Hello, I'm from Microsoft team maintaining push notification api behind Teams platform. We are experiencing strange and short error spikes towards APNS that seem to mostly correlate worldwide. We checked the networking and push request code but could not find what could be causing this. These error spikes are all timeouts or connection resets (by remote host, ie. APNS servers) and seem to come and go randomly: Would it be possible to check this for outages or some other metrics on your side or investigate why would it happen? Since it's worldwide it seems unlikely it's something broken on our side. We are using the standard APNS http2 endpoint with modern support for all RFC features (so everything should work normally). Mind you, our api might be in a unique position because of the volume of notifications (in the billions per day).

Hello! I have app (macos and iPadOS platforms) with empbedded DEXT. The DEXT executable runs fine on both platforms (ver 26.2). Trying to execute from iPad App code: let sysExtWs = OSSystemExtensionsWorkspace.shared let sysExts = try sysExtWs.systemExtensions(forApplicationWithBundleID: appBudleId) but always getting OSSystemExtensionError.Code.missingEntitlement error. Which entitlement am I missing? Thank You!

XPC is the preferred inter-process communication (IPC) mechanism on Apple platforms. XPC has three APIs: The high-level NSXPCConnection API, for Objective-C and Swift The low-level Swift API, introduced with macOS 14 The low-level C API, which, while callable from all languages, works best with C-based languages General: Forums subtopic: App & System Services > Processes & Concurrency Forums tag: XPC Creating XPC services documentation NSXPCConnection class documentation Low-level API documentation XPC has extensive man pages — For the low-level API, start with the xpc man page; this is the original source for the XPC C API documentation and still contains titbits that you can’t find elsewhere. Also read the xpcservice.plist man page, which documents the property list format used by XPC services. Daemons and Services Programming Guide archived documentation WWDC 2012 Session 241 Cocoa Interprocess Communication with XPC — This is no longer available from the Apple Developer website )-: Technote 2083 Daemons and Agents — It hasn’t been updated in… well… decades, but it’s still remarkably relevant. TN3113 Testing and Debugging XPC Code With an Anonymous Listener technote XPC and App-to-App Communication forums post Validating Signature Of XPC Process forums post This forums post summarises the options for bidirectional communication This forums post explains the meaning of the privileged flag XPC is mostly used on macOS but there are a few places where it comes into play on iOS: File Provider extensions can export an XPC service to arbitrary apps. For more about the File Provider side of this, see the NSFileProviderServiceSource protocol. For more about the client side, see the NSFileProviderService class. An app can move part of its code into a helper extension and talk to it using XPC. See Creating enhanced security helper extensions. Alternative browser engines can do a similar thing. See BrowserEngineKit for more about this. Apps with embedded extensions can use XPC via ExtensionFoundation. (Note that on iOS, but not macOS, an app can only use extensions embedded within the app itself.) Related tags include: Inter-process communication, for other IPC mechanisms Service Management, for installing and uninstalling Service Management login items, launchd agents, and launchd daemons Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

Dear Sir/Madam, Thank you for your support. I have reviewed the documentation for Local Push Connectivity (see URL below) and, following the instruction in the "Important" section to "Request this entitlement from the Entitlement Request Page," I completed the application process for this Entitlement on March 11, 2026. [Local push connectivity] https://developer.apple.com/documentation/networkextension/local-push-connectivity?language=objc#Supporting-APNs-and-local-push-connectivity-in-one-app Subsequently, on March 13, 2026, I received the following reply from Apple: Sub : Re: Requesting Network Extension App Push Entitlement From: Local Push Review Sent: Friday, March 13, 2026 4:09 AM Hi, Thank you for your interest in the Local Push Connectivity entitlement. Your entitlement request has been approved for: Team ID: NWKYYYYYYY Technical documentation on this API is available here: -(Omission) - Best Regards, Apple Developer Relations My understanding is that upon approval of this application, an "Entitlements" field should be added to the input fields for creating provisioning profiles. However, as of today(March 18, 2026), it has not yet been added. Will the Entitlements field be added if I simply wait? My account (Apple ID), which submitted the application, belongs to three Team IDs. For convenience, I will refer to them as Team ID SV3XXXXXXX, Team ID NWKYYYYYYY, and Team ID WEJZZZZZZZ. The application status for Entitlements for each Team ID is as follows: Team ID SV3XXXXXXX Entitlements: Present. Applied for Entitlements on February 6, 2021. (Received "Re: Requesting Network Extension App Push Entitlement" email on February 6, 2021) Team ID NWKYYYYYYY Entitlements: Not present. Applied for Entitlements on March 13, 2026. (Received "Re: Requesting Network Extension App Push Entitlement" email on March 13, 2026) Team ID WEJZZZZZZZ Entitlements: Present. No record (email) of applying for Entitlements. Because of this, I am concerned that the Entitlements applied for Team ID NWKYYYYYYY may have been mistakenly granted to Team ID WEJZZZZZZZ, and I am inquiring about this. Will the Entitlements field for Team ID NWKYYYYYYY be added if I simply wait? Thank you in advance.

I want to track down which part of an app contacts a given domain listed in its App Privacy Report. Following the instructions given here I am able to capture a packet trace, but traffic to the domain in question is encrypted using QUIC. Is there a way to insert e.g. mitmproxy into the capture process in order to get hold of the SSLKEYLOGFILE so that I can decrypt the traffic?

how to tracking location service while user killed app

how to keep BG running while user killed app, because admin want to tracking inside/outside of employee

EASession(accessory:forProtocol:) always returns nil — MFI accessory iAP2 Platform: iOS 17+ | Hardware: Custom MFI-certified accessory (USB-C, iAP2) | Language: Swift Problem We have a custom MFI-certified accessory communicating over USB-C using ExternalAccessory. The app calls EASession(accessory:forProtocol:) after receiving EAAccessoryDidConnect but it always returns nil. We never get past session creation. What we have verified We captured a sysdiagnose on-device and analysed the accessoryd-packets log. The full iAP2 handshake completes successfully at the OS level: USB attach succeeds MFI auth certificate is present and Apple-issued Auth challenge and response complete successfully IdentificationInformation is accepted by iOS — protocol string and Team ID are correct EAAccessoryDidConnect fires as expected iOS sends StartExternalAccessoryProtocolSession — the OS-level session is established So the hardware, MFI auth, protocol string, and Team ID are all correct. Despite this, EASession(accessory:forProtocol:) returns nil in the app. We also confirmed: Protocol string in UISupportedExternalAccessoryProtocols in Info.plist matches the accessory exactly Protocol string in code matches Info.plist App entitlements are correctly configured EAAccessoryManager.shared().registerForLocalNotifications() is called before connection Current connection code @objc private func accessoryDidConnect(_ notification: Notification) { guard let accessory = notification.userInfo?[EAAccessoryKey] as? EAAccessory else { return } DispatchQueue.main.asyncAfter(deadline: .now() + 1.0) { self.tryConnectToAccessory() } } private func tryConnectToAccessory() { DispatchQueue.main.asyncAfter(deadline: .now() + 3.0) { for accessory in EAAccessoryManager.shared().connectedAccessories { let session = EASession(accessory: accessory, forProtocol: "") // session is always nil here } } } Questions The packet log shows a ~4 second gap between EAAccessoryDidConnect firing and iOS internally completing session readiness (StartExternalAccessoryProtocolSession). Is there a reliable way to know when iOS Is it actually ready to grant an EASession, rather than using a fixed delay? Is there a delegate callback or notification that fires when the accessory protocol session is ready to be opened, rather than relying on EAAccessoryDidConnect + an arbitrary delay? Are there any known conditions on iOS 17+ under which EASession returns nil even though the iAP2 handshake completed successfully at the OS level? Is retrying EASession after a nil result a supported pattern, or does a nil result mean the session will never succeed for that connection? Any guidance appreciated.

We are launching a new app with a subscription in-app purchase (IAP). The Status of the IAP is "Waiting for Review". We want to submit the app to app for review, but the section to select an IAP with the app is not appearing. According to online sources, if we submit a new app for review, without selecting the IAP that goes with it, then the app may be released in the App Store without users being able to purchase the IAP. This actually happened to us years ago and I can't remember how we got around it, but it was painful. It seems strange that Apple would allow this problem to persist for years. Why not just hire an intern to fix it? Maybe because they are too busy running around in circles at the new spaceship headquarters. Regardless, our IAP has been sitting in "Waiting for Review" status for a while now and I'm concerned it may never be approved. Any advice would be appreciated.

I'm writing a read-only filesystem extension. I see that the documentation for loadResource(resource:options:replyHandler:) claims that the --rdonly option is supported, which suggests that this should be possible. However, I have never seen this option provided to my filesystem extension, even if I return usableButLimited as a probe result (where it doesn't mount at all - FB19241327) or pass the -r or -o rdonly options to the mount(8) command. Instead I see those options on the volume's activate call. But other than saving that "readonly" state (which, in my case, is always the case) and then throwing on all write-related calls I'm not sure how to actually mark the filesystem as "read-only." Without such an indicator, the user is still offered the option to do things like trash items in Finder (although of course those operations do not succeed since I throw an EROFS error in the relevant calls). It also seems like the FSKit extensions that come with the system handle read-only strangely as well. For example, for a FAT32 filesystem, if I mount it like mount -r -F -t msdos /dev/disk15s1 /tmp/mnt Then it acts... weirdly. For example, Finder doesn't know that the volume is read-only, and lets me do some operations like making new folders, although they never actually get written to disk. Writing may or may not lead to errors and/or the change just disappearing immediately (or later), which is pretty much what I'm seeing in my own filesystem extension. If I remove the -F option (thus using the kernel extension version of msdos), this doesn't happen. Are read-only filesystems currently supported by FSKit? The fact that extensions like Apple's own msdos also seem to act weirdly makes me think this is just a current FSKit limitation, although maybe I'm missing something. It's not necessarily a hard blocker given that I can prevent writes from happening in my FSKit module code (or, in my case, just not implement such features at all), but it does make for a strange experience. (I reported this as FB21068845, although I'm mostly asking here because I'm not 100% sure this is not just me missing something.)

I am unable to sign in to a Sandbox Apple Account, where this issue occurs only via Simulator. Under Settings > Developer, I tap "Sign In" under Sandbox Apple Account. I enter my account credentials, and after bringing me back to the Developer page, the Sign In button briefly appears as disabled, before being re-enabled, without signing in to the account. (The account credentials are also recognized as correct, as I will receive an alert popup if incorrect.) See screenshots below: After signing in, Sign In button appears disabled... ... then is re-enabled without actually signing in to the account. I have now tried setting up multiple sandbox accounts via App Store Connect with various permutations (no confirmation of Apple Account email, confirming Apple Account email, logging in to iCloud and accepting terms of service), running different device simulators, running simulators on different Mac computers... none of which yield a different result. By contrast, I can sign in to the Sandbox Apple Account without issue on a physical device. The problem occurs only via Simulator.

When my app tries to access a subscription, StoreKit's products(for:) always returns zero results. Similarly, SubscriptionStoreView always shows "Subscription Unavailable" followed by "The subscription is unavailable in the current storefront". The app is a watch-only app (no iPhone companion app). The app and the subscription product were each approved in App Store Connect over two weeks ago. The problem occurs when the app is installed from TestFlight, when the app is installed from the App Store (production), and when run in the Xcode debugger. The only time the app successfully accesses the subscription when simulating it in Xcode with a .storekit file. How should my app access the subscription? Repro: App Store bundle ID: com.toolsay.hoopref Phone app target (unused) bundle ID: com.toolsay.hoopref Watch app bundle ID: com.toolsay.hoopref.watchapp Subscription product ID: com.toolsay.hoopref.pro.annual Subscription availability: All countries and regions App Store listing let products = try await Product.products(for: ["com.toolsay.hoopref.pro.annual"]) products.count is 0.

Hello and Good day! We are conducting Bonjour Conformance Test (BCT) for Printer device. BCT result is PASSED but with warning in Multicast DNS, specifically, WARNING: SHARED REPLY TIMING - UNIFORM RANDOM REPLY TIME DISTRIBUTION Other Shared Reply Timing is passed: PASSED: MULTIPLE QUESTIONS - SHARED REPLY TIMING - UNIFORM RANDOM REPLY TIME DISTRIBUTION Environment: BCT Tool Version: 1.5.4 (15400) MacOS Sequioa 15.5 DUT Firmware : Linux Debian 9 Apple mDNSResponder 1790.80.10 Service types: _ipps._tcp, _uscans._tcp, _ipp._tcp, _uscan._tcp Router : NEC AtermWR8370N Setup: 1-to-1 [Mac->Router<-DUT connection] Based on debug.log, this is where WARNING occurs: NOTICE 2026-03-04 10:51:06.870187+0900 _shared_reply_timing 04103: Shared reply response times: min = 26ms, max = 114ms, avg = 65.50ms WARNING 2026-03-04 10:51:06.870361+0900 _shared_reply_timing 04136: 50 percent of the replies within the correct range fell in the interval 20ms and 46ms (should be close to 25%). PASSED (SHARED REPLY TIMING) In the same debug.log for MULTIPLE QUESTIONS - SHARED REPLY TIMING is PASSED: NOTICE 2026-03-04 10:52:29.912334+0900 _shared_reply_timing 04103: Shared reply response times: min = 22ms, max = 112ms, avg = 78.00ms DEBUG_2 2026-03-04 10:52:29.912849+0900 recv_packet 01997: received packet (558 bytes) PASSED (MULTIPLE QUESTIONS - SHARED REPLY TIMING) [Details] Looking at Bonjour_Conformance_Guideline.pdf https://download.developer.apple.com/Documentation/Bonjour_Conformance_Test_Guideline/Bonjour_Conformance_Guideline.pdf there were some differences: In 1.6.2 Expected Result: Test Result File of Test that All Tests Passed, this is not displayed: PASSED: SHARED REPLY TIMING - UNIFORM RANDOM REPLY TIME DISTRIBUTION And in II.8 Shared Reply Timing: (Ideally, 25% of the answers should fall in each 21ms quadrant of the range 20ms - 125ms.) and comparing to the debug.log, there was a discrepancy of the interval, because 20ms and 46ms is 26ms interval. From RFC6762 6. Responding, Ideal range is from 20ms-120ms Because of this, please advise on the questions below: I would like to know on the possible cause and resolution for these WARNINGS. And since in current BCT result, (Test result integrity signature is generated), I would like to know if this is acceptable for BCT certification. Thank you.

Hi, To ensure the issue is not caused by an error within your app or web service request, please review the Apple Pay Merchant Integration Guide. Additionally, please review the following technotes on Apple Pay: TN3173: Troubleshooting issues with your Apple Pay merchant identifier configuration TN3174: Diagnosing issues with the Apple Pay payment sheet on your website TN3175: Diagnosing issues with displaying the Apple Pay button on your website TN3176: Troubleshooting Apple Pay payment processing issues TN3206: Updating Apple Pay certificates If the resources above don’t help identify the cause of the error, please provide more information about your app or web services to get started. To prevent sending sensitive credentials in plain text, create a report in Feedback Assistant to share the details requested below. Additionally, if the error is something we need to investigate further, the appropriate engineering teams also have access to the same information and can communicate with you directly within Feedback Assistant for more information, as needed. Please follow the instructions below to submit your report. For issues occurring with your native app or web service, perform the following steps: Install the Apple Pay profile on your iOS or watchOS device. If the issue occurs on Mac, continue to Step 2. Reproduce the issue and make a note of the timestamp when the issue occurred, while optionally capturing screenshots or video. Gather a sysdiagnose on the same iOS or watchOS device, or on macOS. Create a Feedback Assistant report with the following information: The serial number of the device. For iOS and watchOS: Open Settings > General > About > Serial Number (tap and hold to copy). For macOS: Open the Apple () menu > About This Mac > Serial Number. The SEID (Secure Element Identifier) of the device, represented as a HEX encoded string. For iOS and watchOS: open Settings > General > About > SEID (tap and hold to copy). For macOS: Open the Apple () menu > About This Mac > System Report > NVMExpress > Serial Number. The sysdiagnose gathered after reproducing the issue. The timestamp of when the issue was reproduced. Screenshots or videos of errors and unexpected behaviors (optional). Important: From the logs gathered above, you should be able to determine the cause of the failure from PassbookUIService, PassKit or PassKitCore, and by filtering for your SEID or merchant domain in the Safari Web Inspector. See Inspecting Safari on macOS to learn more. Submitting your feedback Before you submit to Feedback Assistant, please confirm the requested information above is included in your feedback. Failure to provide the requested information will only delay my investigation into the reported issue within your Apple Pay website. After your submission to Feedback Assistant is complete, please respond in your existing Developer Forums post with the Feedback ID. Once received, I can begin my investigation and determine if this issue is caused by an error within your web implementation, a configuration issue within your developer account, or an underlying system bug. Cheers, Paris X Pinkney |  WWDR | DTS Engineer

As a company, we would like to implement digital passes in the Apple Wallet. We're wondering which option we should follow to be able to do so. Our company creates and manages access control devices to put on waste drop-off points. Our goal is to give the opportunity to our final users to unlock these drop-off points with their iphone. A contact told us to use the NFC & SE but this solution seems not to be available in France and not directly integrated with the Apple Wallet. We've seen Apple Wallet Access and Apple Wallet VAS as alternatives but we're not sure any of these two are really matching our usecase. We definitely want our passes to be directly integrated within the wallet, without an app.

I have a feature that relies on Apple Universal Links, which requires the apple-app-site-association file. I made some changes to this file a week ago, but I noticed that the corresponding file still hasn’t been updated when queried via: https://app-site-association.cdn-apple.com/a/v1/x When I query directly from our server, I can see the latest file here: https://x/.well-known/assetlinks.json Could anyone please help us update the file in the CDN? Thank you.

I'm developing a watchOS nap app that detects when the user falls asleep by monitoring heart rate changes. == Technical Implementation == HKWorkoutSession (.mindAndBody) for background execution HKAnchoredObjectQuery for real-time heart rate data CoreMotion for movement detection == Battery Considerations == Heart rate monitoring ONLY active when user explicitly starts a session Monitoring continues until user is awakened OR 60-minute limit is reached If no sleep detected within 60 minutes, session auto-ends (user may have abandoned or forgotten to stop) App displays clear UI indicating monitoring is active Typical session: 15-30 minutes, keeping battery usage minimal == The Problem == HKWorkoutSession affects Activity Rings during the session. Users receive "Exercise goal reached" notifications while resting — confusing. == What I've Tried == Not using HKLiveWorkoutBuilder → Activity Rings still affected Using builder but not calling finishWorkout() (per https://developer.apple.com/forums/thread/780220) → Activity Rings still affected WKExtendedRuntimeSession (self-care type) (per https://developer.apple.com/forums/thread/721077) → Only ~10 min runtime, need up to 60 min HKObserverQuery + enableBackgroundDelivery (per https://developer.apple.com/forums/thread/779101) → ~4 updates/hour, too slow for real-time detection Audio background session for continuous processing (suggested in https://developer.apple.com/forums/thread/130287) → Concerned about App Store rejection for non-audio app; if official approves this technical route, I can implement in this direction Some online resources mention "Health Monitoring Entitlement" from WWDC 2019 Session 251, but I could not find any official documentation for this entitlement. Apple Developer Support also confirmed they cannot locate it? == My Question == Is there any supported way to: Monitor heart rate in background for up to 60 minutes WITHOUT affecting Activity Rings or creating workout records? If this requires a special entitlement or API access, please advise on the application process. Or allow me to submit a code-level support request. Any guidance would be greatly appreciated. Thank you!

目前这个findmy 设备是已经通过MFI认证，不过后续想的在”Find My “应用上像 AirTag 一样支持UWB测距功能。 寻找了相关资料，在这篇文章《Nearby-Interaction-Accessory-Protocol-Specification-Release-R4》中找到了UWB的相关功能，但是需要我们自己开发第三方应用。 所以需要怎么做才可以做到像airtag 一样在“Find My”应用上显示距离和方向

Hello everyone, We've encountered a blocking issue while integrating Apple Pay on the Web within a Salesforce Commerce Cloud (SFCC) environment. The session fails immediately after a successful user authentication. Problem Summary: After a user authenticates a payment with Touch ID or Face ID, the Apple Pay sheet showing error "Payment not completed" message. The core of the issue is that the onpaymentauthorized event handler is never invoked in our client-side JavaScript. As a result, the corresponding server-side SFCC paymentAuthorized hooks are never triggered, and we cannot obtain a payment token to complete the transaction. Also, No console logs are observed. Observed Flow of Events: The ApplePaySession proceeds correctly through the initial callbacks. We have verified through server-side logs that the corresponding SFCC platform hooks (getRequest, prepareBasket, shippingContactSelected, shippingMethodSelected) fire and complete successfully. The payment sheet correctly updates with shipping costs and the final transaction amount. Failure Point & Steps to Reproduce: A user initiates an Apple Pay transaction within our SFCC site. They select their shipping contact and method. The payment sheet updates the total amount. The user taps the "Pay" button and authenticates successfully via Touch ID / Face ID. Failure: The sheet immediately displays "Payment not completed" error. The onpaymentauthorized event is never fired on the client, and no paymentAuthorized calls reach our SFCC backend. We have confirmed this behavior is reproducible even when using the standard plugin_applepay provided by SFCC. There are no associated errors in the browser's JavaScript console or any server-side logs, as the process appears to fail within the native Apple Pay session before control is returned to our client-side code. Our Questions: Given this is occurring within an SFCC integration, we are trying to understand what could cause the session to terminate at this specific point. Are there internal validation checks that occur after successful user authentication but before the onpaymentauthorized event is dispatched? What configuration issues (e.g., in the ApplePayPaymentRequest, merchant identity certificate, etc.) are known to cause a failure at this exact step, especially within a platform integration like SFCC? Is there any additional client-side logging or debugging we can enable to get more insight into the internal state of the ApplePaySession? Any guidance from Apple engineers or other developers who have integrated Apple Pay with SFCC would be greatly appreciated. Thank you

Error 8 in the NEHotspotConfigurationError domain is .internal, aka NEHotspotConfigurationErrorInternal. This error typically indicates that something went wrong in some sort of expected way, but we decided not to surface the exact cause [1]. This has come up a bunch of times before on the forums, and I have various titbits to share. To start, I want to address some specific cases: You’ll see this error if your app isn’t signed with the com.apple.developer.networking.HotspotConfiguration entitlement. To fix this, use Xcode’s Signing & Capabilities editor to add the Hotspot capability to your app. Historically developers reported a situation where once they encountered the error it would show up consistently, but then it would go away on restarting the device. If you see behaviour like that, that’s definitely a bug and I encourage you to file it as such. I have more about filing such bugs in Filing a Wi-Fi Bug Report. Of course, you have to wait to reproduce the error again before you’ll be able to file that bug, because the act of restarting cleared the issue. I’ve seen reports where such problems only occur on a specific type of device, for example, on iPhone 16 but not on earlier or later iPhones. That’s definitely something that Apple should investigate, and I recommend that you file a bug about it. If the problem is being reported by your users but you can’t reproduce it yourself, consider the various suggestions in Using a Sysdiagnose Log to Debug a Hard-to-Reproduce Problem. Assuming you’re still here (-: the next step is to determine whether the problem is specific to NEHotspotConfigurationManager or not. Try joining the accessory’s network from Settings > Wi-Fi. Does that also have problems? If so, that’s not something we can help you with here on the forums. The focus of the Apple Developer Forums is primarily to help developers with the APIs in Apple’s various platform SDKs [2]. We’re not set up to help accessory developers with Wi-Fi issues. However, there are still things you can do, as I explain in Filing a Wi-Fi Bug Report. At this point you have an error that: Persists across restarts Happens with all Apple devices You can reproduce Only affects NEHotspotConfigurationManager If that’s correct then there are a couple of things you might look at: Coerce the error to an NSError and print that. Does it reveal anything interesting? Also check the underlying error property (NSUnderlyingErrorKey) for hints. When reproducing the error, monitor the system log for log entries in the com.apple.networkextension subsystem. Do those offer any clues? Note For lots of hints and tips about the system log, see Your Friend the System Log. And finally, if you have questions about this case, feel free to start a thread here on the forums and we’ll try to help you out. Put it in the App & System Services > Networking subtopic and tag it with Network Extension. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com" [1] There’s also the .unknown error. See this post for a brief summary of the difference. [2] And with Apple tools and some developer-oriented services. Revision History 2026-03-18 Added a missing entitlement bullet to the specific case list. 2026-03-17 First posted.