Overview

Getting macOS app icons from Icon Composer working in Xcode 26.x appears to have caused widespread confusion. I've certainly had more than one headache from it. Here's what works for me: Drag the .icon file from Icon Composer into the Xcode Project Navigator, dropping it at the same level as Assets.xcassets — not inside it. In the Project Navigator, click the top-level project item to open the Project Editor. Select your app target and open the App Icons and Launch Screen section. Enter the icon name (without the .icon extension) in the App Icon field. In that same section, leave App Icons Source unchecked. Go to the Build Phases tab and expand Copy Bundle Resources. Delete the Assets.xcassets entry, leaving only the .icon file. Clean the build folder (⇧⌘K) and run. Your icon should now appear in the Dock. It appears that Icon Composer icons and even the presence of the Asset Catalog icons in Copy Bundle Resources are mutually exclusive right now. Including the Asset Catalog appears to suppress the Icon Composer icon. Removing it lets the Icon Composer icon through. Note: If your app depends on other assets in the Asset Catalog, this approach won't work for you. In that case, fall back to the traditional method — export all required sizes from Icon Composer and import them into the Asset Catalog. Hopefully Apple addresses this conflict soon.

Hi, I created an app and want to use Google Admob to show ads. I am a little bit confused how exactly tracking, more specifically, the ATT-framework and Google Admob relate to each other. The current work flow is: ATT-permission given -> show google ad mob consent form However, I am confused what I should do if the ATT permission is denied. Can I still show the consent form of google admobs or is that forbidden? If so what do I need to then? Thank you!

Hi! I'm a first-time app founder trying to enroll my business in the Apple Developer Program as an Organization. I already have a personal Apple ID, so I'm trying to create a separate, brand new Apple Account using my business email for the enrollment. Every time I complete the account creation form and go through the verification code step, I get the error: 'Your account cannot be created at this time.' Things I've already tried: Personal cell phone number for verification A Google Voice number for verification Different browsers The Apple Developer app Different WiFi networks I only have one iPhone and one cell number, both already tied to my personal Apple ID. My D&B DUNS number is confirmed, the only blocker is creating this new Apple Account. Is there a known solution for this? It seems like it must be a common situation for small business owners who use one device for both personal and business. Any help appreciated!

Summary After replacing every PNG in AppIcon.appiconset with the correct branded heart icon, the installed iOS app on a real iPhone (built and deployed via Xcode, not TestFlight web clip) still displays the default Capacitor 'blue X' placeholder icon on the home screen. The icon files in the repo are confirmed to be the new artwork, but iOS shows the old placeholder. Environment App: ImpulseAlly (Capacitor wrapper around hosted TanStack Start web app) Bundle ID: com.impulseally.app Capacitor iOS, deployment target iOS 15.0 Xcode 17E202, iOS SDK 26.4 (per derived-data log) Install method: Xcode → Run on physical device (not Safari 'Add to Home Screen', not TestFlight) Web shell URL: https://impulseally.com (server.url in capacitor.config.ts) What the user sees On the iPhone home screen, the app icon is the default Capacitor placeholder — a stylized blue 'X' / Capacitor logo on a white background. The expected icon is a sage-green rounded square with a white heart. Please ask for more information if I have not provided what you need. I have a file that I can share with everything I've tried.

Hello everyone, My app is has been "In Review" since Thursday evening, and held in that status since. In my experience, when an app moves to "In Review" it takes at most an hour to review app functionality and move to ready for release. We have timelines to meet. Neither an expedited review nor reaching out to support helps the situation.

Hi! I'm a first-time app founder trying to enroll my business in the Apple Developer Program as an Organization. I already have a personal Apple ID, so I'm trying to create a separate, brand new Apple Account using my business email for the enrollment. Every time I complete the account creation form and go through the verification code step, I get the error: 'Your account cannot be created at this time.' Things I've already tried: Personal cell phone number for verification A Google Voice number for verification Different browsers The Apple Developer app Different WiFi networks I only have one iPhone and one cell number, both already tied to my personal Apple ID. My D&B DUNS number is confirmed, the only blocker is creating this new Apple Account. Is there a known solution for this? It seems like it must be a common situation for small business owners who use one device for both personal and business. Any help appreciated!

Dear TestFlight Team! I am observing an increasing misuse of TestFlight public and private invites to distribute scam, spam, and potentially malicious builds: I had reported this already in December last year via Feedback assistant, but since the malicious behavior has not stopped, I hope that you can forward my bug reports to the right team: FB21379977, FB21845307 In multiple cases, these builds impersonate well-known apps (e.g. ChatGPT, OpenAI, Meta) by changing the app name and icon after an initial TestFlight approval, misleading users into installing software from unrelated developer accounts. I believe this represents a systemic weakness in the TestFlight review and update flow, enabling targeted phishing or malware distribution outside the App Store review process. My bug reports have attached: TestFlight invitation emails (.eml) Screenshots from TestFlight documenting impersonation behavior ⸻ Steps to reproduce Create a new Apple Developer account. Upload an initial, benign app (e.g. a calculator) as version 1.0.0 and obtain TestFlight approval. Upload a second build: without changing the version number increase build number Change the app name to a well-known product (e.g. “ChatGPT”) Change the app icon to match the impersonated product Invite targeted email addresses to the TestFlight group. Recipients receive an official TestFlight invite and are prompted to install the impersonating app. ⸻ Expected results TestFlight builds that significantly change app identity (name, icon, branding) should: Require additional review, or Be blocked from distribution without re-approval. Developer accounts should not be able to impersonate well-known companies (e.g. “OpenAI Platforms LLC”) without verification. Users should be protected from installing TestFlight builds that materially differ from what was originally reviewed. ⸻ Actual results App name and icon can be changed between TestFlight builds without triggering additional review. TestFlight invites can convincingly impersonate trusted brands. Targeted users may reasonably believe they are installing a legitimate beta. This creates a credible vector for: Phishing (credentials, payment details) Data exfiltration Social engineering attacks I did not install the builds to avoid personal risk, but the attached artifacts should allow Apple’s internal teams to reproduce and analyze the behavior safely. Some more examples:

SystemLanguageModel.contextSize is back-deployed, but SystemLanguageModel.tokenCount is not. The custom adapter toolkit ships with a ~2.7MB tokenizer with a ~150,000 vocabulary size, but the LICENSE.rtf exclusively permits it's use for training LoRAs. Is it possible to back-deploy tokenCount or for Apple to permit the use of the tokenizer.model for counting tokens? This is important to avoiding context overflow errors.

Dear App Store Connect Team! Since Passkeys have been introduced as login option on https://appstoreconnect.apple.com, I am unable to to make use of this new sign in option. I have attached sysdiagnoses, screen recordings, and .har exports in my feedback requests: FB22167539 FB17622414 FB22403813 When I select "Sign in with Passkey", the spinner just keeps spinning. Signing in with password works without issues. I can sign into my Apple ID on other Apple websites using my passkey without problems. Hope that helps! – Frederik

Dear Screen Time Team! The Screen Time passcode can be brute-forced without rate limiting by repeatedly attempting guesses through the "Erase All Content and Settings" flow. This allows unlimited passcode attempts with no delay, lockout, or escalation, effectively defeating the purpose of the Screen Time passcode as a parental control mechanism. Impact: Children can bypass Screen Time protections by guessing the passcode No rate limiting enables trivial brute-force attacks (especially for 4-digit codes) Undermines trust in Screen Time as a parental control system Creates real-world safety risks for families relying on Screen Time restrictions Publicly shared methods (e.g. on TikTok) increase likelihood of widespread abuse Steps to Reproduce: Enable Screen Time and set a passcode Open Settings → General → Transfer or Reset iPhone → Erase All Content and Settings When prompted for the Screen Time passcode, enter an incorrect code Repeat the process with different guesses Expected Result: After a small number of incorrect attempts, the system should: enforce exponential backoff delays, or temporarily lock further attempts, or require Apple ID authentication Attempts should be rate-limited across system flows Actual Result: Unlimited passcode attempts are allowed No delay, lockout, or penalty is applied Enables rapid brute-force guessing of the Screen Time passcode Notes: This appears to bypass standard passcode protections that exist in other parts of iOS The issue is especially severe for 4-digit Screen Time passcodes (10,000 combinations) The attack surface is exposed through a system-level reset flow Suggested Fix: Introduce global rate limiting for Screen Time passcode attempts across all entry points Apply exponential backoff after failed attempts Require Apple ID authentication after multiple failures Consider enforcing 6-digit minimum passcodes for Screen Time Log and unify attempt counters across system components Severity: Critical (Security vulnerability enabling brute-force of parental control passcode) See TikTok: https://www.tiktok.com/@aldanaisthebest12170/video/7615053429500644621 Feedback request: FB22263276 – Frederik (one sec app)

Dear Screen Time Team! The current 6 MB memory limit for the DeviceActivityMonitor extension no longer reflects the reality of modern iOS devices or the complexity of apps built on top of the Screen Time framework. When Screen Time APIs were introduced with iOS 15, hardware constraints were very different. Since then, iPhone performance and available RAM have increased significantly…but the extension memory limit has remained unchanged. My name is Frederik Riedel, and I’m the developer of the screen time app “one sec.” Our app relies heavily on FamilyControls, ManagedSettings, and DeviceActivity to provide real-time interventions that help users reduce social media usage. In practice, the 6 MB limit has become a critical bottleneck: The DeviceActivityMonitor extension frequently crashes due to memory pressure, often unpredictably. Even highly optimized implementations struggle to stay within this constraint when using Swift and multiple ManagedSettings stores. The limit makes it disproportionately difficult to build stable, maintainable, and scalable architectures on top of these frameworks. This is not just an edge case…it directly impacts reliability in production apps that depend on Screen Time APIs for core functionality. Modern system integrations like Screen Time are incredibly powerful, but they also require a reasonable amount of memory headroom to function reliably. The current limit forces developers into fragile workarounds and undermines the robustness of apps that aim to improve users’ digital wellbeing. We would greatly appreciate if you could revisit and update this restriction to better align with today’s device capabilities and developer needs. Thank you for your continued work on Screen Time and for supporting developers building meaningful experiences on top of it. Feedback: FB22279215 Best regards, Frederik Riedel (one sec app)

Hi everyone, I’m currently facing an issue in App Store Connect when submitting a build to TestFlight. When I try to complete the “What to Test” section and submit, I get the following error: “There was an error processing your request. Please try again later.” Case details: Case ID: 102871190604 Submitted: April 17, 2026 (GMT+7) Status: No response after 3–4 days This issue is blocking me from submitting the build. What I’ve tried: Retried multiple times Switched browsers (Chrome, Safari) Used Incognito mode Logged out and back in Simplified the “What to Test” text Checked build is processed and not expired I have already contacted Apple Developer Support but haven’t received any response yet. Questions: Is this a known App Store Connect issue? Should I wait for support, or upload a new build? If any Apple staff could help check this case, I would really appreciate it. Thank you.

I have a problem. I keep getting harassed by a person who says he works for Apple. I don’t believe I get routed to Apple tech support. I been getting looted out of my Apple ID without me knowing. They say they can see my screen and everything I do plus see me through my camera. I have factory reset my phone 3 times and deleted the eSIM changed my number three times plus made new Apple ID accounts. They send me Apple Store links that aren’t real and they say whenever I click them that I messed up. There are a bunch of fraudulent listings of me in spokeo and people finders that aren’t true but I can tell they’re about me. how do I find out who is doing this and how do I get them to stop

Hi everyone, I’m getting this error in App Store Connect when submitting a build in TestFlight: “There was an error processing your request. Please try again later.” Case information: Case ID: 102871415765 Contacted Apple Developer Support: April 17, 2026 (GMT+7) It has been 3–4 days with no response so far Where it happens: App Store Connect During the “What to Test” step The build is already processed and available What I tried: Retried several times Switched browsers Used Incognito mode Logged out and back in Simplified the “What to Test” text Checked that the build is not expired This issue has been blocking submission for several days now. Has anyone experienced this recently? Is there any workaround, or should I upload a new build? Thank you.

Hi everyone, We are currently facing an issue in our App Store Connect account where all of our production apps are suddenly showing the status “Removed from Sale.” This happened unexpectedly, and: We did NOT make any manual changes to app availability No recent app rejections or guideline violations were received Agreements, Tax & Banking section shows no pending actions TestFlight builds are still working fine We also have not received any clear communication from Apple explaining the reason for this. This is affecting all our live apps and impacting business operations. Has anyone else faced a similar issue recently? Could this be related to account-level restrictions or any recent policy updates? Any guidance or suggestions would be greatly appreciated. Thanks in advance!

Hi everyone, I subscribed to the Apple Developer Program on April 12th, 2026. The payment has already been charged to my bank account, but my account still shows the status “Pending” I think the reason my account is still stuck is because I enrolled in the Apple Developer Program using one Apple ID and completed the payment using a different Apple ID (the subscription is currently active under this account) It’s now been several days, and I haven’t received any confirmation email or any request for additional information. I already contacted Apple Support by email, but I’d like to know if other developers have experienced the same situation and how long it took before their account was activated. Thanks in advance for your help and feedback!

My apps are stucked in „Waiting for revlew” for 6-7 days. What is going on? It’s not only my problem, a lot of users have the same problem, there are many forums with that issue. It’s pretty unbelievable for me, that in 2026 we have to wait about week to approve or reject an app. Ridiculous. Take the example of Google Play…. Regards.

I am unable to update my apps because of Apple Developer License Agreement. I am told that I have to agree, yet I have agreed to every agreement available. When I log in my Developer Account there is no pending agreement either for free apps or Paid apps. The most recent one I agreed on April 6, 2026. I have logged out and in again multiple times. I tried to change the Account Holder to see if I get to agree on the agreement again but that did not help either. I have remained stuck and can't update any one of my apps since I get the error: "The Apple Developer Program License Agreement has been updated and needs to be reviewed. For more information, go to your account on the Apple Developer website." I have tried to reach out to Apple Support but no help was given. Can anyone please help? Much appreciated.

Starting somewhere around macOS 26.3, my sandboxed file manager spontaneously loses access to ~/Library/Mobile Documents mid-session. Setup: at launch, the user grants access to '/', '/Users', or '~' via NSOpenPanel; I store a security-scoped bookmark and call startAccessingSecurityScopedResource(). This works fine - including iCloud Drive - until some point mid-session. When it breaks, two things happen simultaneously: Enumeration fails: NSCocoaErrorDomain Code=257 (NSFileReadNoPermissionError)< NSPOSIXErrorDomain Code=1 (EPERM) Console shows the kernel refusing extension issuance: couldn't issue sandbox extension com.apple.app-sandbox.read for '/Users//Library/Mobile Documents': Operation not permitted And probing NSFileProviderManager confirms the process has been rejected system-wide: NSFileProviderManager.getDomainsWithCompletionHandler > NSFileProviderErrorDomain Code=-2001 "The application cannot be used right now." (underlying Code=-2014) What makes this specific to FP-backed paths: regular paths under the same '/' bookmark (~/Library/Application Support, etc.) stay accessible and recover normally with a fresh startAccessingSecurityScopedResource() call. Only ~/Library/Mobile Documents and its subtree fail - the entire tree, including the parent directory itself. Relaunch always restores access. What I've tried and ruled out: Re-resolving the bookmark + startAccessingSecurityScopedResource() - returns stale=false, granted=true but access is not restored; the kernel still refuses extension issuance for FP-traversing paths. NSFileCoordinator coordinated read - doesn't help; the coordinator depends on the same sandbox extension the kernel is refusing. Instantiating NSFileProviderManager(for: domain) per domain - fails with -2001 for every domain, confirming the rejection is process-wide, not path- or domain-specific. My working theory: when a FileProvider daemon (bird/cloudd/fileproviderd) restarts mid-session, the process's FP-client XPC registration is invalidated, and the kernel subsequently refuses to issue sandbox extensions for any path served by FP - even with a valid bookmark. The process seems to have no API path to re-register its FP-client identity without relaunching. Current workaround: I detect the -2001 response and prompt the user to relaunch, then do a programmatic self-relaunch if they confirm (which is obviously horribly intrusive). Questions: Is there an API that lets a sandboxed consumer app reconnect its FP-client identity mid-session, short of relaunching? Is there an entitlement or capability that would make the kernel's extension issuance resilient to FP daemon restarts? Has anyone else hit this on 26.x and found a workaround? Filed as FB22547671.

Good morning. I have an APPLE DEVELOPER ACCOUNT. I am inquiring about Distributing In House Apps using my own website. All the links so far do not help. They all seem to be relevant to the Apple Store and not In House apps. I have my apps ready for evaluation. I understand you need to evaluate them. I want to apply for a certificate that will allow me to put the apps on my OWN website and have users download these and install to their Apple devices. So far I have been testing using own devices but every build I create does NOT create a manifest file. They do work but obviously I need a manifest for the website. I assume a relevant certificate would provide that. Can you please let me know of any and all information that applies on how to apply for an In House Distribution Certificate and how and where I should upload my apps for evaluation. Thank you so much. John