I develop and maintain an app for craft breweries. It is very clearly 18+ due to frequent references of alcohol. Integrating DeclaredAgeRange is pretty straightforward, I should ask for the age signal, and check / require the user to be 18+ to align with my app terms of service. Under the limit, user declined, and unavailable, YOU SHALL NOT PASS. The moment that I introduce the concept of having an 'admin' or 'brewery mode' of that same public app, things break down. Why? Because I would be enabling this brewery or admin mode to run when the app is installed via MDM, and configured via MDM. The downside of this strategy is that Business Essentials for as long as it has listed, has not supported app-based configuration. Neither the legacy configuration, nor the new ManagedApp framework configuration. FB19980558 - Business Essentials: Add Support for Managed App Configuration (via UserDefaults) and newer Managed App Framework (August 2025) FB13398533 - Business Essentials: Add ability to send managed application configuration to an application installed via Apple Small Business Essentials app (November 2023) FB9967549 - Business Essentials: Add ability to send MDM Configuration payload to MDM managed applications (March 2022) There is a real integration issue when trying to use a public app on MDM devices. Making a fully custom app distribution is an option, then don't do Age Assurance in it, but, that doesn't seem to fit with the new regional requirements because even a Custom App is still distributed using App Store technologies and I don't want to argue semantics and play it safe, and a custom app also introduces additional friction for B2B customers that can't just find it on the App Store to buy licenses for the app. In the context of the app being installed via MDM, the user's age range might not be available, after all the device could be 'supervised' and considered company owned--the user might not even be able to sign in. I could be a warehouse iPad shared amongst workers and not really have a singular 'identity'. I'd like Apple to provide a mechanism to enable developers to make apps that do age assurance for standard downloads via DeclaredAgeRange API as it exists today, and, add support for these MDM based installs. I will assume that the App Configuration solution is out of the picture due to the lack of adoption by MDM vendors, including Business Essentials. So the next best thing would be a configuration profile, either a new restriction, or new enablement, that tells the DeclaredAgeRange system missing details. I can't just assume that if I can detect installed via MDM that it is enough and to allow the user to pass when the age signal comes up as notAvailable. I need to go further because of Apple School Manager. With respect to DeclaredAgeRange and MDM I see these scenarios: Installed via Apple School Manager MDM for K-12 - Minor (student) Installed via Apple School Manager MDM for K-12 - Adult (instructor, older student) Installed via Apple School Manager MDM for College - Minor / Adult (student) Installed via Apple School Manager MDM for College - Adult (student | instructor) Then the business side Installed via Apple Business Manager MDM - Adult (employee) Installed via Apple Business Manager MDM - Minor (younger worker, 16+?) In my particular instance, 18+ app with a hard 'you need to be 18' requirement, I'd only want to allow a pass through and more or less 'AgeRangeDeclaration.verifiedByMDM' or something to that nature. I think that Age Assurance should be built into the platform to support ABM and ASM use cases. Assuming that a personal Apple Account can be used by DeclaredAgeRange API when installed via MDM (user-enrolled or supervised), the argument can easily be made to 'just have the user sign in with a personal account'. But for several reasons this won't be feasible at all times. Either due to device restrictions, or a supervised device is shared amongst employees (brewery warehouse / inventory). FB21340165 - DeclaredAgeRange: Add mechanism to determine that no signal is available due to mdm-based install

Hi, I’m currently migrating an Apple Developer account from Individual to Organization (US LLC). Apple says the enrollment is under review and they’re verifying authority to sign legal agreements. From your experience, what does Apple usually ask for at this stage — EIN, Articles, DBA, or do they usually just approve it?

We want to add a Book button to our customer Apple Maps annotation and need a business account for this. We previously purchased the developer account using a Google email. Now, Apple Business Connect requires moving it to an email under our company domain. We've tried several times, submitted all required data (domain verified, with verification evidence), but we've been stuck on this step for about 8 months. Does anyone know how to reach a support agent to discuss and resolve this issue? Our company is in Greece.

Hello, I am trying to authenticate to the Apple Business Manager API to retrieve device information and ingest it into ServiceNow. I am following the documentation here. The first step is to create an API account and download the private key used to create a JWT client assertion. The guide linked above gives a python script to create a client assertion. Below the first python script, the following description is given for the "kid" variable: "The value is your keyId that returns when you upload a public key." This is the first time that a public key, rather than a private key, is referenced. Where is the public key supposed to be uploaded? Later in the guide, a public key is referenced again, in the section describing the client_id Request parameter: "(Required) You receive your clientId when you upload a public key." I have tried to create a client assertion using the keyId that is associated with the API account. When I try to request an access token, however, I also get an "invalid_client" error back. I am wondering if I'm using the wrong values for both key_id and client_id due to not creating and uploading a public key. Any help would be appreciated, thanks!

Hi, Once I try to reset security question, it says: "Your request could not be completed. This action could not be completed due to an error. Please try again later." So I am unable to access account. Please help! Best Regards,

I am working on an internal app for our company that links ABM, Intune, and an AT&T-provided CSV of IMEIs, and I am fairly new to this and using AI (sorry) to help me. I can search for our devices using either the serial # and/or IMEI. If the device has been released, I can still find it using the SN, but not with the IMEI. If a result is returned on a released device's SN, the IMEI is present. I have a list of IMEIs from our AT&T account and want to cross-reference those IMEIs to get the SN. Is there a way to include the Released Devices in the search?

I am looking for guidance on how people have solved this problem/use case. What is the best way to structure a seat based subscription app that an organization can pay for seats for all their users, can be distributed via mdm or via app store and is easy (low friction) to get paid for and started for small companies? I market to a business to buy my app, they want it installed on all 25 devices they have. They use ABM to acquire 25 licenses with and MDM to distribute. The app is currently free to download so ABM charges $0 but has a paywall to use. The paywall is a RevenueCat one and no user account is needed. All entitlements and free trial work great. When it is deployed to the 25 devices, they can either sign up with their own AppleId and own/company credit card, or use a company appleid and company card for all 25 devices to solve the issue but neither are great. Doubtful they would want to pay their money for a company required app on a company phone (don’t blame them). If they share an appleid, my MRR drops to 1/25th since they will just share the purchase. Any suggestions would be greatly appreciated.

I want to know about the time it takes to transition from an individual to an organization with Apple's Developer Program. I received an email notifying me that the transition process would begin on February 2nd, 2026, and today, February 19th, 2026, everything still shows as being in progress without any changes. So I want to know the maximum timeframe or how to know if they are actually completing this process. I have sent two support emails, but received no response.

We are moving to Apple Business Store for our b2b customers. On the "residential" apple store side there is testflight. What process would one test an app we provide to a b2b customer when using apple business store publishing? (I don't see any sort of test flight for apple business)

I have a question regarding MDM functionality for iOS/iPadOS. Background: According to Apple's support page(https://support.apple.com/en-us/125073), since iOS 26.1, "Previous Wi-Fi configurations will be replaced when a new profile is installed." We have observed that because of this change, when we apply a Wi-Fi configuration profile to an iPad via MDM, the manually configured network settings on the device (specifically, "Configure IPv4" and "Configure DNS") are reset to "Automatic". This erases the manually entered IP address, subnet mask, router, and DNS server addresses. Goal: We want to apply a Wi-Fi configuration profile from our MDM server to connect the device to a specific SSID, while preserving the manual IP and DNS settings that have been configured on the device. Question: Is there a way to prevent the IPv4 and DNS settings from being switched from "Manual" to "Automatic" when applying the configuration profile? For example, is there a specific key-value pair we can add to the profile to either preserve the existing manual settings, or to explicitly define manual/static IP settings within the profile itself for iOS/iPadOS? Reference: Sample Configuration Profile Below is a simplified version of the Wi-Fi configuration profile we are currently using. This profile does not contain any keys for IP address configuration. <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>PayloadContent</key> <array> <dict> <key>PayloadType</key> <string>com.apple.wifi.managed</string> <key>PayloadIdentifier</key> <string>com.apple.wifi.managed.13E2E6B3-D4B9-4E23-888A-524B3ED40C38</string> <key>PayloadUUID</key> <string>13E2E6B3-D4B9-4E23-888A-524B3ED40C38</string> <key>PayloadVersion</key> <integer>1</integer> <key>SSID_STR</key> <string>SSID</string> <key>EncryptionType</key> <string>WPA</string> <key>Password</key> <string>Password</string> </dict> </array> <key>PayloadType</key> <string>Configuration</string> </dict> </plist>

Hi Apple Community, We are using Automted Device Enrollment to Enroll macOS Devices and we used to Create AutoAdmin, PrimaryAccount using the Command Account Configuration . As a Part of Primary Account Creation while testing we see that BootStrap Token is Escrowed to MDM, and SecureToken is Created to Primary Account. The Primary Account user will enable FileVault as part of our process. As Tested internally, we seen that SecureToken is escrowed to AutoAdmin only when BootStrapToken is escrowed to MDM By device and AutoAdmin logs in then. That too After FileVault Unlock Since we Sendout the Laptop to users to setup themselves there are no chances of AutoAdmin Login to occur. And it defeats the purpose of having the AutoAdmin Account in emergency situation to login into it from Login Window. Can someone confirm if this behavior is expected and what are the expectation and recommendations from Apple on when to use AutoAdmin Account. Is there any other ways to use AutoAdmin directly from LoginWindow Before To FileVault Disk Unlock

Hi everyone, I'm running an Apple MDM service and encountering an issue where a number of devices stop receiving MDM push commands within 10 days of profile installation, even though everything appears to be set up correctly. Environment: MDM profile is installed and verified (status: OK, result: SUCCESS) Devices are cellular-enabled with no connectivity issues APNs certificate is valid (thousands of other devices are communicating normally) The command being sent to devices is DeviceInformationCommand No "NotNow" response or any check-in received from the affected devices for over a week Issue: We send DeviceInformationCommand to devices to retrieve device information and update the last communication timestamp. However, a subset of devices simply stop responding to this command within 10 days of profile installation. The last communication date is not being updated, and no response — not even a "NotNow" — is coming back from these devices. Since other devices on the same MDM setup are working fine, I've ruled out APNs certificate expiration and general server-side issues. Questions: Are there any known management points or configuration settings that could cause a device to silently stop receiving DeviceInformationCommand shortly after enrollment? What diagnostic steps would you recommend to identify the root cause on the device or server side? Are there any known bugs or reported issues related to this behavior in recent iOS versions? Is there any way to recover the MDM communication without requiring the user to re-enroll? Any insights or suggestions would be greatly appreciated. Thank you!

My support case has stalled despite being escalated to a Senior Advisor over a week ago with no follow-up or resolution. My application is being rejected from the App Store due to what appears to be a synchronization issue between apple.developer.com and App Store Connect. Full Timeline March 24, 2026 — My account migration from Individual to Organization was completed and approved by Apple. March 27, 2026 — My app (Version 1.0, Submission ID: 72b19231-8010-4844-b873-f2853d02092e) was rejected under Guideline 3.1.5 on an iPad Air 11-inch (M3). The rejection stated my app was submitted under an Individual account, which is not permitted for fintech applications. March 28, 2026 — I submitted a support request explaining the situation. April 6th, 2026 — I received a response from Developer Support, who acknowledged the issue and escalated it to a Senior Advisor. April 7, 2026 — I followed up via email as no Senior Advisor had contacted me. Today, April 13, 2026 — Still no contact from the Senior Advisor. App Store Connect still shows my account as Individual. Core Issue: When I go to apple.developer.com my account membership type is organization, with all relevant company details. However, my membership type in AppStore Connect still reflects an individual account. Such is demonstrated by an App Store review response: "Your wallet app facilitates the transmission and/or storage of a virtual currency but was submitted by an Apple Developer Program account registered to an individual, which is not appropriate for the App Store. Your app must be submitted through an Apple Developer Program account enrolled as an organization." What I Need A manual update of my Appstore Connect membership type such that it correctly reflects my Organization account status; allowing me to resubmit my app. Relevant details: Case Number: 102854501693 (screenshots of issue provided in case details) If any Apple staff can help escalate this internally or advise on next steps, I would be incredibly grateful.

I made a payment for the development program, got the receipt and everything. But I’m still not enrolled.

Our organization is attempting to retrieve the External Version Identifier (EVID) history for all published versions. This data is required so that we can pass the exact externalVersionIdentifier integer to our deployment framework to pin specific app versions on our managed devices. We currently have an active App Store Connect account, but our attempts to fetch this data via standard publishing APIs return a 401 Unauthorized error. To help us resolve this technical blocker, please provide explicit engineering guidance on the following four points: API Endpoint Architecture: Is the enterprise Apps and Books for Organizations API (apple.com) the only platform that exposes the externalVersionId history for all versions? If so, what is the exact endpoint path we must call to return the full version-based EVID array? Account Requirements: Can these version-specific EVIDs be retrieved using our existing App Store Connect developer credentials, or is an Apple Business Manager (ABM) account strictly mandatory to bypass the 401 gate? ABM Portal Setup for EVIDs Only: If an ABM account is mandatory, what are the minimum technical steps required inside the ABM dashboard to fetch only the EVID data? Specifically, do we need to "purchase" a volume license for the target app to make its version history accessible via the API? Authentication Parameters: What is the correct token structure for this endpoint? Do we need to pass a specific location server token (sToken / itvt cookie) generated inside ABM alongside our signed developer JWT header? Thank you for your time and technical guidance. We look forward to your engineering team's response.

Hi, We're implementing a DDM-capable MDM server. A DEP-enrolled, supervised iPad (iOS 26.4.2) successfully completes manifest synchronization but never proceeds to fetch the individual declaration bodies. Looking for guidance on what we might be missing. Observed flow (from our server logs): We enqueue a DeclarativeManagement MDM command and APNs-wake the device. The command body is: RequestTypeDeclarativeManagement (no Data field) Device acknowledges the command on the Connect endpoint (Status=Acknowledged). Device calls CheckIn with: MessageType = DeclarativeManagement Endpoint = tokens We respond 200 with: { "SyncTokens": { "DeclarationsToken": "", "Timestamp": "2026-05-19T..." } } Device calls CheckIn with: MessageType = DeclarativeManagement Endpoint = declaration-items We respond 200 with: { "Declarations": { "Activations": [{"Identifier":"...","ServerToken":"v1-..."}], "Configurations": [{"Identifier":"...","ServerToken":"v1-..."}], "Assets": [], "Management": [] }, "DeclarationsToken": "" } ---- Nothing further. ---- No request for Endpoint = declaration/activation/ No request for Endpoint = declaration/configuration/ No status report on Endpoint = status The MDM channel is healthy. The same device responds normally to non-DDM commands (DeviceInformation, etc.) immediately before and after this flow. Questions: Is an empty "Management" array acceptable in the declaration-items response, or is at least one declaration (e.g. com.apple.management. organization-info) required before the device will proceed to fetch declaration bodies? The DeclarationsToken returned in step 3 (tokens) and step 4 (declaration-items) are byte-identical. Is that correct, or should they differ in some way? Are there any additional preconditions for the device to begin fetching declaration bodies after receiving the manifest -- e.g. a specific Activation->Configuration linkage we might be missing? Is there a server-side log signal Apple can suggest we look for, or a way to see why the device decided not to fetch? Activation payload sample we publish: { "Type": "com.apple.activation.simple", "Identifier": "...", "ServerToken": "v1-...", "Payload": { "StandardConfigurations": ["<configuration-identifier-from-step-4>"] } } Configuration payload sample we publish: { "Type": "com.apple.configuration.softwareupdate.settings", "Identifier": "...", "ServerToken": "v1-...", "Payload": { ... softwareupdate settings ... } } Any pointers appreciated. Happy to share full server-side logs / payloads if useful. Thanks.

Hello everyone, I’m posting here because I’m waiting for an update regarding my Apple Developer Program enrollment. My enrollment currently shows: “Your enrollment is being processed.” My Enrollment ID is: 35QVL65M9K I submitted my enrollment several days ago and I haven’t received any email updates or requests for additional information yet. I wanted to ask if anyone from Apple Support or a community admin could please check my case status, or let me know if anything else is needed from my side to continue the review. If additional documents or verification are required, I’m happy to provide them. Thank you very much for your help.

Hello, My Paid Apps Agreement has been stuck in "In Process" status since May 16, 2026 — now 9 days with no resolution. I have received no emails from Apple regarding this The agreement has not been rejected The system does not allow me to make any edits I have contacted Apple Developer Support twice with no real response