The Push Notifications Console now includes metrics for notifications sent in production through the Apple Push Notification service (APNs). With the console’s intuitive interface, you’ll get an aggregated view of delivery statuses and insights into various statistics for notifications, including a detailed breakdown based on push type and priority. Introduced at WWDC23, the Push Notifications Console makes it easy to send test notifications to Apple devices through APNs. Learn more.

Team-scoped keys introduce the ability to restrict your token authentication keys to either development or production environments. Topic-specific keys in addition to environment isolation allow you to associate each key with a specific Bundle ID streamlining key management. For detailed instructions on accessing these features, read our updated documentation on establishing a token-based connection to APNs.

My app(The Smart Life app) is unable to receive push notifications. Please confirm whether APNs has received push notifications from Alibaba Cloud and whether APNs has successfully pushed notifications to the Smart Life app.The Smart Life app uses Alibaba Cloud's push notification service. The message ID pushed by Alibaba Cloud is: f7a02288-a995-47ed-b417-837461028f03 Current Symptom: Alibaba Cloud has reported that this message has been successfully pushed to APNs, but the smart life app has not received any push notifications. The feedback log from Alibaba Cloud shows that the APNs push was successful, but the smart life app did not receive any push. Because APNs do not have message receipts and Alibaba Cloud cannot obtain notification delivery status, it is recommended that I use the APNs channel message ID to submit a work order to Apple technical support for investigation. Note: All push notification permissions for the Smart Life app are enabled, and the Smart Life app is in the foreground when push notifications are sent.

After contacting Apple Support regarding MDM support for my Apple Developer Account, I received a link for my MDM request. The form in the link however requests for my Apple ID which seems to only be possible if I have an App on the AppStore. Considering I am only building an MDM Server I can not provide an Apple ID for this purpose. I have tried explaining this to the AppleSupport contact but I'm not getting any real result. I would appreciate any suggestions or support from this forum. I specifically require access to the MDM Vendor CSR Signing Certificate so that I can generate the APNs MDM Push Certificate needed for our MDM server to communicate with Apple devices.

I created an APNs Auth Key in the Apple Developer portal and downloaded it successfully once. Later, due to some issues, I revoked that key. After that, I created a new APNs Auth Key. The download button appears, but when I click it, I get the message: "Auth Key can only be downloaded once. This auth key has already been downloaded." This is incorrect because: The key is newly created in my account. I have tried multiple browsers (Safari, Chrome), private/incognito mode, and even a different laptop. I have no other active APNs Auth Keys in my account. Without this .p8 file, I cannot configure push notifications for my iOS app (using Firebase Cloud Messaging). This is blocking my production release. Has anyone else experienced this? Is there a way to reset or force a fresh APNs Auth Key when this happens?

Since upgrading to Xcode 26 beta 4 and using the iOS 26 simulator for testing our app, we've stopped being able to receive device tokens for the simulator from the development APNS environment. The APNS environment is able to return meta device information (e.g. model, type, manufacturer) but there are no device tokens present. When running the same app using the iOS 18.5 simulator, we are able to register the device with the same APNS environment and receive a valid device token.

If an iOS application has a notification service extension which gets sent a push, but the user has not been prompted for notification authorization via requestAuthorization() then what is the expected behavior? Will the push get delivered to the NSE but the resulting notification not displayed? Or will the push not get delivered at all to the NSE?

Regular apns will give you a willPresent callback and there you can decide to suppress showing the notification or suppress its sound etc. I know the iOS app will give you callbacks for when there's a contentUpdate, yet that doesn't give the option to change the sound. Is there a way to suppress sound of a received Live Activity when app is in foreground?

有効期限が2026年10月10日のApple Push Servicesに記載されている証明書について、その内容を確認すると、以下の出力が表示されます。 notBefore=2022 年 7 月 14 日 10:XX:XX GMT notAfter=2023 年 8 月 13 日 10:XX:XX GMT このため、Firebase は証明書の有効期限が切れていると認識し、アップロードを許可しません。 この問題の既知のバグや回避策があれば教えていただけますか?

When I turn the Ringtone and Alerts volume all the way up, I expect standard notifications to play at the loudest level the device allows. In theory, this should match the volume of a critical alert with its sound.volume set to 1.0 in payload. However, I’ve noticed that non-critical notifications still play quieter than critical alerts under these conditions. Critical alerts with volume: 1.0 sound noticeably louder than standard notifications, even though the Ringtone and Alerts slider is already set to maximum. And I couldn't find a documentation for this behavior anywhere. Is this expected behavior on iOS? And is there any way to make non-critical notifications play at the same maximum loudness as critical alerts? Thanks in advance for any clarification.

If there is a Notification Service Extension which has the com.apple.developer.usernotifications.filtering entitlement, then does/how having that entitlement affect the preconditions for the NSE to be delivered a push? Specifically, if the app has not prompted for requestAuthorization() is it expected that the push will be delivered to the NSE or not? Thank you

Hello Apple Developer Support, I am facing an issue when attempting to use the App Store Connect API with my API key. While basic access (e.g., /v1/apps) works correctly, any requests related to Certificates, Identifiers & Profiles (CIP) are failing with a 403 Forbidden error. Here are the details of the request and validation results: JWT Details: { "header": { "alg": "ES256", "kid": "2XLW343BLM", "typ": "JWT" }, "payload": { "iss": "9cf6159c-e038-4703-b542-7652242a6dbf", "iat": 1757515277, "exp": 1757516357, "aud": "appstoreconnect-v1" } } Test Results: ✅ /v1/apps?limit=1 → Status: 200 (working) ❌ /v1/bundleIds?limit=1 → Status: 403 Error: Unable to find a team with the given Content Provider ID 9cf6159c-e038-4703-b542-7652242a6dbf to which you belong. ❌ /v1/certificates?limit=1 → Status: 403 Error: This request is forbidden for security reasons. ❌ /v1/profiles?limit=1 → Status: 403 Error: Unable to find a team with the given Content Provider ID. I have already confirmed that: All API keys were generated correctly. All required roles and permissions have been assigned in App Store Connect. It seems that while public access endpoints are functioning, the CIP endpoints are blocked for my account/key. Could you please advise: Why the given Content Provider ID is not being recognized? Whether additional permissions, roles, or configuration are required to enable access to Certificates, Identifiers, and Profiles through the API? If it is possible to reset or refresh my membership/team configuration so that I can successfully access the App Store Connect API endpoints for CIP. Thank you for your support and guidance. Best regards

My start live activity CURL is not starting my live activity and I keep getting a decoding failure even though my curl matches my content state so my live activity is not starting. heres my CURL --header "apns-topic: MuscleMemory.KimchiLabs.com.push-type.liveactivity" \ --header "apns-push-type: liveactivity" \ --header "apns-priority: 10" \ --header "authorization: bearer eyJhbGciOiJFUzI1NiIsImtpZCI6IjI4MjVTNjNEV0IifQ.eyJpc3MiOiJMOTZYUlBCSzQ2IiwiaWF0IjoxNzU3NDYwMzQ2fQ.5TGvDRk5ZYLsvncjKwXIZYN78X88v5lCwX4fRvfl1QXjwv8tOtO2uoId27LQahXA3zqjruu_2YoOfqEtrppKXQ" \ --data '{ "aps": { "timestamp": '"$(date +%s)"', "event": "start", "content-state": { "plain_text": "hello world", "userContentPage": ["hello world"] }, "alert": { "sound": "chime.aiff" } }, "attributes-type": "KimchiKit.DynamicRepAttributes", "attributes": {} }' \ --http2 https://api.sandbox.push.apple.com/3/device/802fe7b4066e26b51ede7188a7077a9603507a0fa6ee8ffda946a864e75aa139602861538d6fb12100afbe9a3338d6c7c799d947dfacb2ee835f0339ecdc3165c9ed7e54839f5a3b89b76a011f5826cc and here is my content state public struct ContentState: Codable, Hashable { public var plainText: String public var userContentPage: [String] public enum CodingKeys: String, CodingKey { case plainText = "plain_text" case userContentPage } public init(plainText: String, userContentPage: [String]) { self.plainText = plainText self.userContentPage = userContentPage } } public init() {} }

The APNs Feedback Service domain “feedback.push.apple.com” was deprecated on March 31, 2021, and became unavailable after August 2025 due to domain name resolution failures. Will this feedback service become available again in the future? Also, is it possible to use the APNs Feedback Service with a domain different from “feedback.push.apple.com”?

If I run the following code in didFinishLaunchingWithOptions() UNUserNotificationCenter.current().requestAuthorization(options: [.alert, .badge, .sound]) { granted, error in if granted { DispatchQueue.main.async { application.registerForRemoteNotifications() } } } Then the result is that didRegisterForRemoteNotificationsWithDeviceToken() gets called. However if I change the code to be just: DispatchQueue.main.async { application.registerForRemoteNotifications() } Or as as its already running on main in this scenario, then just application.registerForRemoteNotifications() Then didRegisterForRemoteNotificationsWithDeviceToken() does NOT get called, but also neither does didFailToRegisterForRemoteNotificationsWithError(). Obtaining a push token is supposed to be independent of the user granting notifications permissions, so why am I not observing that behavior? I only observe this behavior when running on hardware, when running on the simulator both forms of the code work. Yet its nothing to do with my phone not being able to contact the Apple servers etc. - if I change the code back and forth back and forth between the two then if 100% works when using requestAuthorization() and 100% doesn't when not using it. There's nothing additional or out of the ordinary with the code, its standard app delete template stuff. Why isn't it getting a push token when requestAuthorization() isn't used? (I've tried adding an async delay to calling registerForRemoteNotifications(), but it made no difference).

Hello, I have an Apple Developer Enterprise account, and Apple Support has already enabled MDM for my account. I successfully downloaded and installed my MDM Vendor Certificate (it shows up in Keychain as MDM Vendor: [My Company Name] with its private key). Here’s what I’ve done so far: Exported the Vendor Certificate + private key as a .p12, then converted to .pem and .key using OpenSSL. Generated an unsigned CSR with CN=com.apple.mgmt.External. using OpenSSL. Attempted to sign the CSR using: my Vendor certificate the Vendor private key Apple Worldwide Developer Relations (WWDR) intermediate certificate OpenSSL smime -sign command with DER output Problem: Every time I try to upload the vendor-signed CSR to the Apple Push Certificates Portal, I get an error (CSR rejected). Sometimes OpenSSL even fails with “unable to load certificates” depending on how the WWDR certificate is included. My Questions: What is the correct OpenSSL command and certificate chain Apple expects for signing the CSR? Do I need to include any additional intermediates besides WWDR? Is there an official Apple reference example for generating the vendor-signed CSR that the Push Certificates Portal will accept? Any guidance from the community (or someone who has successfully done this end-to-end) would be greatly appreciated. Thank you, Sergio Sanchez

When running application after installation I get a value in pushTokenUpdates and also the call to pushToStartTokenUpdates returns with the token value. But, if I kill the app and restart it again, there is no value in pushTokenUpdates and the call to pushToStartTokenUpdates does not return. Am I suppose to use the push to start token from the previous application run? is there a different solution?

When sending multiple push to start notifications to start a live activities in a short time frame, after around 10 pushes live activities are no longer being started. Device logs show the following entry: Push-to-start budget exceeded for com.att.tlv.myatt::pushToStart; not starting activity What can be done to be able to open more live activities via push-to-start in a short time frame (increase the push-to-start budget)? Can this be related to the development environment and it will not happen on production? NSSupportsLiveActivitiesFrequentUpdates is already set to YES

I am unable to connect to APNs sandbox push endpoint from our backend servers. It works fine when hitting the request from my local machine but it fails from the infra servers. Here are the complete curl details. Endpoint: https://api.sandbox.push.apple.com:443 CURL request and response: curl -v https://api.sandbox.push.apple.com:443 Trying 17.188.168.149:443... Connected to api.sandbox.push.apple.com (17.188.168.149) port 443 ALPN: curl offers h2,http/1.1 Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH TLSv1.2 (OUT), TLS handshake, Client hello (1): CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to api.sandbox.push.apple.com:443 Closing connection curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to api.sandbox.push.apple.com:443 There are no issues with Production endpoint. Can someone help? Verified all certificates. Everything worked fine until 29th July but started failing since 30th July Here is the PCAP file. Additionally, Here is the outbound public IP : 3.251.214.255 apple_push_sandbox_pcap.txt

Hi, I have a ninth generation iPad updated to iPados 26 beta 3 but now it no longer updates to the latest version of iPados 26, what can I do?

Does the alert only serve the following purposes: required for start events require for any event that needs to alert the user (with sound or having the live activity show in expanded presentation) while its content DO NOT matter. Only the presence of the field and its attributes matter. The only time its content matter are when the receiving device is an Apple Watch. Is that correct?

I created new APNS key, when i clicked on download, this is the error am getting: Download Failed Auth Key can only be downloaded once. This auth key has already been downloaded. I dont have any key before and i have not downloaded the key before, it just a new key, i just created. Please this is affecting the release of our client app, and the client is having negative thought concern our service not knowing it from you guys.