Team-scoped keys introduce the ability to restrict your token authentication keys to either development or production environments. Topic-specific keys in addition to environment isolation allow you to associate each key with a specific Bundle ID streamlining key management. For detailed instructions on accessing these features, read our updated documentation on establishing a token-based connection to APNs.

My tvOS app includes the purchase of subscriptions, and I am updating the code with Storekit 2.0. I have seen other apps that present the "Confirm with Apple Device" UI upon selection of a product, but for me I only ever see an alert confirming the purchase. I have tested this using Xcode storekit data and a sandbox account. I have also attempted using Storekit views and passing the UIWindowScene to the purchase(confirmIn: ) parameter, but neither made any difference. Is there some limitation that prevents that UI from showing in debug builds?

For many months now we've been building a watchOS app with push support. On device, these usually work fine, but in the sim, only loud pushes are ever received (don't contain content-available). This includes pushes triggered from our backend, whether directly or through Firebase Cloud Messaging, from Apple push web interface, from apns files dropped onto the sim, or from files sent using simctl push. All say they were sent successfully, none trigger any of the push related WKApplicationDelegate methods. As I understand it, only didReceiveRemoteNotification should be triggered for this kind of push. Additionally, can anyone confirm what the proper background mode setup is for push notifications on watchOS? Is it supposed to remote-notification under UIBackgroundModes or WKBackgroundModes? For WKBackgroundModes Xcode only offers a few watch specific values, but not the push value. The docs are unclear on this part.

I'm adding live activities to my app and I'm trying to use push notifications to fully remotely start them and end them. The pushToStartTokenUpdates sequence gives start tokens exactly as expected, and triggers even when the app is fully terminated when a new live activity starts. However, the pushTokenUpdates sequence is far less predictable and seems to never trigger when the app is fully terminated. Even when the app is just backgrounded, it's still finicky. I send the "input-push-token": 1 as part of the aps payload too to begin the live activity, but that seems to have little to no effect. Is there any way to ensure that we can receive a push token specifically to update the live activity after it starts? It seems to me that if a live activity can be started via push even when the app is fully terminated, and live activities are meant to reflect active information, then the mechanism to update it via a new token should also be able to work when the app is terminated. Both sequences are subscribed to within the AppDelegate upon initial app launch. This is what my code looks like at the moment: func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?) -> Bool { Task { for await newToken in Activity<WidgetAttributes>.pushToStartTokenUpdates { let tokenString = newToken.map{ String(format: "%02x", $0) }.joined() // send to server } } Task { for await activity in Activity<WidgetAttributes>.activityUpdates { Task { for await token in activity.pushTokenUpdates { let tokenString = token.map { String(format: "%02x", $0) }.joined() // send to server } } } } } } Thanks in advance for any insights!

Our application currently supports Live Activities. We’re working on adding a new Widget and are weighing some architectural decisions regarding whether we should add it to the same extension target that our Live Activity lives in or create a new extension that would expose it and other widgets we plan to create in the future. In the Add Support for Live Activities documentation, it suggests adding Live Activity code to the existing widget extension to facilitate code reuse. Beyond code sharing, we’re trying to determine if there are downsides to isolating new Widget(s) into their own extension. Specifically, we are concerned about process isolation and how a failure/crash in one might impact the other. Assuming they did live in the same extension, we’re hoping to better understand some of the finer details as presented by the following questions: If a Widget (e.g., via the TimelineProvider) causes the extension process to crash, what is the guaranteed behavior for a currently running Live Activity? Is the relaunch and restoration of a Live Activity after an extension crash guaranteed, or is it best-effort? Is there a distinction in crash isolation between a TimelineProvider failure and a View rendering crash? Are there any known scenarios where a Widget crash could cause a Live Activity to be permanently dropped? Does keeping them in the same extension affect the memory budget, or does each 'instance' receive its own allocation? In short: we're looking to ensure that an issue with a Widget doesn't inadvertently affect a Live Activity (or vice-versa) when they live in the same WidgetsBundle within the same extension and are seeking guidance on whether it makes sense to keep them together or continue down the path of separate extensions in the interest of process safety. Any pointers to other documentation or known behavior would be greatly appreciated!

Hi everyone, I’m facing a very specific issue with our business location on Apple Maps. In the Apple Business Connect dashboard, our name is correctly set as "ANLOG Lojistik". It also appears correctly within the Apple Maps app itself. However, when we share the location via WhatsApp or iMessage, the "Preview Card" (Metadata) displays the name as "Anlog LojİStİK". It seems like a character rendering bug (specifically with Turkish character case sensitivity). Even standard characters like 'S' and 'K' are being forced into uppercase randomly. When you click the link, it opens correctly in Apple Maps, but the preview remains broken. Apple Support says "it's a 3rd party app issue," but this happens because the LPMetadataProvider fetches this specific data from Apple servers. Has anyone experienced a metadata sync/cache issue like this before? How can we force Apple to refresh the "Place Card" preview data?

Hi, I’m looking for clarification on Apple Pay merchant domain verification behavior. Our production domain’s verification expiry was extended without any action from our team. Previous expiry: May 21, 2026 Current expiry: October 6, 2026 The Verify button is greyed out, and we can’t download a new .txt file. We did not re‑verify the domain during this time. A few weeks prior, we did renew our Apple Pay Merchant Identity certificate for Apple Pay on the web. Could someone clarify: Does updating the Merchant Identity certificate trigger automatic domain revalidation or expiry extension? If so, why was the extension only 4 months? Does Apple automatically revalidate or extend merchant domain verification? Is this expected behavior, or should domains always be manually re‑verified?

I have Family Controls (Distribution) and (Development) on my main app. The shield overlay, shield actions, and ManagedSettingsStore all work correctly. My app concept: the user selects a specific time (e.g. 7:00 AM) at which their selected apps (Instagram, TikTok, Snapchat, etc.) should be blocked until they complete an action. The blocking should happen everyday automatically at the chosen time without the user needing to open my app. What actually happens: at 7:00 AM nothing happens. The selected apps remain accessible. The blocking only activates when the user manually opens my app and then closes it. Has anyone found a reliable way to make intervalDidStart fire every day at the scheduled time in the background? Is there a known workaround? I have seen similar reports from other developers but no confirmed solution. Any guidance from Apple engineers would be greatly appreciated.

We are integrating the App Intents framework into our iOS app to enable Siri functionality, including intents that display user data (e.g., showing upcoming schedule information) and intents that perform actions on behalf of users (e.g., submitting a time-off request). Our Legal team has asked us to provide any developer-specific integration terms or agreements that govern the engineering use of Siri and the App Intents framework — separate from the user-facing Siri, Dictation & Privacy terms. So far, the only reference we've found to App Intents or Siri in Apple's developer agreements is Section J of the Apple Developer Program License Agreement. We've also reviewed the App Store Review Guidelines, the Privacy HIG, and the Siri HIG. As a point of comparison, Apple Maps has its own specific set of developer integration terms (MapKit / Apple Maps Server API terms). Does anything equivalent exist for Siri and/or the App Intents framework? If Section J of the License Agreement and the relevant HIG sections are the complete set of terms governing developer use of App Intents and Siri, confirmation of that would also be very helpful. Thank you.

Feedback ID: FB22759977 After clicking add to apple wallet in our app, I launch the PKAddPaymentPassViewController and click next. It loads for a few seconds and then I get: [] ProvisioningOperationComposer: Step '' failed with error Error Domain=PKProvisioningErrorDomain Code=5 UserInfo={PKErrorHTTPResponseStatusCodeKey=500}

Hello, I'm evaluating possibility to use virtualization to setup on-permise parallel testing system for a product I work on. My compatibility range is wide, i.e. it would cover macOS 12 - 26, so any testcase needs to be executed on at least 5 different OS versions (and introducing any parallization to the test execution would mean I deal with higher number of VMs). As far as I understand, there is a constraint in Apple Software License, that limits number of OS VM installations per one physical system to 2 (section 2.B.(iii)) in case of OS downloaded from the Internet or through App Store. Clearly these days a single high-end Mac hardware could sustain more than 2 VMs running in parallel. The license also mentions it is also possible to be in a volume or maintenance license program and then the terms of this program apply instead. So I wonder how do people normally deal with the above limitation? What is the path I need to follow if I want to be able to run more than "2 additional copies or instances of" macOS on my VMs?

Hi, We are able to successfully perform in-app provisioning and add cards to the native wallet. However, we are unable to retrieve the existing card status from the wallet. Even when the card is already added to the device or Apple Watch, the status is always returning as false for both. Could you please let us know if there are any additional configurations, entitlements, or issuer onboarding steps required to retrieve the existing card status from Apple Wallet?

Hello everyone, I am currently working on an iPadOS application that requires communicating with a custom hardware board based on the Raspberry Pi RP2040 microcontroller via USB. My initial thought was to use the standard CDC-ACM (virtual serial port) profile on the RP2040. However, my understanding is that iPadOS's built-in system drivers will automatically claim any standard CDC-ACM interfaces, preempting my custom USBDriverKit driver from matching and taking control of the device. Is my assumption correct that iPadOS will strictly preempt a standard CDC-ACM device, making a custom DriverKit implementation impossible for that specific class?

I'm trying to update the iCloud data handling in our app, and I'm running into an issue with a particular file on one particular device. This file never downloads & I haven't been able to pinpoint what's off about it. Right now we just have 2 iCloud accounts & a handful of devices, so I haven't been able to narrow it down yet, but in most cases, all the cloud files download as expected. However, whether or not the file eventually downloads, the NSURLUbiquitousItemDownloadRequestedKey key seems to be completely useless. For the following code: NSError *error = nil; BOOL success = [[NSFileManager defaultManager] startDownloadingUbiquitousItemAtURL:self.fileURL error:&error]; if (!success) { NSLog(@"error downloading %@ : %@", self.fileURL, error); } else { NSDictionary *resourceValues = [self.fileURL resourceValuesForKeys:@[NSURLUbiquitousItemDownloadRequestedKey, NSURLUbiquitousItemIsDownloadingKey, NSURLUbiquitousItemDownloadingErrorKey, NSURLUbiquitousItemDownloadingStatusKey] error:&error]; if (!error) { NSString *downloadStatus = resourceValues[NSURLUbiquitousItemDownloadingStatusKey]; bool downloadRequested = [resourceValues[NSURLUbiquitousItemDownloadRequestedKey] boolValue]; NSLog(@"download requested: %d", downloadRequested); } // ... } downloadRequested is always false, regardless of whether or not the cloud file eventually downloads. I have 2 questions: is there a way to actually check if a download has been requested for a file? what could be preventing this file from downloading? -startDownloadingUbiquitousItemAtURL:error: doesn't report an error, NSURLUbiquitousItemDownloadingErrorKey is always nil, and no error is reported in the NSMetadataQuery observer.

Hello, I submitted a request for Family Controls (Distribution) approval, and it has now been over 12 days without any update on the status. I understand that review times can vary, but I wanted to check if this delay is expected or if there’s anything I might need to do on my end to help move the process forward. Could anyone from the Apple team or the community provide insight into: Typical processing times for Family Controls distribution requests Whether delays beyond a few days are common Any steps I should take to follow up or expedite the review For reference: Status: Submitted Submission time: April 29, 2026 Any guidance would be greatly appreciated. Thank you!

Hello Everyone, Like probably several other Enterprise customers and more, we have been bitten by a bug with regards to VPN and Endpoint Security and the new M5 / M5 Pro SoCs shipping in the latest MacBook devices. I have raised the following feedback IDFB22753954 (which itself references an internal issue I believe, if we need to mark it as a dupe: 172793638 ). The technical sequence leading to the crash is as follows I believe: The macOS system process neagent successfully initializes the GlobalProtect network extension. The GP Network extension transitions from an 'inactive' state to a 'running' state. As network traffic begins flowing through the extension, a critical flaw in the macOS kernel's memory allocation (specifically related to the Apple Network Extension framework) is triggered. This memory management failure at the kernel level results in a kernel panic at an unpredictable point during packet processing. Because this is a core operating system vulnerability, any third-party application or security solution that leverages Apple's Network Extension framework is susceptible to these crashes. This has been confirmed across multiple vendors within the cybersecurity industry from what I understand. Crashes_M5Pro_1.txt Thank you in advance for your help! Kind Regards, Goffredo

Hey! App is approved for Advanced Commerce API and have generic product id (Consumable) for digital items purchasing. Uncertain on ho to test flow of pending purchase changing it's status to failed. As by docs BE side handling creating jws for purchase (also creates order to keep track of which items user bought) app with signed jws initiate purchase via product.purchase (send data for advancedCommercialData in options). If product purchase returns status .pending (still no transaction created) I notify BE that for that item (using item SKU) user has pending status for purchase, so that when user attempts to buy this exact item we do not create order duplicate. So the first question - do we need to check if user already made an attempt to buy this item and if item purchasing is pending decline another attempt of buying it? If user sends several requests to buy item under similar SKU for advanced commerce api do all of them will be charged or only one (does apple check SKU value when making a purchase of consumable product via advanced commerce api)? Another question is how to test purchase returns pending status for consumable item via advanced commerce api and then for that item (by SKU) changes status from pending to success? How to know (and eventually) test that after purchase of item via advanced commerce api firstly returns .pending status and then changes to .failure? I want to prevent users from trying to create order duplicates for single item, so when product purchase returns pending status I sent to BE id of item and order for this item on BE side will be marked as pending. So if user tries to buy this exact item once more and status of order on BE still .pending no new purchase will be initiated. So I need to know when purchase changes it's status to failed and then delete pending order on BE side, so that user will have an ability to initiate purchase for this item once more. How to tell whether .pending status for item changes to failed, will I be able in case of failed gather SKU that I previously passed in advancedCommercialData)?

Hi everyone, I'm developing an iOS app using Swift (Foundation, Network, and Combine) that communicates via TCP with a weighing scale. The scale uses an internal ESP32 module acting as a Wi-Fi Access Point (no internet access) specifically for data transmission. The app connects to this network and opens a socket to receive weight data and send command strings. I’m currently facing two main issues: Socket Management: The socket isn't closing properly. Occasionally, the app opens multiple simultaneous connections instead of maintaining a single one. Since the ESP32 has a client limit, these ghost connections eventually hang the communication module. Invalid Outbound Data: The connection drops frequently because the scale receives invalid strings from the app. My logs show strange character sequences (like "gggggggggfdhj" or "vfgdddddddddddtty") being sent involuntarily. I haven't programmed these strings, and they cause the scale to terminate the session due to protocol violations. How can I ensure proper socket closure and prevent these random data packets? Additionally, a technical question: Is it possible to keep this TCP connection active in the background indefinitely on iOS while the user interacts with other apps?

I'm hitting a kernel-side rejection on IOServiceOpen from a host app against my DEXT's IOUserService, before any code in my DEXT's NewUserClient runs. DEXT activation and USB matching succeed; only the user-client connection fails. What works DEXT activates and shows as [activated enabled] in systemextensionsctl list. DEXT matches IOUSBHostInterface for the target device and Start() runs to completion. Inside Start(), CopyInterface() returns successfully and CopyPipe() for the expected endpoints all succeed. Host app receives the matching notification for the DEXT's IOUserService and calls IOServiceOpen(service, mach_task_self(), 0, &connect). What fails IOServiceOpen returns kIOReturnError (0xE00002BC). My DEXT's NewUserClient override is never reached — verified by the absence of any breadcrumb log and by stepping through under lldb (no entry on the DEXT side). This reproduces both with: The original com.apple.developer.driverkit.userclient-access entitlement listing the host bundle ID. The dev fallback com.apple.developer.driverkit.allow-any-userclient-access = true on host + DEXT. (Background: the App ID portal has the bundle-ID list for userclient-access stored as a single newline-joined string instead of separate array entries — see Support Thread 822652 — so I've been using allow-any-userclient-access = true for now. The IOServiceOpen failure persists either way.) Diagnostics I can't get I'd like to confirm the kernel-side rejection reason, but DEXT os_log output is suppressed in Console and: sudo log config --process <dext-pid> --mode "level:debug" log: Unable to set mode for pid <dext-pid> I've tried by PID and by subsystem; both refuse. SIP is in its default state. Any pointer to the correct invocation (or a Configuration Profile to enable DriverKit verbose logging) would unblock me. Environment macOS 26.3.1 (build 25D2128) Xcode 26.3 (build 17C529) Host app: AppKit, sandboxed, Mac App Store distribution DEXT: matches IOUSBHostInterface on idVendor: 0x1452 (DNP) and (pending capability approval) 0x1343 (Citizen) Entitlements on host: com.apple.developer.driverkit, com.apple.developer.driverkit.userclient-access (or allow-any-userclient-access = true for dev) Entitlements on DEXT: com.apple.developer.driverkit, com.apple.developer.driverkit.transport.usb, com.apple.developer.driverkit.allow-any-userclient-access for dev Questions Is IOServiceOpen → kIOReturnError before NewUserClient always an entitlement/sandbox check failure, or are there other kernel-side reasons (matching score, IOService class hierarchy mismatch) that produce the same generic code? What's the correct way to enable DEXT os_log capture so I can see the rejection reason? Is there a known interaction between a malformed userclient-access array on the App ID (Forums Thread 822652) and the kernel's user-client authorization path that would persist even after switching to allow-any-userclient-access = true? Sample profiles, codesign output, and the exact matching dictionary available on request. Thanks.

Hi, I’m seeing WeatherKit fail on device with a JWT permission error even though the app appears to be signed correctly with the WeatherKit entitlement. Error: Failed to generate jwt token for: com.apple.weatherkit.authservice Error Domain=WeatherDaemon.WDSJWTAuthenticatorServiceListener.Errors Code=2 "(null)" Setup verified: iOS physical device, tested after clean install/reboot Tested on more than one physical device Bundle ID: com.elilindenDinematch.Al-Outfits Team ID: FYGW4LHN42 App ID has WeatherKit capability enabled Fresh provisioning profile includes: application-identifier = FYGW4LHN42.com.elilindenDinematch.Al-Outfits com.apple.developer.team-identifier = FYGW4LHN42 com.apple.developer.weatherkit = true Signed app binary entitlements also include com.apple.developer.weatherkit = true codesign -dv confirms TeamIdentifier=FYGW4LHN42 Cleared DerivedData and regenerated/reinstalled with a fresh profile Toggled WeatherKit capability off/on in Developer portal and regenerated profile The failure occurs when calling: let weather = try await WeatherKit.WeatherService.shared.weather(for: location) The request takes a few seconds before failing, which makes it seem like the WeatherKit daemon is reaching Apple’s auth service but being rejected during JWT generation. Has anyone seen WeatherKit entitlement propagation get stuck server-side for a specific Team ID + Bundle ID? Is there anything else I can verify locally, or does this require Apple to inspect the WeatherKit auth service registration for this App ID?

My first auto-renewable subscriptions have been stuck in “In Review” for almost two weeks. Apple’s notice says the first subscription must be submitted with a new app version and selected from the “In-App Purchases and Subscriptions” section on the version page. However, my version page does not show that section, even after creating a new version in Prepare for Submission. The only place I can see the subscriptions is from the Subscriptions side tab. The app itself has already been approved, but StoreKit does not return the products in production, so my paywall cannot sell subscriptions. Has anyone found a working fix for this, or does Apple need to manually reset/review the subscription state?