIntent into CallKit for a third-party VoIP app on a locked device without using .continueInApp. If my extension simply: • resolves the contact, • confirm → .ready, • handle → .ready (no NSUserActivity, no CallKit), I do not see a documented mechanism that causes: “Hey Siri, call <contact> using Heyno” on the lock screen to: • Present a CallKit audio call bound to Heyno, and • Deliver CXStartCallAction to my CXProviderDelegate while the app stays in the background. Questions For third-party VoIP apps today, is it recommended to implement INStartCallIntentHandling at all, or should we rely only on CallKit registration and Siri’s built-in support for “Call with ” (no SiriKit extension)? If an INStartCallIntentHandling extension is still the intended pattern: • Should confirm/handle simply return .ready and never start CallKit or set NSUserActivity? • In that case, is Siri expected to invoke CallKit on our behalf and create a CXStartCallAction targeting our provider, even when the device is locked and the app is not foreground? Is there any supported way for a Siri-triggered third-party VoIP call to start from the lock screen via CallKit without: • using .continueInApp (unlock + foreground), and • starting CallKit directly from the Intents extension (unentitled)? Is there any additional configuration, entitlement, provisioning profile flag, or Info.plist key required so that Siri can map “Call using Heyno” directly to our CallKit provider and background VoIP implementation? Current options: • .continueInApp + NSUserActivity → works, but always requires unlock + app UI. • Start CallKit from the extension → fails with “unentitled” and appears unsupported. • Extension → app-group + notification → app → CallKit → VoIP → fragile, with intermittent CXErrorCodeRequestTransactionError.invalidAction. • Remove the extension and hope Siri/CallKit auto-routes to our provider → unclear if this is supported for third-party VoIP apps or reserved for privileged apps. I would appreciate guidance on the intended architecture for this scenario, and whether the “Siri from lock screen → CallKit UI → background VoIP call” flow is achievable for an App Store VoIP app like Heyno using public APIs only.

Does WeatherKit Rest api have the following forecast endpoints? Pollen and Flu Air quality Radar forecast served through a REST API? Hail Solar energy Frost Potential Index

The published "Next steps for apps distributed in Texas" says "A parent or guardian in Texas can withdraw consent for any app, which will block launching of the app on the child or teen’s device." My question is: will this also block notifications sent to that app from showing up on that device? Or will notifications still be delivered to the notification center, even though the app can't be launched? (Specifically, notifications sent from a server via Firebase topic/token). If notifications are not blocked automatically, what is the expected flow for this scenario? My app sends notifications from a server like this. I could implement client-side code to say "if consent is revoked, unsubscribe from notifications", but if the OS blocks launching of the app, this client-side code would never run. Similarly, I could subscribe to the server notifications for when consent is revoked, but my app is free & accountless, so I'm not aware of any information in the server notification that I could use to identify the specific user whose notifications should be stopped. (For example my users won't have an appAccountToken because they never made a purchase). Guidance would be much appreciated. I'm trying to comply with the law but I don't know how.

Are we planning to have some APIs or methods to know that status of Call blocking extension and message filter extension in future releases as currently it is not available.

Hello Apple Developer Support Team, I am the Account Holder of my Apple Developer Program team (Team ID: T2BKUF6E93). My iOS app is using Swift WeatherKit (WeatherService) on device. Although my environment is completely configured, the system WeatherDaemon consistently fails to generate the WeatherKit JWT token. My environment: Team type: Apple Developer Program (paid) Team ID: T2BKUF6E93 Account role: Account Holder Xcode: latest version Device: iPhone (real device) Provisioning Profile: iOS Team Provisioning Profile (auto-managed) Entitlement: com.apple.developer.weatherkit included WeatherKit Key: created successfully (.p8 downloaded) Bundle ID: correct and WeatherKit capability enabled App reinstalled after each configuration change Device rebooted Even after enabling WeatherKit capability and generating a WeatherKit Key, the system still fails to generate JWT: Failed to generate jwt token for: com.apple.weatherkit.authservice Error Domain=WeatherDaemon.WDSJWTAuthenticatorServiceListener.Errors Code=2 "(null)" The error persists across: multiple device restarts full clean/rebuild in Xcode deleting and reinstalling the app pulling the latest provisioning profiles waiting more than several hours for backend propagation What I suspect My WeatherKit entitlement and/or WeatherKit Key may not be fully propagated to the provisioning server or WeatherDaemon backend, even though everything appears correctly configured on the Developer Center. I kindly request the support team to: Verify whether the WeatherKit Entitlement is correctly attached to my app ID and provisioning profile. Verify whether my WeatherKit Key is properly registered and propagated for my team. Check if there are any backend propagation delays or stuck states for my Team ID (T2BKUF6E93). Confirm whether WeatherDaemon has permission to generate JWT for my app. Thank you Please let me know if any logs, screenshots, or provisioning profile identifiers are needed. Thank you for your help! Best regards, Jiangyang

Hi everyone, I’m developing a screen-time and focus app that uses Apple’s Family Controls framework to block distracting apps and reward users through a gamified experience. Apple approved Family Controls (Distribution) for the main app identifier, but they did not approve the required extension target (which implements DeviceActivityMonitor, required for the framework to function). Because of this, I can’t archive or upload the app to TestFlight — and I’ve been stuck in limbo for over 2 months. This is severely delaying my launch. The app works perfectly, but I can’t release it because the extension wasn’t included in the entitlement approval. Has anyone else run into this with Family Controls? Is there any known way to escalate or fast-track approval for additional app IDs or targets? Would really appreciate any help, advice, or hacks. 🙏 Thanks, Enzer

Is there any way to use blockedApplications to hide all apps in a category? Currently, I use blockedApplications to hide individual apps, but it doesn’t work when I select an entire category. I thought the only solution would be to use shield, which doesn’t hide the apps but creates a blocking shield. However, I found an app on the App Store called Fokus, and it’s able to select a category and block all the apps in it. Does anyone know how this could be possible?

Hi, I developed an iOS app which will do SMS filtering by following this documentation. https://developer.apple.com/documentation/identitylookup/sms-and-mms-message-filtering) I built the app and send Test Flights to different testers. All the Testers from Sri Lanka (an asian country) says filtering is working and they can see all the enabled categories on the Messages too (including iOS 26). But the testers from Mexico cannot see the categories and filtering is not working. On official documentation there is nothing about supported countries. But I found true caller article https://support.truecaller.com/support/solutions/articles/81000406341-how-do-i-enable-sms-filtering-on-iphone mentioning it support only few countries for SMS filtering. Currently available in the following countries: India, Nigeria, South Africa, Kenya, Bangladesh, Sri Lanka. Our previous Categories filtering are still available for: Australia, Bahrain, Canada, Ghana, Tanzania, United Kingdom, United Arab Emirates, United States of America, Zambia Following article https://clearstream.io/blog/ios-26-iphone-new-text-message-filtering is saying some categories are supported by only Brazil and India. Still I could not find any official documentations saying different country supports.

Both follow the same pattern: show the image that is being shared along with a CTA button about doing something with it in their app. When you tap the button, their app opens. Is there some kind of magic conditions that tapping the button creates that makes extensionContext.open(_ URL: URL, completionHandler: ((Bool) -> Void)?) accept a URL for opening the app? Or are they just using the "walk the responder chain" hack and using the user's intent to do something in their app as sufficient justification for using it? I've tried opening a registered URL scheme for my app synchronously with the button tap, but it still is refusing to open (callback returns false).

We’re seeing unexpected NFC behavior once our app has 50+ Advanced App Clips created. Expected: Scanning an NFC tag with a URL that is NOT an App Clip invocation should show the standard “Open in Safari” notification. Actual: After we create ~50+ Advanced App Clips, scanning NFC tags for URLs on the same domain that are not associated with App Clips consistently shows “CPSErrorDomain error 2” instead of the Safari prompt.
 QR codes for the same non–App Clip URLs work as expected (shows Safari prompt). Clearing the App Clips “Experience Cache” sometimes helps briefly, but the error returns on consequent scans. Notes: Domain has valid AASA. App Clip invocation URLs work as expected.
 The issue appears tied to the number of Advanced App Clips configured. Below ~50, non–App Clip NFC scans behave correctly; above that, they fail.
 Affected across multiple devices and iOS versions tested. Repro steps: Configure 50+ Advanced App Clips for paths on a single domain.
 Encode a different URL on the same domain that is NOT listed as an App Clip invocation into an NFC tag.
 Scan the NFC tag on iPhone.
 Observe “CPSErrorDomain error 2” instead of the “Open in Safari” notification. Impact: blocks our NFC use case for regular web links once we scale App Clip experiences. Sysdiagnose #: FB20563121

Hello, I’m working on implementing SB2420 compliance using the Declared Age Range framework. While referring to the documentation at https://developer.apple.com/documentation/declaredagerange, I couldn’t find details on how the TX region (transaction region or territory) is determined when using Declared Age Range. Specifically, I’d like to confirm the following points: How does the system determine the TX region when the user’s declared age range is retrieved? Is it based on the App Store region, the device locale, or the user’s Apple ID country? If the app’s backend needs to verify or log the TX region, is there a way to obtain or infer it from the API response or receipt data? Is there any difference in TX region determination between Sandbox and Production environments? If anyone has experience implementing Declared Age Range (SB2420) and handling region determination, I’d appreciate your insights or best practices. Thank you.

Its possible to add the Declared Age Range entitlement to extensions, in particular I'm looking at a Notification Service Extension. However the DAR requestAgeRange() API takes a view controller as a parameter. Presumably therefore its not possible for a notification service extension to obtain the age range itself directly? Yes the extension can read it from shared groups if the app reads it and set it into the group. However the scenario I'm thinking of is this: App runs and gets the age range. Sets its functionality accordingly. The server sends pushes which are intercepted by the notification service extension, the extension adjusts its functionality based upon what the app wrote to shared groups The user changes the age range setting, but the app doesn't run. The extension keeps receiving pushes but its functionality is now out of sync with the age range as its not able to obtain it directly

Hi, A lot of e-mail providers supports OAuth2 authentication. However, Mail.app on macOS and iOS do not support configuring a mail account that would use OAuth2 authentication, unless it's on its hardcoded list of account providers. Is there any framework that allows setting up a custom account for my institution, so that we could begin to offer OAuth2 authentication for mail and calendar?

Hi, We’re building an iOS app that uses the Screen Time APIs (FamilyControls and DeviceActivity) to display a user’s own usage metrics inside the app. With the appropriate permissions granted, we are successfully reading and presenting metrics such as: Total screen time Device pickups These metrics are already visible to the user inside our app. We would now like to introduce a user-initiated “Share” feature. The idea is to: Render selected Screen Time metrics into a shareable image card generated locally on device. Present the standard iOS share sheet (UIActivityViewController). Allow the user to share that image to Messages, social apps, etc., if they choose. Important clarifications: This is fully user-initiated. The app does not automatically transmit Screen Time data. The metrics are already displayed in-app with user permission. The share asset would be generated locally. No background export or server-side posting would occur unless explicitly triggered by the user via the share sheet. We are seeking clarification on whether there are any policy or API restrictions around: Rendering Screen Time-derived metrics into a user-facing share card Allowing user-initiated export of those metrics via the standard iOS share flow Are there any additional privacy requirements, entitlement constraints, or App Review considerations we should be aware of when implementing this? Thanks in advance for any guidance.