Team-scoped keys introduce the ability to restrict your token authentication keys to either development or production environments. Topic-specific keys in addition to environment isolation allow you to associate each key with a specific Bundle ID streamlining key management. For detailed instructions on accessing these features, read our updated documentation on establishing a token-based connection to APNs.

Hello, I'm experiencing a bug on iOS 26.5 RC1/RC2 where the Blood Pressure option is silently excluded from the HealthKit permission dialog (when requesting HKQuantityTypeIdentifierBloodPressureSystolic and HKQuantityTypeIdentifierBloodPressureDiastolic). This does not reproduce on iOS 26.4.2 or earlier. What happens: When BP types are requested alone, a blank white modal slides up and immediately dismisses — no permission UI is shown. When BP is requested alongside other types, a normal dialog appears for those other types, but Blood Pressure is simply absent from the list. The completion handler returns success = YES, error = nil in both cases, but BP permission is never granted. The result: Settings → Privacy & Security → Health → [app] shows Blood Pressure as requested but not granted getRequestStatusForAuthorizationToShareTypes for the BP types keeps returning ShouldRequest indefinitely HealthKit queries for BP samples return no data Workaround: Manually toggling Blood Pressure to ON in Settings → Privacy & Security → Health → [app name] fixes everything - queries work, notifications fire, and getRequestStatusForAuthorizationToShareTypes correctly returns HKAuthorizationRequestStatusUnnecessary. Environment: Confirmed broken: iOS 26.5 RC1 (23F75) and RC2 (23F77), iPhone 11; iOS 26.5 RC1 (23F73), simulator Confirmed working: iOS 26.4.2 (device), iOS 26.4.1 (simulator) Feedback filed as FB22735935.

I first started observing this behaviour through the crash logs of one of my App Store apps which are downloaded by Xcode. Then 3 days ago the same crash happened when launching one of my other apps on my own Mac. On the next try, the app launched correctly. The crash logs don't show any of my app's symbols, only a single thread that does something with libsecinit. I have no idea what the problem is, and since these crashes are also downloaded by Xcode, one would get the impression it’s a fault in my programming… but without any hint as to what I’m doing wrong, I have no chance to fix it, and so I get the feeling that it’s actually a macOS bug. I created FB22712334. crash

Hello everyone, We are encountering a critical regression introduced in iOS 26.4 that results in permanent workout data loss for users. When invoking HKWorkoutBuilder.finishWorkout(completion:) while the iOS device is locked, the save operation fails completely. However, it fails silently: the completion handler executes but returns both a nil workout and a nil error. Expected Behavior: Before iOS 26.4 finishWorkout resulted in a workout id, and correctly stored the workout data in HealthKit. According to HealthKit data protection documentation, saving data when the device is locked should either succeed (writing to a temporary journal file to be merged upon unlock) or explicitly throw an error such as HKError.Code.errorDatabaseInaccessible. Actual Behavior: Because the framework returns nil for both the object and the error, the application has no way to detect that the save failed. We cannot implement a retry mechanism or queue the save, resulting in silent data loss. Steps to Reproduce: We have built a Minimal Reproducible Example (MRE) that reliably triggers this: Initialize an HKWorkoutBuilder and call beginCollection(withStart:) followed by endCollection(withEnd:). Wrap the finishWorkout call in a short 5-second asynchronous delay, protected by a UIBackgroundTask to prevent app suspension. Lock the physical device during this 5-second window. The finishWorkout completion handler will execute while the device is locked, returning workout == nil and error == nil. Existing Reports: We have filed this via Feedback Assistant (a month ago) and opened a TSI (a week ago), providing the MRE project and a sysdiagnose captured at the time of failure: Feedback ID: FB22396180 TSI Case-ID: 19755043 As we have not yet received a response or a suggested workaround through these official channels, we are reaching out to the community. Has anyone else encountered this silent failure with HKWorkoutBuilder recently? Any insights or escalation help would be greatly appreciated.

Hi, I have a problem with watchOS widget configuration intents. It turns out that watchOS is unable to load text for localization keys. This is how I set configuration parameter in WidgetConfigurationIntent: @Parameter( title: LocalizedStringResource( "watchWidgetConfig.showSymbols", defaultValue: "Symbole", table: "WidgetLocalizable", bundle: widgetBundle ), default: true ) var showSymbols: Bool Unfortunately, on a device always the defaultValue is used. I tried everything and nothing works. What's weird, it correctly works on watchOS simulator and if you configure widgets in iOS "Watch" app. On real Apple Watch, the "defaultValue" is displayed. I'm not sure if it's important but both: the Swift file with WidgetConfigurationIntent and WidgetLocalizable.xcstring are included in two targets: Watch Widget Extension and Watch App. I tried so far: All variants of LocalizableStringResource init. With/without "table", with/without "bundle". Previously I had texts in Localizable.strings, I migrated it to WidgetLocalizable.xcstrings and it didn't work either. Setting only one target for WidgetLocalizable.xcstring and WidgetConfigurationIntent. I checked inside xcarchive to see if WidgetLocalizable.xcstring is copied correctly. Seems like watchOS bug, but I would be happy to know if someone figured out any workaround. Xcode: Version 26.4 (17E192) iOS 26.4.1 watchOS 26.4 I already created a ticket: FB22509406

Hello there, I am wanting to create a custom FSKit extension, and am trying to get the sample passthrough project running: https://developer.apple.com/documentation/fskit/building-a-passthrough-file-system I have just followed the basic instructions from the tutorial above, so have: Selected my team for the signing certificate (required for FSKit module). Built and run. Enabled "Passthrough file system" under "File System Extensions". Made a test directory to mount to: mkdir ~/test But when I run the mount command, I get the following error: mount -t passthrough ~/Documents ~/test mount: Loading resource: The operation couldn’t be completed. (com.apple.extensionKit.errorDomain error 2.) mount: exec /Library/Filesystems/passthrough.fs/Contents/Resources/mount_passthrough for /Users/xxxxxxxx/test: No such file or directory mount: /Users/xxxxxxxx/test failed with 72 The contents of /Library/Filesystems/ is empty, so I don't know if allowing the extension is meant to add something to this directory or not. Any help would be much appreciated!

I’m encountering a persistent issue with my Network Extension (specifically NEFilterDataProvider) and would really appreciate any insights. The extension generally works as expected, but after some time — especially after sleep/wake cycles or network changes — a global network outage occurs. During this state, no network traffic works: pings fail, browsers can’t load pages, etc. As soon as I stop the extension (by disabling it in System Preferences), the network immediately recovers. If I re-enable it, the outage returns instantly. I’ve also noticed that once this happens, the extension stops receiving callbacks like handleNewFlow(), and reinstalling the app or restarting the extension doesn’t help. The only thing that resolves the issue is rebooting the system. After reboot, the extension works fine again — until the problem reoccurs later. I asked AI about this behavior, and it suggested the possibility that the kernel might have marked the extension as untrusted, causing the system to intentionally block all network traffic as a safety mechanism. Has anyone experienced similar behavior with NEFilterDataProvider? Could there be a way to detect or prevent this state without rebooting? Is there any logging or diagnostic data I should collect when it happens again? Any guidance or pointers would be greatly appreciated. Thanks in advance!

According to documentation, the URLSession background tasks continue even when the app is suspended. What is the lifespan of the URLSessionDownloadDelegate object when app is suspended or terminated? Will it get re-created and re-initialize properties when the app re-launches, or will it somehow restore the existing property values? Also, urlSessionDidFinishEvents not getting called, and what do we need to do there with the backgroundCompletionHandler? Any insights are much appreciated. We are getting ready to launch and this is a roadblock. (visionOS26.4) Thank you. @Observable class DownloadManager: NSObject, URLSessionDownloadDelegate { ... let config = URLSessionConfiguration.background(withIdentifier: "TestDL") config.sessionSendsLaunchEvents = true var urlSession = URLSession(configuration: config, delegate: self, delegateQueue: nil) func downloadFiles(... { // initiate multiple file downloads concurrently for url in urlList { let task = urlSession.downloadTask(with: url) task.resume() } } func urlSession(_ session: URLSession, downloadTask: URLSessionDownloadTask, didFinishDownloadingTo location: URL) { ... func urlSession(_ session: URLSession, downloadTask: URLSessionDownloadTask, didWriteData bytesWritten: Int64, totalBytesWritten: Int64, totalBytesExpectedToWrite: Int64) { ... func urlSession(_: URLSession, task: URLSessionTask, didCompleteWithError error: Error?) { ... // Not getting called ?? // Is this only called when app is suspended/terminated? func urlSessionDidFinishEvents(forBackgroundURLSession session: URLSession) { print("didFinishEvents") Task { @MainActor in //urlSession?.finishTasksAndInvalidate() //urlSession = nil // not sure what to do here: if let appDelegate = UIApplication.shared.delegate as? AppDelegate, let completionHandler = appDelegate.backgroundCompletionHandler { completionHandler() appDelegate.backgroundCompletionHandler = nil } } }

I'm a first time developer, relying heavily on Claude Agent. In my app, I'm using CloudKit to sync data between devices, but after a migration something got corrupted and syncing is no longer working. I'm using SwiftData with NSPersistentCloudKitContainer. I'm using Xcode 26.4.1 on a Mac mini. I'm testing my app on the same Mac mini, running Tahoe 26.4.1 as well as an iPad 12.9 running iPadOS 26.3.1 and an iPhone running iOS 18.7.8. Sync stopped after a cachedTotal property was added to a SwiftData model, which triggered a backfill migration that wrote to all records simultaneously across multiple devices. This was followed by an iCloud sign-out/sign-in on the Mac. Here’s a summary of everything I’ve tried already: Reset All Data on all devices multiple times Deleted and reinstalled the app on all devices Deleted the CloudKit zone twice Force-deleted local SQLite store files to clear change tokens Zone and subscription both appear correct in the dashboard Change token updates when data is written (confirming uploads work) No data propagates to other devices in any direction Uploads appear to succeed (change token changes) but imports never fire on any device. In other words, writes work, reads don’t. Is there a way to fully reset the CloudKit container's production private database for a TestFlight app, or is there a way to diagnose why imports are not firing despite a valid zone and subscription?

Hi, I have installed ubuntu in a virtual machine using attached iso and everything works fine. After installing ubuntu it boots from the hard disk always. If i ever wanted to force the vm to boot from ISO how can i do it? Thanks & Regards

While updating our test devices to iOS 26, we noticed that the connection between devices are flaky. Often when connecting to a Peer from a device running iOS 26 we can observe the invite coming through and when accepting said invite, both ends going to .connecting state and a while later going back to .notConnected within the peer(_ peerID: MCPeerID, didChange state: MCSessionState) function. This happens regularly and retrying the invitation process several times usually resolves it. Do anyone have any information or guidance on how to resolve this issue?

Hello, I am working on a network security and DLP (Data Loss Prevention) solution. A core requirement of our architecture is the ability to modify network traffic payloads in-flight (e.g., stripping sensitive data or altering packets). So, the only way to implement this is via the NETransparentProxyProvider which allows us to handle, evaluate, and modify network flows (NEAppProxyFlow). However, because this is such a powerful mechanism, my primary goal is to ensure the absolute stability of the operating system. I want to minimize the risk of interfering with core Apple services. When evaluating a flow, I have access to NEFlowMetaData, specifically properties like sourceAppUniqueIdentifier and sourceAppAuditToken. Could you please assist me with the following questions: Is there a recommended list of Apple system Application IDs (Bundle IDs) or executable names that should be strictly bypassed (ignored) by the Network Extension to maintain system integrity? Since system daemons can change between OS releases, are there any programmatic best practices or specific rules to dynamically identify core OS traffic that must not be intercepted? Are there any specific network ports or protocols that Apple strongly recommends excluding from NENetworkRule matches at the proxy provider configuration level to ensure daemons like apsd or mDNSResponder function correctly? Thank you in advance.

test

Ever since virtualization changed when Apple transitioned to their own Apple silicon chips, I’m curious whether there is anyway to make virtual machines read the host battery? Asking this because VMs in general always assuming it’s on AC adapter makes battery drain a lot faster it seems like so I’m curious whether adding it or some workaround to add battery reporting w/ power efficiency is possible to match with VMs is possible on Apple Silicon so users on Apple silicon MacBooks don’t have to worry about huge battery power consumption drain with adding some sort of feature or pass through to make VMs read host battery. Hope this makes sense.

In our macOS solution, we have a few processes and a few plugin modules which communicate with each other over XPC. We have recently started enforcing library validation flag along with hardened runtime for all processes and plugins. To enforce that, we are trying to get signing information from the XPC audit token using SecCodeCopySigningInformation with kSecCSDynamicInformation flag. As per documentation, this flag requires a live SecCode not SecStaticCode to be passed to SecCodeCopySigningInformation. However, SecCodeCopySigningInformation explicitly requires SecStaticCode in its parameters. So I am unsure how to pass live SecCode to SecCodeCopySigningInformation without copying SecStaticCode from it using SecCodeCopyStaticCode. Force cast from SecCode to SecStaticCode fails. Is unsafeBitCast a valid option in this case? Note that we support macOS version 12 and later.

Our backup app runs as a LaunchDaemon, has APFS-snapshot entitlement, and attempts to read and back up dataless files/directories by calling setiopolicy_np(IOPOL_TYPE_VFS_MATERIALIZE_DATALESS_FILES, IOPOL_SCOPE_THREAD, IOPOL_MATERIALIZE_DATALESS_FILES_ON) before reading files/directories. This worked for a while but lately has been producing many ETIMEDOUT errors for our users, especially for iCloud files but sometimes for FileProvider files e.g. Dropbox. We've attempted to wait up to 5 minutes and retry, but the ETIMEDOUT error persists. In many cases the errors stop hours or days later. Some users report that clicking the icon in the Finder and telling the Finder to "download" the file/directory (for iCloud files) successfully downloads the file data, and then backups proceed without error. Why is the user able to easily materialize dataless files but our app isn't? What is the correct approach for backing up these files/directories? What APIs can we use to determine the actual issue with a given dataless file/directory that's giving us a read error?

Hello, I’m planning to use MapKit JS for a production web/mobile application and I’m trying to better understand the quota limits and pricing model. From the documentation, I understand that MapKit JS provides a free daily limit of: 250,000 map views 25,000 service calls per Apple Developer Program membership. However, I’m not clear about what exactly happens if these limits are exceeded. My questions: If my application exceeds 250,000 map views or 25,000 service calls in a day, what happens? Will the API simply start returning errors (for example HTTP 429), or will Apple automatically charge for additional usage? Is there an official pricing model for usage above the free quota, or do we need to contact Apple to request higher limits? Are these limits strict daily hard limits that should never be exceeded in production? I’m trying to design the architecture of my application and would like to understand whether we must strictly stay below these limits or whether scaling beyond them is possible. Thank you.

Hello, I have a question similar to this post regarding MapKit JS quota limits. I understand that we can request rate limit increases, but it is not a guaranteed increase. My app is rapidly growing. What if Apple decides to not award the limit increase? Then, the directions service of my app will stop working, which would be catastrophic for my company. I need to know if the rate limit increases are guaranteed. I need to decide early on whether to use MapKit JS or another service on, because the more time that passes, the more entangled my code will get with MapKit JS. Can we get some more information on this?

I want to use Apple maps on a site instead of Google maps. Do i need to enroll as a Apple Developer to get access to the MapKit JS? (100 dollars/year)

Hey . So i'm building a screentime app whereby users can add an accountability partner who will be able to see their total screentime.(no app breakdowns included) . This will require me to send the data to firebase realtime database and retrieve for the accountability partner to see. Problem is , I've literally tried everything but the screentime still shows 0m on the accountabiliy partner's end. I need the data to be displayed rounded down to the nearest 0.5 e.g 1hr43mins ->1.5hrs+ ,2.0hrs+ ,3.5hrs+ , meaning it only moves when a threshold is crossed by the user. (this is to save database costs). Anyway i'd really appreciate if someone could help me out here. Thanks

I would like to report a persistent Apple Maps data issue affecting the Spanish (Spain) version of Apple Maps, especially in the Balearic Islands. Apple Maps is displaying several official place names incorrectly, including municipalities, towns, neighbourhoods and local geographic names. In some cases, Apple Maps also shows duplicated or non-existent neighbourhoods, or classifies neighbourhoods incorrectly as towns/cities. The problem is not isolated to one place. It affects several areas of the Balearic Islands, particularly Mallorca and Menorca. Some examples include incorrect or outdated forms such as Mahon / Mahón instead of Maó, Ciudadela instead of Ciutadella de Menorca, and other place names that do not match the official names used by Spanish geographic authorities. These names should follow official geographic sources such as the Instituto Geográfico Nacional (IGN) and the official cartographic data of the Balearic Islands. The issue appears specifically in the Spanish (Spain) version of Apple Maps. I have tried to report these errors many times using the built-in “Report an Issue” function in Apple Maps, including official references and screenshots. However, the reports are repeatedly rejected with the same generic response: “The specific change could not be made.” This reporting function does not seem to work properly for different types of map data. It fails not only for official city and town names, but also for neighbourhoods, duplicated or non-existent areas, and POIs. Even when the correction is supported by official geographic sources or clear local evidence, the reports are rejected without a useful explanation or a real review process.