I'm working on enabling a content filter in my iOS app using NEFilterManager and NEFilterProviderConfiguration. The setup works perfectly in debug builds when running via Xcode, but fails on TestFlight builds with the following error: **Failed to save filter settings: permission denied ** **Here is my current implementation: ** (void)startContentFilter { NSUserDefaults *userDefaults = [NSUserDefaults standardUserDefaults]; [userDefaults synchronize]; [[NEFilterManager sharedManager] loadFromPreferencesWithCompletionHandler:^(NSError * _Nullable error) { dispatch_async(dispatch_get_main_queue(), ^{ if (error) { NSLog(@"Failed to load filter: %@", error.localizedDescription); [self showAlertWithTitle:@"Error" message:[NSString stringWithFormat:@"Failed to load content filter: %@", error.localizedDescription]]; return; } NEFilterProviderConfiguration *filterConfig = [[NEFilterProviderConfiguration alloc] init]; filterConfig.filterSockets = YES; filterConfig.filterBrowsers = YES; NEFilterManager *manager = [NEFilterManager sharedManager]; manager.providerConfiguration = filterConfig; manager.enabled = YES; [manager saveToPreferencesWithCompletionHandler:^(NSError * _Nullable error) { dispatch_async(dispatch_get_main_queue(), ^{ if (error) { NSLog(@"Failed to save filter settings: %@", error.localizedDescription); [self showAlertWithTitle:@"Error" message:[NSString stringWithFormat:@"Failed to save filter settings: %@", error.localizedDescription]]; } else { NSLog(@"Content filter enabled successfully!"); [self showAlertWithTitle:@"Success" message:@"Content filter enabled successfully!"]; } }); }]; }); }]; } **What I've tried: ** Ensured the com.apple.developer.networking.networkextension entitlement is set in both the app and system extension. The Network extension target includes content-filter-provider. Tested only on physical devices. App works in development build, but not from TestFlight. **My questions: ** Why does saveToPreferencesWithCompletionHandler fail with “permission denied” on TestFlight? Are there special entitlements required for using NEFilterManager in production/TestFlight builds? Is MDM (Mobile Device Management) required to deploy apps using content filters? Has anyone successfully implemented NEFilterProviderConfiguration in production, and if so, how?

I'm encountering what appears to be a specific precedence behavior with ManagedSettingsStore.shield and would appreciate some further clarification. My current understanding is that category-level shields take precedence over individual app allowances. My test involved... Using FamilyActivityPicker to select a single target application (e.g., "Calculator," which falls under the "Utilities" category). Using FamilyActivityPicker again to select the category of that target application. I applied shields using ManagedSettingsStore (named .individual): store.shield.applicationCategories = .specific(Set([utilitiesCategoryToken])) store.shield.applications = Set([calculatorApplicationToken]) Result: The calculator app remains shielded, suggesting that the category-level shield on Utilities overrides the attempt to allow the individual app. I also tried this using a single picker, but received only the category token instead of all application tokens in that category. Is this observed precedence (where store.shield.applicationCategories effectively overrides store.shield.applications for apps within the shielded category) the intended behavior? If so, are there any mechanisms available within the main app's capabilities (potentially using a Device Activity Report Extension or Shield Extension) to allow a specific ApplicationToken if its corresponding ActivityCategoryToken is part of the store.shield.applicationCategories set? Essentially, can store.shield.applications be used to create "allow exceptions" for individual apps that fall into an otherwise shielded category? Additionally, I mentioned that selecting an entire category in the picker only returns the opaque category token, not any application tokens. Is there any way in which I could return both the category and all application tokens by just selecting the category? Any insights or pointers would be greatly appreciated!

Goal : Block all outbound connections to a static list of hosts (both In-app requests and WKWebView/Safari). App & both extensions have Network Extension entitlement with content-filter-provider and filter-control-provider What’s working: Safari and WKWebView requests matching the block list are dropped. What’s broken: In-app traffic never reaches the Data Provider—those requests always succeed. Setup: • NEFilterProviderConfiguration with both Data & Control providers, filterBrowsers = true, filterSockets = true • Data Provider implements handleNewFlow for socket/browser flows • Control Provider implements handleNewFlow for browser flows • Enabled via saveToPreferences() and toggled ON in Settings

I am using the public url https://api.storekit-sandbox.itunes.apple.com/inApps/v1/notifications/jwsPublicKeys to get the jwks keys to verify the signed payload for store kit payments. I am checking Apple server notifications. const APPLE_JWKS_URL = "https://api.storekit-sandbox.itunes.apple.com/inApps/v1/notifications/jwsPublicKeys" // Apple JWK set (cached by jose) const appleJWKS = createRemoteJWKSet(new URL(APPLE_JWKS_URL)); const jwks = await appleJWKS(); logger.debug("Apple JWKS Keys: %O", jwks); // Log the keys if (!signedPayload) { // return res.status(400).json({ error: "Missing signedPayload" }); } // Step 1: Verify JWS (signature + payload) using Apple's JWKS const { payload, protectedHeader } = await jwtVerify( signedPayload, appleJWKS, { algorithms: ["ES256"], // Apple uses ES256 for signing } );

I've searched around the internet and could not find a clear answer. I have a swift command line tool that needs to run automatically when the Mac mini M4 is started up without a user login and continue running forever. However, the command line tool and the data it uses are located on an external disk due to the size of the data. The service specified by a launchd plist located in /Library/LaunchDaemons tries to start up but fails because it cannot immediately find the command line tool. Which is because the external disk is not mounted when launchd tries to start the service when the Mac is booting. The service runs fine when bootstrapped after the disk is mounted. The first error is "No such file or directory, error 0x6f - Invalid or missing Program/ProgramArguments" and the service is put in the "penalty box". Is there any way for the service to get out of the "penalty box"? What is the best approach to make the launchd service wait for a specific external disk to mount? Some options for waiting seem to be: Use "WatchPaths" in the launchd plist, but the man page says this is unreliable. This makes one wonder what is the purpose of this option? Use "StartOnMount in the launchd plist", but this will run the command line tool every time any disk is mounted. This is not desired. Of course, I could move the command line tool to the startup disk, but then the tool would fail because the data is not available. This could be remedied by modifying the command line tool to wait for the external disk, but it would be polling, which seems inefficient. I could also add a delay, but that seems error prone because there is no assurance that the delay is long enough. When looking at the system plists, there seem to be a lot of options that are not directly mentioned in the man page for launchd.plist and have little to no documentation that I could find. Maybe there is something I am missing here? In the end, I would just like to make sure the launchd service waits for the specific disk to be available before starting the service. Any ideas how best to do that?

Say I want to sync a toggle in my app with SMAppService's .status property. If the status changes from my app I can track it. But if user toggles it from System Settings, I don't see a notification so then the UI in my app is out of date. The status property is not key value observable and there doesn't appear to be a SMAppServiceStatusDidChangeNotification ? I can re-read it every time my app will become active but feels kind of wrong to do it this way.

I'm not sure if I have found a bug with iOS or if it's just unexpected behavior with my implementation. I have a gomobile library that sets up a local http server. It needs to be able to write to temporary storage. If I use the shared library from my main apps process it can write to the file manager.default temporary storage. while Xcode is running a debug session I can use that same process from my file provider replicated extension and it works fine. However I realized running my file provider extension where it starts the gomobile shared library directly instead of first from my app the library fails to write anything to the file provider manager default temporary storage or the file provider manager for my file provider domain temporary storage or even the app group library. it is odd, because I have a swift URL extension that confirms the temporary storage can be written to from swift. I have monitored console logs for fileproviderd, my file extension and have tried writing data to a log file. nothing seems to catch exactly what causes the file provider extension to crash and restart. I also cannot keep the shared gomobile server running in the background on iOS even if I were to force the user to "authenticate" with the main app first. Im pretty sure the file provider extension needs to run the gomobile library for it to work right. I'm wondering if something may be wrong with the iOS sandbox that could be preventing the file provider extension to let a c based gomobile shared library from accessing the temporary storage. Any guidance for further things to try would be greatly appreciated. I have tried every avenue I can think of. I cannot run just the appex itself on either my m4 pro MacBook or my iPhone so attaching the debugger has been tricky and I don't see much in the way of useful logs in console app either just a swarm of noise. Im fairly confident it's an issue to writing to temporary storage from the gomobile c library and not much else. App was working great on macOS designed for iPad which just seemed rather ironic that an iOS code base runs better on macOS than it was able to on my iPhone 16 pro max. Like im all for the sandbox I just wish it didn't treat c level gomobile libraries different than it treats the swift code itself.

アプリ内課金を実装しようとしていますが、サーバサイドのセキュリティに関してについて質問です。 StoreKit２を使えばアプリとApp Store Connect間のレシート検証は不要だが、 購入情報をサーバーで管理する場合は アプリからサーバーに購入情報を渡す際にレシート検証する必要があると考えるがその認識であっているか教えていただきたいです。

I wonder how one would use IOBluetoothHandsFree APIs to interact from macOS app with a bluetooth device that implements bluetooth hands free profile. My current observation is as follows: IOBluetoothDevice object representing the device correctly identifies it as a hands free device, i.e.: there is a proper record in services array, that matches the kBluetoothSDPUUID16ServiceClassHandsFree uuid, the IOBluetoothDevice handsFreeDevice property returns 1 Attempt to create IOBluetoothHandsFreeDevice using IOBluetoothDevice as described above (i.e. [[IOBluetoothHandsFreeDevice alloc] initWithDevice: myIOBluetoothDeviceThatHasHandsFreeDevicePropertySetTo1 delegate: self]) results in the following output in debugger console: SRS-XB20 is not a hands free device but trying anyways. Subsequent call to connect on an object constructed as above results in the following stream of messages: API MISUSE: <CBClassicPeer: 0x1442447b0 6D801974-5457-9ECE-0A9B-8343EC4F60AA, SRS-XB20, connected, Paired, b8:d5:0b:03:62:70, devType: 19, PID: 0x1582, VID: 0x0039> Invalid RFCOMM CID -[IOBluetoothRFCOMMChannel setupRFCOMMChannelForDevice] No channel <IOBluetoothRFCOMMChannel: 0x600003e5de00 SRS-XB20, b8-d5-0b-03-62-70, CID: 0, UUID: 110F > AddInstanceForFactory: No factory registered for id <CFUUID 0x600000b5e3e0> F8BB1C28-BAE8-11D6-9C31-00039315CD46 -[IOBluetoothRFCOMMChannel setupRFCOMMChannelForDevice] No channel <IOBluetoothRFCOMMChannel: 0x600003e5de00 SRS-XB20, b8-d5-0b-03-62-70, CID: 0, UUID: 110F > API MISUSE: <CBClassicPeer: 0x1442447b0 6D801974-5457-9ECE-0A9B-8343EC4F60AA, SRS-XB20, connected, Paired, b8:d5:0b:03:62:70, devType: 19, PID: 0x1582, VID: 0x0039> Invalid RFCOMM CID Note that this device's handsFreeServiceRecord looks as follows: ServiceName: Hands-free unit RFCOMM ChannelID: 1 Attributes: { 0 = "uint32(65539)"; 256 = "string(Hands-free unit)"; 9 = "{ { uuid32(00 00 11 1e), uint32(262) } }"; 785 = "uint32(63)"; 1 = "uuid32(00 00 11 1e)"; 6 = "{ uint32(25966), uint32(106), uint32(256) }"; 4 = "{ { uuid32(00 00 01 00) }, { uuid32(00 00 00 03), uint32(1) } }"; } and explicit attempt to open RFCOMM channel no 1 ends like this: WARNING: Unknown error: 911 Failed to open RFCOMM channel -[IOBluetoothRFCOMMChannel setupRFCOMMChannelForDevice] No channel <IOBluetoothRFCOMMChannel: 0x6000002036c0 SRS-XB20, b8-d5-0b-03-62-70, CID: 1, UUID: 111E > AddInstanceForFactory: No factory registered for id <CFUUID 0x600003719260> F8BB1C28-BAE8-11D6-9C31-00039315CD46 -[IOBluetoothRFCOMMChannel waitforChanneOpen] CID:1 - timed out waiting to open -[IOBluetoothDevice openRFCOMMChannelSync:withChannelID:delegate:] CID:1 error -536870212 call returned: -536870212

Dear Apple Developer Support, Our iOS application offers subscriptions with a free trial period. We understand that in South Korea, due to local subscription regulations, users must explicitly provide consent for recurring payments before the subscription converts from a free trial to a paid period. We have the following questions regarding how StoreKit handles this scenario: When a free trial is about to convert to a paid subscription for a user in South Korea, does StoreKit send a StoreKit.Message (or SKStorefront.Message) to the application to obtain the required consent for recurring payments? If such a message is sent, would the Reason for this message be StoreKit.Message.Reason.priceIncreaseConsent, or would it be another specific reason related to initial recurring payment consent after a trial? If our application receives such a message and we choose to defer its display, what is the maximum recommended or permissible deferral period? Is it possible to save the data of a received StoreKit.Message and display it to the user at a later time, for instance, after the application has been closed and subsequently reopened? Are there any best practices or limitations regarding this? We need this information to ensure our application correctly handles these consent requirements in compliance with South Korean policies and provides a smooth user experience. Thank you for your guidance.

In the FileProvider framework, most of the functions (such as fetchPartialContentsForItemWithIdentifier, fetchContentsForItemWithIdentifier etc.) are expected to return an NSProgress object. In a case where an error is encountered before the function returns the NSProgress object, is it allowed to invoke the completionHandler with an error prior to returning the NSProgress object to the File Provider framework?

I am creating an application that needs to connect to an Iot device, so i want to make a wifi hotspot with a custom SSID and password and WPA3. Could you please provide an example code in Objective-C to get started?

Hello Devs, I'm encountering a persistent INTERNAL_ERROR (HTTP 500) when making Server-to-Server API calls to CloudKit, specifically when trying to hit the /users/current endpoint, even after meticulously verifying all client-side components. I'm hoping someone might have insight into what could cause this. Context: Goal: Authenticate to CloudKit from a Vercel Serverless Function (Node.js) to perform operations like record queries. Problem Endpoint: POST https://api.apple-cloudkit.com/database/1/iCloud.com.dannybaseball.Danny-Baseball/production/public/users/current Key Generation Method: Using the CloudKit Dashboard's "Tokens &amp; Keys" -&gt; "New Server-to-Server Key" flow, where I generate the private key using openssl ecparam -name prime256v1 -genkey -noout -out mykey.pem, then extract the public key using openssl ec -in mykey.pem -pubout, and paste the public key material (between BEGIN/END markers) into the dashboard. The private key was then converted to PKCS#8 format using openssl pkcs8 -topk8 -nocrypt -in mykey.pem -out mykey_pkcs8.pem. Current Setup Being Tested (in a Vercel Node.js function): CLOUDKIT_CONTAINER: iCloud.com.dannybaseball.Danny-Baseball CLOUDKIT_KEY_ID: 9368dddf141ce9bc0da743b9f69bc3eda132b9bb3e62a4167e428d4f320b656e (This is the Key ID generated from the CloudKit Dashboard for the public key I provided). CLOUDKIT_P8_KEY (Environment Variable): Contains the base64 encoded string of the entire content of my PKCS#8 formatted private key file. Key Processing in Code: const p8Base64 = process.env.CLOUDKIT_P8_KEY; const privateKeyPEM = Buffer.from(p8Base64, 'base64').toString('utf8'); // This privateKeyPEM string starts with "-----BEGIN PRIVATE KEY-----" and ends with "-----END PRIVATE KEY-----" const privateKey = crypto.createPrivateKey({ key: privateKeyPEM, format: 'pem' }); // This line SUCCEEDS without DECODER errors in my Vercel function logs. Use code with caution. JavaScript Request Body for /users/current: "{}" Signing String (message = Date:BodyHash:Path): Date: Correct ISO8601 format (e.g., "2025-05-21T19:38:11.886Z") BodyHash: Correct SHA256 hash of "{}", then Base64 encoded (e.g., "RBNvo1WzZ4oRRq0W9+hknpT7T8If536DEMBg9hyq/4o=") Path: Exactly /database/1/iCloud.com.dannybaseball.Danny-Baseball/production/public/users/current Headers: X-Apple-CloudKit-Request-KeyID: Set to the correct Key ID. X-Apple-CloudKit-Request-ISO8601Date: Set to the date used in the signature. X-Apple-CloudKit-Request-SignatureV1: Set to the generated signature. X-Apple-CloudKit-Environment: "production" Content-Type: "application/json" Observed Behavior &amp; Logs: The Node.js crypto.createPrivateKey call successfully parses the decoded PEM key in my Vercel function. The request is sent to CloudKit. CloudKit responds with HTTP 500 and the following JSON body (UUID varies per request): { "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "serverErrorCode": "INTERNAL_ERROR" } Use code with caution. Json This happens consistently. Previously, with other key pairs or different P8 processing attempts, I was getting AUTHENTICATION_FAILED (401) or local DECODER errors. Now that the key parsing is successful on my end with this current key pair and setup, I'm hitting this INTERNAL_ERROR. Troubleshooting Done: Verified Key ID (9368dddf...) is correct and corresponds to the key generated via CloudKit Dashboard. Verified Container ID (iCloud.com.dannybaseball.Danny-Baseball) is correct. Successfully parsed the private key from the environment variable (after base64 decoding) within the Vercel function. Meticulously checked the signing string components (Date, BodyHash, Path) against Apple's documentation. Path format is /database/1////. Ensured all required headers are present with correct values. Local Node.js tests (bypassing Vercel but using the same key data and signing logic) also result in this INTERNAL_ERROR. Question: What could cause CloudKit to return an INTERNAL_ERROR (500) for a /users/current request when the client-side key parsing is successful and all request components (path, body hash for signature, date, headers) appear to conform exactly to the Server-to-Server Web Services Reference? Are there any known subtle issues with EC keys generated via openssl ecparam (and then converted to PKCS#8) that might lead to this, even if crypto.createPrivateKey parses them in Node.js? Could there be an issue with my specific Key ID or container that would manifest this way, requiring Apple intervention? Any insights or suggestions would be greatly appreciated. I can provide more detailed logs of the request components if needed. Thank you!

Hello, We are experiencing some issues with our USB accessory unexpectedly charging the iOS device it is connected with only when the iOS device supports USB-C and is on iOS 18+ The following is a description of the discrepancy we note between iOS versions: After performing a USB Role switch, our Accessory becomes a typical USB Device and the Apple device becomes the USB host. with iOS 17: 
 The Accessory then sends a PowerSourceUpdate message to the iOS 17 device via iAP2 protocol. Apple device has a USB Type C Connector. * We are specifying: AvailableCurrentForDevice = 0 mA  DeviceBatteryShouldChargeIfPowerIsPresent = 1. Three observations: iPad Battery Settings page -  we observe  'Last charged to…' (indicating no charging) On the Lumify App running (iOS 17), we observe that UIKit.current.batteryState indicated 'Not charging' Battery icon on top right of the screen indicates 'No Charging' with iOS 18: The same Accessory sends the same PowerSourceUpdate message to the iOS 18 device via iAP2 protocol using USB Type C Connector. We are specifying the same: AvailableCurrentForDevice = 0 mA DeviceBatteryShouldChargeIfPowerIsPresent = 1. We observe: iPad Battery Settings page -  we observe  'Charging'  On the Lumify App running (iOS 18), we observe that UIKit.current.batteryState indicated 'Charging' Battery icon on top right of the screen indicates 'No Charging' Please could you help us understand why the Battery status is showing as 'Charging' in the Settings page and with the 'UIKit.current.batteryState' even though we have specified 'AvailableCurrentForDevice = 0 mA'?
 Since our accessory is heavily reliant on the Battery status / Charging state, is there potentially another way we get an accurate battery charging status that we are missing? Or are there other suggestions outside of what we do currently to ensure our accessory does not place the iOS18 device into a charging state?

I am on MacOS 15.5 trying to access tmutil latestbackup in AppleScript: set latestBackup to do shell script "tmutil latestbackup" It works perfect when run from script editor, and script editor is in full disk access permission list. When I export to an app and run it it fails with: Error retrieving latest backup: tmutil: latestbackup requires Full Disk Access privileges. To allow this operation, select Full Disk Access in the Privacy tab of the Security & Privacy preference pane, and add Terminal to the list of applications which are allowed Full Disk Access. Error code: 80 Terminal is on list, as is name of the app. I have same issue running in safe mode. I have tried deleting and redefining full disk access entries, all to no avail. Apple tech support says its a developer issue, but code works in script editor. any ideas?

I tried using Pluginkit via terminal to determine if a File Provider Extension is enabled on Mac OS. Although I see the extension listed in the output of pluginkit -m, The status of + or - doesn't seem to change in this output when I disable or enable the FileProvider extension in System Settings. Is there a more reliable way to determine if the extension is enabled ?

Hi! I'm developing an application based on Chrome that needs to take regular screenshots of webpages. Under the hood (actually Chromium), it uses SCScreenshotManager to capture screenshots automatically (without user interaction). I've noticed that regularly using this API triggers a user notification saying: "Your Screen 'AppTest' has accessed your screen and system audio 3,594 times in the past 30 days. You can manage this in Settings." How can I prevent this notification from appearing? Are there any specific entitlements(Or configuration of SCScreenshotManager) that I can use? Thanks!

Hello all, I am interested in developing a small driver that would facilitate host-to-host communication via Thunderbolt 4/5. While I am aware of features such as Thunderbolt Bridge/Thunderbolt Networking, I find that for my application the overhead is too great. I am interested in sharing a simple, static memory buffer between the two hosts for IO and with some synchronisation primitives. The idea being that the communication is facilitated between different platforms. Would it be possible to develop a driver/service like this? Currently, going through the documentation, to use PCIDriverKit specifying a Vendor and Product Ids is required, so I doubt that this is a viable path. I know that Linux exposes the "XDomain" protocol to announce thunderbolt services (This is the same protocol that is used in macOS to discover Thunderbolt Networking peers). Is this functionality exposed to macOS driver developers?

Hello everyone, I’m working on an iOS app that uses the new DeviceActivity framework to monitor and report user screen‐time in an extension (DeviceActivityReportExtension). I need to persist my processed screen‐time data into a standalone SQLite database inside the extension, but I’m running into issues opening and writing to the database file. Here’s what I’ve tried so far: import UIKit import DeviceActivity import SQLite3 class DeviceActivityReportExtension: DeviceActivityReportExtension { private var db: OpaquePointer? override func didReceive(_ report: DeviceActivityReport) async { // 1. Construct path in app container: let containerURL = FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: "group.com.mycompany.myapp") let dbURL = containerURL?.appendingPathComponent("ScreenTimeReports.db") // 2. Open database: if sqlite3_open(dbURL?.path, &amp;db) != SQLITE_OK { print("❌ Unable to open database at \(dbURL?.path ?? "unknown path")") return } defer { sqlite3_close(db) } // 3. Create table if needed: let createSQL = """ CREATE TABLE IF NOT EXISTS reports ( id INTEGER PRIMARY KEY AUTOINCREMENT, date TEXT, totalScreenTime DOUBLE ); """ if sqlite3_exec(db, createSQL, nil, nil, nil) != SQLITE_OK { print("❌ Could not create table: \(String(cString: sqlite3_errmsg(db)))") return } // 4. Insert data: let insertSQL = "INSERT INTO reports (date, totalScreenTime) VALUES (?, ?);" var stmt: OpaquePointer? if sqlite3_prepare_v2(db, insertSQL, -1, &amp;stmt, nil) == SQLITE_OK { sqlite3_bind_text(stmt, 1, report.date.description, -1, nil) sqlite3_bind_double(stmt, 2, report.totalActivityDuration) if sqlite3_step(stmt) != SQLITE_DONE { print("❌ Insert failed: \(String(cString: sqlite3_errmsg(db)))") } } sqlite3_finalize(stmt) } } However: Path issues: The extension’s sandbox is separate from the app’s. I’m not sure if I can use the same App Group container, or if there’s a better location for an on‐extension database. Entitlements: I’ve added the App Group (group.com.mycompany.myapp) to both the main app and the extension, but the file never appears, and I still get “unable to open database” errors. My questions are: How do I correctly construct a file URL for an SQLite file in a DeviceActivityReportExtension? Is SQLite the recommended approach here, or is there a more “Apple-approved” pattern for writing data from a DeviceActivity extension? Any sample code snippets, pointers to relevant Apple documentation, or alternative approaches would be greatly appreciated!

I have an app which uses key-value storage and will not sync data past a certain size -- meaning that device "A" will send the data to the cloud but device "B" will never receive the updated data. Device "B" will receive the NSUbiquitousKeyValueStoreDidChangeExternallyNotification that the KVS changed but the data is empty. The data in in the KVS is comprised of 4 keys, each containing a value of NSData generated by NSKeyedArchiver. The NSData is comprised of property-list data types (e.g. numbers, strings, dates, etc.) I've verified that the KVS meets the limits of: A total of 1 MB per app, with a per-key limit of 1 MB A per-key value size limit of 1 MB, and a maximum of 1024 keys A maximum length for key strings is 64 bytes using UTF8 encoding Also, the app has never received an NSUbiquitousKeyValueStoreQuotaViolationChange notification. Of the 4 keys, 3 of them contain no more than 30 KB of data each. However, one of the keys can contain as much as 160 KB of data which will not sync to another device. Strangely, if I constrain the data to 100 KB it will work, however, that is not ideal as it is a fraction of the necessary data. I don't see any errors in the debug log either. Any suggestions on what to try next to get this working?