Framework

SystemExtensions

Install and manage user space code that extends the capabilities of macOS.

Overview

Extend the capabilities of macOS by installing and managing System Extensions that run in user-space rather than at the kernel level. By running in user space, extensions can’t compromise the security or stability of macOS. The system grants these extensions a high level of privilege, so they can perform the kinds of tasks previously reserved to kernel extensions (KEXTs).

You use frameworks like DriverKit, EndpointSecurity, and NetworkExtension to write your extension, before packaging the driver in your app bundle. At runtime, your app calls the SystemExtensions framework to install or update the extension for the user. Once installed, an extension remains available for all users on the system. Users can disable the extension by deleting the app, which deletes the extension.

Configure the System Extension and the Host App

To successfully activate your extension, you must adhere to the following rules:

  • The extension must match your bundle identifier, excluding file extension. For example, a DriverKit extension with bundle identifier com.example.usbdriver must use the filename com.example.usbdriver.dext. Similarly, a NetworkExtension extension with bundle identifier com.example.networkextension must use the filename com.example.networkextension.systemextension.

  • You must use the same Team ID when signing the extension that you use for signing your app, unless the extension has the com.apple.developer.system-extension.redistributable entitlement.

Activate the Extension

Request activation of any system extensions as early as possible in your app’s launch. This helps the system seamlessly updating the extension when updating the app. However, you may choose to request activation later, perhaps if your extension depends on the user accepting a license agreement or making an in-app purchase.

Topics

Extension Manager

OSSystemExtensionManager

A type that facilitates activation and deactivation of system extensions.

Errors

OSSystemExtensionErrorCode

Error codes for system extensions.

OSSystemExtensionErrorDomain

The error domain identifying system extension errors.

Usage Description Keys

NSSystemExtensionUsageDescriptionKey

A message that tells the user why the app wants to install a system extension bundle.

OSBundleUsageDescriptionKey

A message that tells the user why the app wants to install a driver extension bundle.

Beta Software

This documentation contains preliminary information about an API or technology in development. This information is subject to change, and software implemented according to this documentation should be tested with final operating system software.

Learn more about using Apple's beta software