Team-scoped keys introduce the ability to restrict your token authentication keys to either development or production environments. Topic-specific keys in addition to environment isolation allow you to associate each key with a specific Bundle ID streamlining key management. For detailed instructions on accessing these features, read our updated documentation on establishing a token-based connection to APNs.

I am trying to issue the "start" APNs push notification to start a live activity for my iOS app. The notification appears to send correctly, there is no error message, but the live activity never appears for any of my users (users are in TestFlight). In addition to issuing the APNs commands from my server, I have also tried using the CloudKit Push Notification Console to manually generate a "start" notification. It submits correctly but the live activity never starts. I have also checked the Console app to watch the device logs and see if iOS is rejecting/throttling the live activity but I don't see any activity related to the start message at all. Here are some details: App bundle ID: `com.penzu.moodmoji` APNs topic: `com.penzu.moodmoji.push-type.liveactivity` APNs push type: `liveactivity` Recent apns-id: `7b633309-b7fd-4163-b620-776efa04f315` APNs payload: { "aps": { "timestamp": 1742651625, "event": "start", "content-state": { "totalDays": 7, "currentDay": 2, "progress": 0.29, "status": "ACTIVE", "reportReady": false }, "attributes-type": "GoalActivityAttributes", "attributes": { "totalDays": 7, "currentDay": 2, "progress": 0.29, "status": "ACTIVE", "reportReady": false }, "alert": { "title": "It's day 2!", "body": "Don't forget to record every time you feel anxious today." } } } I can confirm that LiveActivities started by the iOS app with ActivityKit work correctly, and the app does appear to be receiving pushToStartTokenUpdates: struct GoalActivityAttributes: ActivityAttributes, Sendable { struct ContentState: Codable & Hashable, Sendable { let totalDays: Int let currentDay: Int let progress: Double let status: String let reportReady: Bool } let goal: SimpleGoal } for await nextStartToken in Activity<GoalActivityAttributes>.pushToStartTokenUpdates { // send nextStartToken to server... } The app I'm testing with is in TestFlight, using the production APNs environment.

Hey everyone, I have an app using the screen time api, I've had quite a few reports from users saying that our monitoring features stop working until they open our app. What happens is that activities and schedules set with the device activity monitor seem to disappear. This is something we check on app re-opens and so we schedule them again and that is why the monitoring starts working again. Of course our current solution is not optimal since our app is mainly passive. Has anyone experienced these kinds of issue ?

Hi there, My app uses all the Screen Time API's with individual FamilyControls authorization. I've been using the API's for over 2 years (since they came out). In iOS 18 Beta (maybe started in Beta 3?), I've been experiencing random issues. I tracked it down to where it seems like DeviceActivityMonitor extension is more likely to deadlock in iOS 18. To reproduce: when DeviceActivityMonitorExtension.intervalDidEnd gets called, IF you call DeviceActivityCenter.startMonitoring for that SAME DeviceActivityName from the DeviceActivityMonitorExtension , the startMonitoring call deadlocks (if I pause debugger, it does not advance past DeviceActivityCenter.startMonitoring). The bug is reported in FB14664238. It also contains a sample project where you can reproduce this. I also note in the comment section that this is not the only way to encounter this problem. My application code (which is a lot more complicated) seems to deadlock on calling DeviceActivityCenter.activities. As a result, there seems to be an "overall trend" where, due to some changes, DeviceActivityMonitor extension is more likely to deadlock. The steps are not reproducible on iOS 17.6. This is built using Xcode 17.4. Thank you! 🙏

My client is using iCloud Mail with his custom domain and he communicated with many govt organizations which seem to all be using Barracuda Email Protection for their spam prevention. I have properly configured his SPF, DKIM & DMARC DNS records however his emails were still being rejected. (Email header below) I contacted Barracuda support with the email header and they replied saying that the emails were rejected becuase Apple Mail has missing PTR records. I have sent dozens of emails for testing and looking at all their headers I can see (ms-asmtp-me-k8s.p00.prod.me.com [17.57.154.37]) which does not have a PTR record. ----FULL EMAIL HEADER WITH 3RD PARTY DOMAINS REMOVED----- <recipient_email_address>: host d329469a.ess.barracudanetworks.com[209.222.82.255] said: 550 permanent failure for one or more recipients (recipient_email_address:blocked) (in reply to end of DATA command) Reporting-MTA: dns; p00-icloudmta-asmtp-us-west-3a-100-percent-10.p00-icloudmta-asmtp-vip.icloud-mail-production.svc.kube.us-west-3a.k8s.cloud.apple.com X-Postfix-Queue-ID: 8979C18013F8 X-Postfix-Sender: rfc822; sender_email_address Arrival-Date: Thu, 20 Mar 2025 12:30:05 +0000 (UTC) Final-Recipient: rfc822; @****** Original-Recipient: rfc822;recipient_email_address Action: failed Status: 5.0.0 Remote-MTA: dns; d329469a.ess.barracudanetworks.com Diagnostic-Code: smtp; 550 permanent failure for one or more recipients (recipient_email_address:blocked) Return-Path: <sender_email_address> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sender_domain; s=sig1; bh=CyUt/U7mIHwXB5OQctPjRH/OxLH7GsLR54JjGuRkj9Y=; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:To:x-icloud-hme; b=hwEbggsctiCRlMlEgovBTjB/0sPRCb2k+1wzHRZ2dZNrZdOqvFSNWU+Aki9Bl8nfv eEOoXz5qWxO2b2rEBl08lmRQ3hCyroayIn4keBRrgkxL1uu4zMTaDUHyau2vVnzC3h ZmwQtQxiu7QvTS/Sp8jjJ/niOPSzlfhphqMxnQAZi/jmJGcZPadT8K+7+PhRllVnI+ TElJarN1ORQu+CaPGhEs9/F7AIcjJNemnVg1cude7EUuO9va8ou49oFExWTLt7YSMl s+88hxxGu3GugD3eBnitzVo7s7/O9qkIbDUjk3w04/p/VOJ+35Mvi+v/zB9brpYwC1 B4dZP+AhwJDYA== Received: from smtpclient.apple (ms-asmtp-me-k8s.p00.prod.me.com [17.57.154.37]) by p00-icloudmta-asmtp-us-west-3a-100-percent-10.p00-icloudmta-asmtp-vip.icloud-mail-production.svc.kube.us-west-3a.k8s.cloud.apple.com (Postfix) with ESMTPSA id 8979C18013F8; Thu, 20 Mar 2025 12:30:05 +0000 (UTC) From: Marcel Brunel <sender_email_address> Message-Id: <2E8D69EA-FCA6-4F5D-9D42-22A955C073F6@sender_domain> Content-Type: multipart/alternative; boundary="Apple-Mail=_F9AC7D29-8520-4B25-9362-950CB20ADEC5" Mime-Version: 1.0 (Mac OS X Mail 16.0 (3826.400.131.1.6)) Subject: Re: [EXTERNAL] - Re: Brunel - 2024 taxes Date: Thu, 20 Mar 2025 07:29:27 -0500 In-Reply-To: <SA0PR18MB350300DE7274C018F66EEA24F2D82@SA0PR18MB3503_namprd18_prod_outlook_com> To: Troy Womack <recipient_email_address> References: <SA0PR18MB350314D0B88E283C5C8E1BB6F2DE2@SA0PR18MB3503_namprd18_prod_outlook_com> <9B337A3E-D373-48C5-816F-C1884BDA6F42@sender_domain> <SA0PR18MB350341A7172E8632D018A910F2D82@SA0PR18MB3503_namprd18_prod_outlook_com> <SA0PR18MB350300DE7274C018F66EEA24F2D82@SA0PR18MB3503_namprd18_prod_outlook_com> X-Mailer: Apple Mail (2.3826.400.131.1.6) X-Proofpoint-ORIG-GUID: uqebp2OIbPqBr3dYsAxdFVkCNbM5Cxyl X-Proofpoint-GUID: uqebp2OIbPqBr3dYsAxdFVkCNbM5Cxyl X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1093,Hydra:6.0.680,FMLib:17.12.68.34 definitions=2025-03-20_03,2025-03-19_01,2024-11-22_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 clxscore=1030 suspectscore=0 mlxlogscore=999 mlxscore=0 phishscore=0 malwarescore=0 spamscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2411120000 definitions=main-2503200077

Hi everyone! I'm trying to get the total sleep time for a given day, but users report that there's a difference between what my app reports and what the Apple Health app reports. In particular, we're off by 2 minutes less on average. What we're doing is: Get all the samples that are either core, deep, rem or unspecified Cut-off time at 3 PM previous day Merge overlapping intervals Add all the remaining intervals For debugging purposes I'm storing and sending all the raw samples to a server, and I have run tests and I don't find anything wrong. It looks like the number we come up with is correct according to our own rules. I wonder, how is Apple adding up all the samples to arrive at a number that's slightly off to our number. Any insight would be appreciated. Thanks.

Hi Developer Community, I'm experiencing a critical issue with CloudKit schema deployment that's blocking my app release. I've been trying to resolve this for several days and would appreciate any assistance from the community or Apple engineers. Issue Description I'm unable to deploy my CloudKit schema from development to production environment. When attempting to deploy through the CloudKit Dashboard, I either get an "Internal Error" message or the deployment button is disabled. Environment Details App: Reef Trak (Reef aquarium tracking app) CloudKit Container: ************ Development Environment: Schema fully defined and working correctly Production Environment: No schema deployed (confirmed in dashboard) What I've Tried Using the "Deploy Schema to Production" button in CloudKit Dashboard (results in "Internal Error") Exporting schema from development and importing to production (fails) Using CloudKit CLI tools with API token (results in "invalid-scope" errors) Waiting 24-48 hours between attempts in case of propagation delays Current Status App works perfectly in development environment (when run from Xcode) In TestFlight/sideloaded builds (production environment), the app attempts to fetch records but fails with "Did not find record type: Tank" errors Log snippet showing the issue: [2025-03-21] [CloudKit] Schema creation failed: Error saving record <CKRecordID: 0x******; recordName=SchemaSetup_Tank_-**---****, zoneID=_defaultZone:defaultOwner> to server: Cannot create new type Tank in production schema [2025-03-21] [CloudKit] Failed to create schema for Tank after 3 attempts [2025-03-21] [CloudKit] Error creating schema for Tank: Error saving record <CKRecordID: 0x****; recordName=SchemaSetup_Tank_---**-**********, zoneID=_defaultZone:defaultOwner> to server: Cannot create new type Tank in production schema App Architecture & Critical Impact My app "Reef Trak" is built around a core data model where the "Tank" entity serves as the foundational element of the entire application architecture. The Tank entity is not just another data type - it's the primary container that establishes the hierarchical relationship for all other entities: All parameter measurements (pH, temperature, salinity, etc.) are associated with specific tanks All maintenance tasks and schedules are tank-specific All livestock (fish, corals, invertebrates) exist within the context of a tank All user achievements and progress tracking depend on tank-related activities Without the Tank schema being properly deployed to production, users experience what appears to be a completely empty application, despite successful authentication and CloudKit connection. The app shows "Successfully retrieved iCloud data" but displays no content because: The Tank record type doesn't exist in production Without Tanks, all child entities (even if their schemas existed) have no parent to associate with This creates a cascading failure where no data can be displayed or saved This issue effectively renders the entire application non-functional in production, despite working flawlessly in development. Users are left with an empty shell of an app that cannot fulfill its core purpose of reef tank management and monitoring. The inability to deploy the Tank schema to production is therefore not just a minor inconvenience but a complete blocker for the app's release and functionality. Questions Is there an alternative method to deploy schema to production that I'm missing? Could there be an issue with my account permissions or container configuration? Are there known issues with the CloudKit Dashboard deployment functionality? What's the recommended approach when the dashboard deployment fails? I've also submitted a Technical Support Incident, but I'm hoping to get this resolved quickly as it's blocking my App Store release. Thank you for any assistance!

I'm unable to view Changes or Diff View in the Deploy Schema Changes Dialog due to an Internal Error.

So i created an App and for some time it was working fine. The app has features to show pdf to users without logging in. I needed to upload all data to cloudkit on public database. I was not having knowledge that there are 2 mode being a noob in coding so after i saved all records in development mode in cloudkit when i published my app, i was not able to see them (Reason because live mode works in Production mode). So i need help now to transfer data from development mode to production mode or any app or code that can help me upload all data in production mode.

I'm trying to set up server-to-server authentication with CloudKit Web Services, but keep getting AUTHENTICATION_FAILED errors. I've tried multiple environment settings and debugging approaches without success. What I've Tried I created a Swift script to test the connection. Here's the key part that handles the authentication: // Get current ISO 8601 date let iso8601Formatter = ISO8601DateFormatter() iso8601Formatter.formatOptions = [.withInternetDateTime] let dateString = iso8601Formatter.string(from: Date()) // Create SHA-256 hash of request body let bodyHash = SHA256.hash(data: bodyData).compactMap { String(format: "%02x", $0) }.joined() // Get path from URL let path = request.url?.path ?? "/" // String to sign let method = request.httpMethod ?? "POST" let stringToSign = "\(method):\(path):\(dateString):\(bodyHash)" // Sign the string with EC private key let signature = try createSignature(stringToSign: stringToSign) // Add headers request.setValue(dateString, forHTTPHeaderField: "X-Apple-CloudKit-Request-ISO8601Date") request.setValue(KEY_ID, forHTTPHeaderField: "X-Apple-CloudKit-Request-KeyID") request.setValue(signature, forHTTPHeaderField: "X-Apple-CloudKit-Request-SignatureV1") } I've made a request to this endpoint: What's Happening I get a 401 status with this response: "uuid" : "173179e2-c5a5-4393-ab4f-3cec194edd1c", "serverErrorCode" : "AUTHENTICATION_FAILED", "reason" : "Authentication failed" } What I've Verified The key validates correctly and generates signatures The date/time is synchronized with the server The key ID matches what's in CloudKit Dashboard I've tried all three environments: development, Development (capital D), and production The container ID is formatted correctly Debug Information My debugging reveals: The EC key is properly formatted (SEC1 format) Signature generation works No time synchronization issues between client and server All environment tests return the same 401 error Questions Has anyone encountered similar issues with CloudKit server-to-server authentication? Are there specific container permissions needed for server-to-server keys? Could there be an issue with how the private key is formatted or processed? Are there any known issues with the CloudKit Web Services API that might cause this? Any help would be greatly appreciated!

I'm working on adding a single Non-Consumable In-App purchase to my app. Essentially a "try before you buy" type thing. Limited functionality unless the app is purchased. I am currently testing this using Xcode and the Manage StoreKit Transactions window. So far most everything appears to be working except for declined pending transactions. If I set Ask to Buy to Enabled, the Ask Permission (for parent or guardian) dialog appears. After pressing the Ask button, I see a transaction listed as Pending Approval. If I Approve the transaction, then my app is notified and all is well. However, if I Decline the transaction then my app is not notified. Is that normal? Also, how do I (i.e. the app) know that there is a pending transaction?

Continuing with my investigations of several issues that we have been noticing in our testing of the JDK with macosx 15.x, I have now narrowed down at least 2 separate problems for which I need help. For a quick background, starting with macosx 15.x several networking related tests within the JDK have started failing in very odd and hard to debug ways in our internal lab. Reading through the macos docs and with help from others in these forums, I have come to understand that a lot of these failures are to do with the new restrictions that have been placed for "Local Network" operations. I have read through https://developer.apple.com/documentation/technotes/tn3179-understanding-local-network-privacy and I think I understand the necessary background about these restrictions. There's more than one issue in this area that I will need help with, so I'll split them out into separate topics in this forum. That above doc states: macOS 15.1 fixed a number of local network privacy bugs. If you encounter local network privacy problems on macOS 15.0, retest on macOS 15.1 or later. We did have (and continue to have) 15.0 and 15.1 macos instances within our lab which are impacted by these changes. They too show several networking related failures. However, I have decided not to look into those systems and instead focus only on 15.3.1. People might see unexpected behavior in System Settings > Privacy & Security if they have multiple versions of the same app installed (FB15568200). This feedback assistant issue and several others linked in these documentations are inaccessible (even when I login with my existing account). I think it would be good to have some facility in the feedback assistant tool/site to make such issues visible (even if read-only) to be able to watch for updates to those issues. So now coming to the issue. Several of the networking tests in the JDK do mulicasting testing (through BSD sockets API) in order to test the Java SE multicasting socket API implementations. One repeated failure we have been seeing in our labs is an exception with the message "No route to host". It shows up as: Process id: 58700 ... java.net.NoRouteToHostException: No route to host at java.base/sun.nio.ch.DatagramChannelImpl.send0(Native Method) at java.base/sun.nio.ch.DatagramChannelImpl.sendFromNativeBuffer(DatagramChannelImpl.java:914) at java.base/sun.nio.ch.DatagramChannelImpl.send(DatagramChannelImpl.java:871) at java.base/sun.nio.ch.DatagramChannelImpl.send(DatagramChannelImpl.java:798) at java.base/sun.nio.ch.DatagramChannelImpl.blockingSend(DatagramChannelImpl.java:857) at java.base/sun.nio.ch.DatagramSocketAdaptor.send(DatagramSocketAdaptor.java:178) at java.base/java.net.DatagramSocket.send(DatagramSocket.java:593) (this is just one example stacktrace from java program) That "send0" is implemented by the JDK by invoking the sendto() system call. In this case, the sendto() is returning a EHOSTUNREACH error which is what is then propagated to the application. The forum text editor doesn't allow me to post long text, so I'm going to post the rest of this investigation and logs as a reply.

I'm experimenting with advertising packets using Core Bluetooth on iOS as a Peripheral. I'm using an iPhone 13 mini as my test device. I've found that if I set a 128-bit CBAdvertisementDataServiceUUIDsKey, and a 8 byte CBAdvertisementDataLocalNameKey and call CBPeripheralManager::startAdvertising() I can see both data elements in a advertising report of type "legacy advertising indication", when scanning from another device. But if I add one or more extra bytes, the "Local Name" field is no longer in the same report. Instead, it is moved to the scan response. This is good, but a funky thing happens when I stop advertising. The legacy advertising indication becomes empty, however, the scan response, with the same data, continues to appear in every scan by the other device! I've tried calling stopAdvertising(), ending the debug session, closing the app, and force quitting (slide up from app choser), The only thing that seems to stop them is turning off Bluetooth in Settings. Is this normal behaviour?

Just bought a macbook pro m4, im trying to run an api on port 5000, disabled airplay receiver, checked processes, ghost ones, hidden ones, and stuck ones. I didn't find a thing using the port, but i still get port in use.

Capability to read and write ofd HFS disks on Mac has been removed since a long time. Capability to simply read was also removed since Catalina I think. That is surprising and sometimes frustrating. I still use a 90's MacBook for a few tasks and need from time to time to transfer files to newer Mac or read some old files stored on 3.5" disks. Solution I use is to read the disk on an old Mac with MacOS 10.6 (I'm lucky enough to have kept one) and transfer to USB stick or airdrop… As there is no USB port on the Macbook of course (and I have no more a working 56k modem to transfer by mail), only option if not 3,5" disk is using PCMCIA port on the MacBook for writing to an SD Card to be read in Mac Sonoma. But reading directly 3.5" disk would be great. Hence my questions for the forum: how hard would it be to write such a driver for READING only HFS on Mac Sonoma? There are some software like FuseHFS. Did anyone experience it ? Did anyone have a look at the source code (said to be open source). does anyone know why Apple removed such capability (I thought it was a tiny piece of code compared to the GB of present MacOS)? Thanks for any insights on the matter.

I’ve created several shortcuts that tell me the stock price of a given company. The shortcut queries Yahoo Finance using Get Contents of URL, with the URL https://finance.yahoo.com/quote/TICKER SYMBOL/, for example https://finance.yahoo.com/quote/PLTR/ for Palantir or https://finance.yahoo.com/quote/AAPL/ for Apple, etc. Then it uses RegEx to parse out the numbers which it then formats and displays in a notification. Simple. It works great for several stocks, but for some reason, it does not work correctly for Palantir. It shows an older “previous close” price. Oddly, when I go to the website myself, it shows me the current stock price. So for today Mar 21 https://finance.yahoo.com/quote/PLTR/ shows me $90.96 (correct) but the shortcut, via Get Contents of URL, shows $87.39 (incorrect). This $87.39 price is listed further down in the page as a "previous close” price. I don’t get it. Here is a link to my Palantir shortcut: https://www.icloud.com/shortcuts/edea6ee0261245f49b078efc74d632dd Here is a link to my Apple shortcut: https://www.icloud.com/shortcuts/54a416393203432aa356fe76373e3f8b So the question is, why does Get Contents of URL show an old stock price but when I go to the site myself, it shows the correct stock price … and only for Palantir? I have about six shortcuts running correctly. Palantir is the only one that does not work. Been banging my head on this one for weeks. Any advice would be much appreciated. Thank you, Rob

Could anyone tell me how to detect status of Local Network for iOS 18+ systems ?

I keep getting this error: Provisioning profile "iOS Team Provisioning Profile: com.visuallearningaids.craftshowtracker0320" doesn't include the com.apple.developer.in-app-purchase entitlement. I've made several different identifiers and profiles. Thanks Greg

var format = "%7B%22sign%22%3Anull%2C%22company%22%3A%22%E5%85%84%E5%BC%9F%E6%B5%B7%E6%B4%8B%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8%22%2C%22businessNo%22%3Anull%2C%22scene%22%3Anull%2C%22interviewCode%22%3A%22767676%22%7D" let message = withVaList([]) { args in let msg = NSString(format: format, arguments: args) print(msg) }