Team-scoped keys introduce the ability to restrict your token authentication keys to either development or production environments. Topic-specific keys in addition to environment isolation allow you to associate each key with a specific Bundle ID streamlining key management. For detailed instructions on accessing these features, read our updated documentation on establishing a token-based connection to APNs.

Hi, We received the following message. Hello, We’re reaching out with a final reminder that the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs updated the server certificates in sandbox on January 21, 2025. APNs production server certificates will be updated on February 24, 2025. To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root: USERTrust RSA Certification Authority certificate. Note, that we are using Firebase to deliver push notifications and the connection is done via APN keys, not certificates. Is there anything that we need to update in the application to mitigate the risk of not delivered push notes ?

Hello, I have the new root certificate is installed on the server (regarding "Action Required: Apple Push Notification Service Server Certificate Update"). I have switched to using sandbox environment to test if it would be working but I get error: "reason":"BadCertificateEnvironment" does it mean that the root certificate is not installed correctly or that is a different issue? What could be the reason for that? I have found that this response corresponds to "The client certificate is forthe wrong environment.", but there weren't an option to set environment on "https://identity.apple.com/pushcert/".

Hi there, This is my first time posting here. I'm working on small projects on Swift and SwiftUI now and then. I'm currently trying to develop an application that gets some bus arrival data using API and displaying them with live activities. The thing is that I'm not quite sure how frequently updates work yet. Still trying to figure out if I can update the live activity everytime the data coming right from the API changes or use push notification updates each minute passing by, but that is another thread that I'm going to focus with more details. Everytime i'm trying to deploy my app on my iphone or a simulator this error keeps popping up and I can't figure out why. Any ideas? Let me know if you need any snippet of my code. SendProcessControlEvent:toPid: encountered an error: Error Domain=com.apple.dt.deviceprocesscontrolservice Code=8 "Failed to show Widget 'com.gregorikouk.MapKitTut.BusWidgetKit' error: Error Domain=FBSOpenApplicationServiceErrorDomain Code=1 "The request to open "com.apple.springboard" failed." UserInfo={NSLocalizedFailureReason=The request was denied by service delegate (SBMainWorkspace)., BSErrorCodeDescription=RequestDenied, NSUnderlyingError=0xb1282dfe0 {Error Domain=SBAvocadoDebuggingControllerErrorDomain Code=1 "Failed to get descriptors for extensionBundleID (com.gregorikouk.MapKitTut.BusWidgetKit)" UserInfo={NSLocalizedDescription=Failed to get descriptors for extensionBundleID (com.gregorikouk.MapKitTut.BusWidgetKit)}}, FBSOpenApplicationRequestID=0xe5da, NSLocalizedDescription=The request to open "com.apple.springboard" failed.}." UserInfo={NSLocalizedDescription=Failed to show Widget 'com.gregorikouk.MapKitTut.BusWidgetKit' error: Error Domain=FBSOpenApplicationServiceErrorDomain Code=1 "The request to open "com.apple.springboard" failed." UserInfo={NSLocalizedFailureReason=The request was denied by service delegate (SBMainWorkspace)., BSErrorCodeDescription=RequestDenied, NSUnderlyingError=0xb1282dfe0 {Error Domain=SBAvocadoDebuggingControllerErrorDomain Code=1 "Failed to get descriptors for extensionBundleID (com.gregorikouk.MapKitTut.BusWidgetKit)" UserInfo={NSLocalizedDescription=Failed to get descriptors for extensionBundleID (com.gregorikouk.MapKitTut.BusWidgetKit)}}, FBSOpenApplicationRequestID=0xe5da, NSLocalizedDescription=The request to open "com.apple.springboard" failed.}., NSUnderlyingError=0xb1281d830 {Error Domain=FBSOpenApplicationServiceErrorDomain Code=1 "The request to open "com.apple.springboard" failed." UserInfo={NSLocalizedFailureReason=The request was denied by service delegate (SBMainWorkspace)., BSErrorCodeDescription=RequestDenied, NSUnderlyingError=0xb1282dfe0 {Error Domain=SBAvocadoDebuggingControllerErrorDomain Code=1 "Failed to get descriptors for extensionBundleID (com.gregorikouk.MapKitTut.BusWidgetKit)" UserInfo={NSLocalizedDescription=Failed to get descriptors for extensionBundleID (com.gregorikouk.MapKitTut.BusWidgetKit)}}, FBSOpenApplicationRequestID=0xe5da, NSLocalizedDescription=The request to open "com.apple.springboard" failed.}}} Domain: DTXMessage Code: 1 User Info: { DVTErrorCreationDateKey = "2023-10-02 21:06:04 +0000"; } -- System Information macOS Version 14.0 (Build 23A344) Xcode 15.0 (22265) (Build 15A240d) Timestamp: 2023-10-03T00:06:04+03:00

Hi, With the upcoming changes to the Apple Push Notification service (APNs) server certificates — including the SHA-2 Root: USERTrust RSA Certification Authority certificate update — I wanted to clarify if we need to take any action with Salesforce.

"As we announced in October, the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs will update the server certificates in sandbox on January 20, 2025, and in production on x date, 2025. To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root : USERTrust RSA Certification Authority certificate. To ensure a smooth transition and avoid push notification delivery failures, please make sure that both old and new server certificates are included in the Trust Store before the cut-off date for each of your application servers that connect to sandbox and production. At this time, you don’t need to update the APNs SSL provider certificates issued to you by Apple." As we are using firebase for receiving notifications and azure notification hub, I read that there is nothing we as developers need to do and will be handled by the providers right?

Hi Apple Team, we reiceved the following message. Hello, We’re reaching out with a final reminder that the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs updated the server certificates in sandbox on January 21, 2025. APNs production server certificates will be updated on February 24, 2025. To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root: USERTrust RSA Certification Authority certificate. Our web service sends token-based push notifications directly to the Apple Push server. For testing: https://api.development.push.apple.com:443 In production: https://api.push.apple.com:443 We have never installed any certificates for using APNs. Do we need to take any action regarding this message, or can we ignore it?

Hello. Recently, the users of our APP have reported using our products, and they can normally receive push in Hong Kong. However, when traveling to Japan or some countries and regions in Europe, push will not be received. we checked that -the cert is valid -the server get 'sent successfully' response -used pushtry to test the cert and token and it can receive push in app

Hello, I have a couple of questions regarding the change of the Certification Authority (CA) for Apple Push Notification service (APNs) and I will be grateful for any answers. Does it require only making sure the server machine has the SHA-2 Root: USERTrust RSA Certification Authority certificate included in Trust Store (/etc/ssl/certs/USERTrust_RSA_Certification_Authority.pem with SHA256: 8a3dbcb92ab1c6277647fe2ab8536b5c982abbfdb1f1df5728e01b906aba953a) ? Should the Certificate Signing Request be updated (that one that is uploaded to https://identity.apple.com/pushcert/) ? Does it have any connection with the certificates that are created on https://identity.apple.com/pushcert/ ? Is the push type "mdm" affected too? Which certificate should be added and where specifically? Is it for Certificate Signing Request to https://identity.apple.com/pushcert/ or the certificate that is generated on https://developer.apple.com/account/resources/certificates/list or like mentioned in the first question? Can a certificate for sandbox environment be created on https://identity.apple.com/pushcert/ ? Thank you for any help.

Our team also received this email regarding the APNS. I don't know if I need to do something or not, since I haven't found any information in SAP Forums either. Our app uses the SAP Mobile Services push notifications. If any of you know any information about this, please let me know.

I've built an iOS & Watch OS app using Sign in with Apple & CloudKit exclusively. I'm now wanting to implement Push Notifications. I understand that I need a server to trigger the push notifications (I guess I could spool up a Node server somewhere or use Firebase), but I'd really like to not use any non-Apple backend services. Am I correct in understanding that I can do this with Push Notifications Console, or do I still need a separate backend?

we have three problem when using the push notification on Live Activity. 1. What is the specific callback strategy for the activityUpdates property in ActivityKit? We found that in actual user scenarios, there is a probability that we may not receive callbacks. From the community experience, there are some resource optimization strategies that do not perform callbacks. From this perspective, the explanation is kind of vague. Is there any clear feedback to understand why callbacks are performed/not performed? 2.what is the specific description of the wake-up strategy, when background app receive Live Activity offline start Push? From community experience, we can see that the system may wake up for a duration of 0-30s due to resource optimization strategies, or not wake up/not deal with it. Is there an official description of the wake-up strategy? or we also have to follow this description: Wake up of apps using content-available pushes are heavily throttled. You can expect 1-2 wakeup per hour as a best case scenario in the hands of your users. so this cannot be assumed to be a reliable wake-up on demand mechanism for an app. 3 How can we determine user have selected (allow or always allow) of the Live Activity permission? When we use real-time activity offline push, there are two system prompts in iOS: the first prompt : allow and disallow real-time activity the second prompt : always allow and disallow Is there an interface that can directly determine which permission the user has chosen (allow/always allow)? (By the way, we can get disallow status). At present, we haven't seen any interface in the official documentation/interface that can determine (allow/always allow). The difference here will affect the generation of Update Token. Without Update Token, we can not update our activity instance.

I received the email from Apple: “Action Required: Apple Push Notification Service Server Certificate Update”. I'm not quite clear on what exactly I need to do. In my case, I have my own APN service on a DigitalOcean server and I have both .pem and .p12 certificate there. Can anyone help me?

Hello, I have been implementing NEAppPushProvider class to establish my own protocol to directly communicate with our provider server without the need to rely on APNs for background push notifications. I am at a stage where I am able to establish a tcp communicator and receive messages back and forth but I noticed that when I disconnect from the WIFI I've set up by setting a given SSID, I am not getting hit on the Stop method. Below is briefly how I load and save preferences. NEAppPushManager appPushManager = new NEAppPushManager(); appPushManager.LoadFromPreferences((error) => { if (error != null) { Console.WriteLine($"Error loading NEAppPushManager preferences: {error.LocalizedDescription}"); return; } if (!enable) { Console.WriteLine("Disabling Local Push Provider..."); appPushManager.Enabled = false; // ✅ Immediately update UserDefaults before saving preferences userDefaults.SetBool(false, Constants.IsLocalPushEnabled); userDefaults.Synchronize(); appPushManager.SaveToPreferences((saveError) => { if (saveError != null) { Console.WriteLine($"Error disabling Local Push: {saveError.LocalizedDescription}"); } else { Console.WriteLine("Local Push successfully disabled."); } }); return; } // ✅ Now we can safely enable Local Push Console.WriteLine($"Enabling Local Push for SSID: {_currentSSID}"); appPushManager.MatchSsids = new string[] { _currentSSID }; appPushManager.LocalizedDescription = "LocalPushProvider"; appPushManager.ProviderBundleIdentifier = Constants.LocalPushExtensionBundleId; appPushManager.Enabled = true; appPushManager.SaveToPreferences((saveError) => { if (saveError != null) { Console.WriteLine($"Error saving Local Push settings: {saveError.LocalizedDescription}"); } else { Console.WriteLine("✅ Local Push successfully registered."); userDefaults.SetBool(true, Constants.IsLocalPushEnabled); userDefaults.Synchronize(); } }); }); I've read through documentation and was expecting the Stop method to be hit when I turn off Wifi. Am I missing anything? Please let me know if I should provide more info. Currently I just have a console writeline method inside the Stop method to see if it actually gets hit.

Hi, Regarding the announcement about the Apple Push Notification Service (APNs) Server Certificate Update, I wanted to clarify whether it will impact my app’s push notification setup. I use Firebase Cloud Messaging (FCM) to send push notifications to iOS devices, and in my Firebase project settings, I have configured an APNs Authentication Key under the Apple app configuration tab (Firebase Console > Project Settings > Cloud Messaging > iOS app configuration). The authentication key I am using was generated from Apple Developer > Certificates, Identifiers & Profiles > Keys. Since I am using this authentication method instead of APNs certificates, are there any changes I need to be aware of due to the APNs server certificate update, and do I need to update anything in my current configuration to ensure push notifications continue to work? Thanks in advance!

Hello, I received this message below. I reached out to support but they said they can not help with something this specific. Any organization in the same boat? Which of the certificates in the provided link should I use? Hello, We’re reaching out with a final reminder that the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs updated the server certificates in sandbox on January 21, 2025. APNs production server certificates will be updated on February 24, 2025. To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root: USERTrust RSA Certification Authority certificate. To ensure a smooth transition and avoid push notification delivery failures, please make sure that both old and new server certificates are included in the Trust Store before the cut-off date for each of your application servers that connect to sandbox and production. At this time, you don’t need to update the APNs SSL provider certificates issued to you by Apple.

Hello everybody, We are trying to configure Device APN settings by sending IOS device configuration profiles through OTA. Please refer below url for details which we are following : https://developer.apple.com/library/archive/documentation/NetworkingInternet/Conceptual/iPhoneOTAConfiguration/Introduction/Introduction.html#//apple_ref/doc/uid/TP40009505 We’ve encountered an issue where the APN (Access Point Name) settings are not populating correctly on iOS devices, even though we are sending the configuration via our Device Management Center (DMC) and the configuration message is being pushed correctly over the air (OTA). Path to the APN fields: Settings > Mobile > Mobile Data Network > APN Tested iOS version: 17.3, 17.5, 18.2, 18.3 Configuration message received: Configuration message installed: APN fields are empty: Could you give us any suggestions ? Thank you very much.

Hi everyone, I am developing a VoIP calling feature in my Flutter app, using: Agora RTC Engine for real-time calls. CallKit & PushKit (VoIP notifications) for iOS call handling. Firebase Cloud Messaging (FCM) for notifications. Problem: CallKit UI Stays on Screen When Caller Hangs Up (Background/Terminated) I am using Firebase notifications to notify the receiver that the call should be dismissed, but it doesn’t work in the following cases: App is in the background – CallKit UI remains stuck even after receiving the Firebase notification. App is terminated – The Firebase notification does not trigger any background execution, so CallKit UI stays forever. Current Implementation I send an FCM notification to inform the receiver to dismiss CallKit UI. When received in the foreground, it works fine (callEnded method is triggered). But in background or terminated state, the notification is not received or doesn’t execute the code.

Hello Everyone, I have some questions regarding the Apple notification alert update received in October 2024 for the APNs server certificate update. We are using Azure Notification Hub to receive push notifications. I confirmed with the Azure team, and they have already implemented the required changes. However, push notifications are still not working in the sandbox environment. Could you please provide any insights on this? Thanks.

Hello Everyone, We have some doubts regarding the apple notification alert update received in Oct 2024 for APNS server certificate update. Does this change is already live for sandbox environment? As we have checked on sandbox environment without changing any certificate its working and we are able to get push notification. Does that means our system does not need any change for production as well? If required where we should add https://www.sectigo.com/knowledge-base/detail/Sectigo-Intermediate-Certificates/kA01N000000rfBO. This certificate. For FYI we are using python library called django-push-notifications which internally call to the APNS server for push notifications.