I could not find iCloud invading capabilities, it Shows nothing found, is there a problem in account or what

Hi, I’m trying to find an authoritative and up-to-date answer regarding the maximum file size supported by CKAsset uploads in CloudKit. I know Apple documentation has historically referenced a 50 MB limit in some places, but from what I can tell, that limit appears to specifically apply to CloudKit Web Services rather than native CloudKit framework usage through CKAsset. At the same time, I frequently see reports from developers claiming they are successfully uploading significantly larger assets through CloudKit, sometimes well beyond 50 MB. However, I haven’t been able to find clear documentation confirming whether this behavior is officially supported, recommended, or simply tolerated under certain conditions. My use case involves potentially syncing assets larger than 50 MB, and I need to determine whether: CloudKit officially supports larger CKAsset uploads today There is a documented hard limit for native CloudKit CKAsset uploads Uploading larger assets is considered reliable/safe for production apps I should instead design around chunked uploads and reconstruction logic I’m specifically interested in current practical and documented limits for CKAsset in 2026, especially for private database usage on Apple platforms. If anyone from Apple or developers with production experience can clarify this, I’d appreciate it. I also opened a DTS incident regarding this question and was advised to ask on the forums so the answer can benefit other developers. Thanks. (I also opened a DTS incident regarding this question and was advised to ask on the forums so the answer can benefit other developers.)

Hi, I'm having difficulties fetching many 2 many relationships. I have an Actor entity (which I can query in CloudKit JS) that has 2 relationships: inputComponents and outputComponents, both pointing towards a Component entity. How to query these relationships? Thanks Tom

Hello Devs, I'm encountering a persistent INTERNAL_ERROR (HTTP 500) when making Server-to-Server API calls to CloudKit, specifically when trying to hit the /users/current endpoint, even after meticulously verifying all client-side components. I'm hoping someone might have insight into what could cause this. Context: Goal: Authenticate to CloudKit from a Vercel Serverless Function (Node.js) to perform operations like record queries. Problem Endpoint: POST https://api.apple-cloudkit.com/database/1/iCloud.com.dannybaseball.Danny-Baseball/production/public/users/current Key Generation Method: Using the CloudKit Dashboard's "Tokens & Keys" -> "New Server-to-Server Key" flow, where I generate the private key using openssl ecparam -name prime256v1 -genkey -noout -out mykey.pem, then extract the public key using openssl ec -in mykey.pem -pubout, and paste the public key material (between BEGIN/END markers) into the dashboard. The private key was then converted to PKCS#8 format using openssl pkcs8 -topk8 -nocrypt -in mykey.pem -out mykey_pkcs8.pem. Current Setup Being Tested (in a Vercel Node.js function): CLOUDKIT_CONTAINER: iCloud.com.dannybaseball.Danny-Baseball CLOUDKIT_KEY_ID: 9368dddf141ce9bc0da743b9f69bc3eda132b9bb3e62a4167e428d4f320b656e (This is the Key ID generated from the CloudKit Dashboard for the public key I provided). CLOUDKIT_P8_KEY (Environment Variable): Contains the base64 encoded string of the entire content of my PKCS#8 formatted private key file. Key Processing in Code: const p8Base64 = process.env.CLOUDKIT_P8_KEY; const privateKeyPEM = Buffer.from(p8Base64, 'base64').toString('utf8'); // This privateKeyPEM string starts with "-----BEGIN PRIVATE KEY-----" and ends with "-----END PRIVATE KEY-----" const privateKey = crypto.createPrivateKey({ key: privateKeyPEM, format: 'pem' }); // This line SUCCEEDS without DECODER errors in my Vercel function logs. Use code with caution. JavaScript Request Body for /users/current: "{}" Signing String (message = Date:BodyHash:Path): Date: Correct ISO8601 format (e.g., "2025-05-21T19:38:11.886Z") BodyHash: Correct SHA256 hash of "{}", then Base64 encoded (e.g., "RBNvo1WzZ4oRRq0W9+hknpT7T8If536DEMBg9hyq/4o=") Path: Exactly /database/1/iCloud.com.dannybaseball.Danny-Baseball/production/public/users/current Headers: X-Apple-CloudKit-Request-KeyID: Set to the correct Key ID. X-Apple-CloudKit-Request-ISO8601Date: Set to the date used in the signature. X-Apple-CloudKit-Request-SignatureV1: Set to the generated signature. X-Apple-CloudKit-Environment: "production" Content-Type: "application/json" Observed Behavior & Logs: The Node.js crypto.createPrivateKey call successfully parses the decoded PEM key in my Vercel function. The request is sent to CloudKit. CloudKit responds with HTTP 500 and the following JSON body (UUID varies per request): { "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "serverErrorCode": "INTERNAL_ERROR" } Use code with caution. Json This happens consistently. Previously, with other key pairs or different P8 processing attempts, I was getting AUTHENTICATION_FAILED (401) or local DECODER errors. Now that the key parsing is successful on my end with this current key pair and setup, I'm hitting this INTERNAL_ERROR. Troubleshooting Done: Verified Key ID (9368dddf...) is correct and corresponds to the key generated via CloudKit Dashboard. Verified Container ID (iCloud.com.dannybaseball.Danny-Baseball) is correct. Successfully parsed the private key from the environment variable (after base64 decoding) within the Vercel function. Meticulously checked the signing string components (Date, BodyHash, Path) against Apple's documentation. Path format is /database/1////. Ensured all required headers are present with correct values. Local Node.js tests (bypassing Vercel but using the same key data and signing logic) also result in this INTERNAL_ERROR. Question: What could cause CloudKit to return an INTERNAL_ERROR (500) for a /users/current request when the client-side key parsing is successful and all request components (path, body hash for signature, date, headers) appear to conform exactly to the Server-to-Server Web Services Reference? Are there any known subtle issues with EC keys generated via openssl ecparam (and then converted to PKCS#8) that might lead to this, even if crypto.createPrivateKey parses them in Node.js? Could there be an issue with my specific Key ID or container that would manifest this way, requiring Apple intervention? Any insights or suggestions would be greatly appreciated. I can provide more detailed logs of the request components if needed. Thank you!

Hi I am a new self taught developer who is atm working on the backend of my app. My app successfully collects location of users and stores it to cloudkits public database. I now want to write a python script and run it on a local server on my windows terminal which fetches users who are in a certain proximity to each other so i can trigger a flow on the app. Can someone first of all tell me if this is even possible the way im attempting it. Also atm all i am doing is generating a server to server key which makes me generate a public and private key and i use the private key file eckey.pem plus key id plus container plus team ID to query the required data. but when i run it i get a 401 error (no authorization). I am so stumped as there arent many resources available to help direct me to the right path. Can someone please offer some help/insight/confidence. thanks alot

I'm trying to set up server-to-server authentication with CloudKit Web Services, but keep getting AUTHENTICATION_FAILED errors. I've tried multiple environment settings and debugging approaches without success. What I've Tried I created a Swift script to test the connection. Here's the key part that handles the authentication: // Get current ISO 8601 date let iso8601Formatter = ISO8601DateFormatter() iso8601Formatter.formatOptions = [.withInternetDateTime] let dateString = iso8601Formatter.string(from: Date()) // Create SHA-256 hash of request body let bodyHash = SHA256.hash(data: bodyData).compactMap { String(format: "%02x", $0) }.joined() // Get path from URL let path = request.url?.path ?? "/" // String to sign let method = request.httpMethod ?? "POST" let stringToSign = "\(method):\(path):\(dateString):\(bodyHash)" // Sign the string with EC private key let signature = try createSignature(stringToSign: stringToSign) // Add headers request.setValue(dateString, forHTTPHeaderField: "X-Apple-CloudKit-Request-ISO8601Date") request.setValue(KEY_ID, forHTTPHeaderField: "X-Apple-CloudKit-Request-KeyID") request.setValue(signature, forHTTPHeaderField: "X-Apple-CloudKit-Request-SignatureV1") } I've made a request to this endpoint: What's Happening I get a 401 status with this response: "uuid" : "173179e2-c5a5-4393-ab4f-3cec194edd1c", "serverErrorCode" : "AUTHENTICATION_FAILED", "reason" : "Authentication failed" } What I've Verified The key validates correctly and generates signatures The date/time is synchronized with the server The key ID matches what's in CloudKit Dashboard I've tried all three environments: development, Development (capital D), and production The container ID is formatted correctly Debug Information My debugging reveals: The EC key is properly formatted (SEC1 format) Signature generation works No time synchronization issues between client and server All environment tests return the same 401 error Questions Has anyone encountered similar issues with CloudKit server-to-server authentication? Are there specific container permissions needed for server-to-server keys? Could there be an issue with how the private key is formatted or processed? Are there any known issues with the CloudKit Web Services API that might cause this? Any help would be greatly appreciated!

Hello everyone, I’m currently developing an Electron application, and I’m trying to properly sign and notarize it for macOS. The notarization process itself seems to complete successfully—the file is accepted without issues. However, when I attempt to staple the notarization ticket to the executable, I consistently get Error 65 with TheStableAndValidateActionFailed. The issue is puzzling because the executable does not change at any point during the process. After facing this issue multiple times in my own project, I decided to test it on a more controlled setup. I followed the steps from this https://www.youtube.com/watch?v=hYBLfjT57hU and the instructions from this macos-code-signing-example which have previously worked for others. Yet, even with this setup, I still get the same Error 65. Below, I have attached the verbose logs for reference. I’m trying to understand what could be causing this issue—whether it’s related to certificates, the signing process, or something else entirely. Has anyone encountered a similar problem, and if so, how did you resolve it? Any insights would be greatly appreciated!

I've developed an app that contains an inbox that displays message from a CloudKit container. Works perfectly on simulator. Once I tried to run it on a phone..in Xcode debug environment and TestFlight it is unable to complete any transactions with production database. I'm running out of ideas. So far I have tried: Verify settings between debug and release in Signing & Capabilities Add CloudKit.framework to Framework, Libraries, and Embedded Content Verify record and key names verify .entitlements files Please help!

Hello, everyone! I'm using CloudKit JS with a React SPA to allow users from a mobile app to access their data in a web browser. Currently, the project is still under development so there are no public users beside my team. The way I've integrated CK JS in my app is via their CDN, importing the required url in my index.html file. However, I'm having issues with the Authentication using Apple Sign In. While the Sign In and Sign Out buttons work correctly for me and my teammates, the session is not persisted for everyone. Actually, I'm the only one from me team that does not have to log in every day. I have the following configuration function: export const configureCloudKit = () => { window.CloudKit.configure({ locale: 'en-us', containers: [ { containerIdentifier: CONTAINER_ID, apiTokenAuth: { apiToken: API_TOKEN, persist: true, signInButton: { id: 'apple-sign-in-button', theme: 'black', }, signOutButton: { id: 'apple-sign-out-button', theme: 'black', }, }, environment: 'development', }, ], }); }; As you can see, I'm using the persist:true option so there shouldn't be any issues with having a persistent session. From my research, I found that CloudKit JS sets a cookie called iCloud.com.myContainerName and if I delete that cookie, when I reload the browser, the session is indeed lost. This happens for all my teammates, same cookie and same behavior. Nevertheless, I also found three cookies that are not present for any of my teammates but me (using Google Chrome). Those are called: X-APPLE-WEBAUTH-AC-PARTITION X-APPLE-WEBAUTH-AC-SERVERINFO X-APPLE-WEBAUTH-AC-TOKEN But even if I delete those cookies, the session is not lost for me. Does anyone know whether I'm doing something wrong with the configuration? Or if there are something I'm not taking into account regarding the cookies handling in my project?

Hi, it is possible to accept an invitation to a zone in a shared db using cloudkit js, but can you subscribe to receive change notifications? It doesn't look like you can create a database subscription (and zone or query types don't seem appropriate for shared databases). Does that mean you can't get notified and you have to keep polling the cloudkit container for changes? If so, why such a limitation? Thanks

Cloudkit.js user authentication cannot work any more. This causes one of my web apps which has been working for quite a few years stop to work. Can someone fix it? You can reproduce the error with the official CloudKitJS catalog: https://cdn.apple-cloudkit.com/cloudkit-catalog/#authentication

Hello, everyone! I'm currently working in creating a new web app that will replicate the functionalities of an existing iOS and Mac app. However, since those apps rely on CloudKit to manage all user information, we decided on using CloudKit JS as our backend for our web app. The framework we chose for developing our frontend is React. The question is, since this documentation only mentions the CloudKit JS usage through a CDN (embedded directly in the HTML file) I wanted to ask: is there a "suggested" method for using CloudKit JS in a React project other than importing the CDN in the main html file? in case not, should we use a "traditional" server to access data like they suggest in this thread? All your help will be very much appreciated. Best regards, Eduardo

An iOS app I'm developing also has an external website where users can contribute data to the app's CloudKit public database. Using CloudKit JS, I require users to log in with their Apple ID on the website before submitting data that is sent to the public database. I need to capture the user's name and/or email address from their Apple ID info so the contributed data can be tied to a particular person, I can limit how much data each person contributes, etc. It all works great if I log in with my Apple ID, including that the web app captures my name and saves it to the public database. The problem is that for any other Apple ID I try (a family member's or friend's, or a sandbox one I've created), the web app cannot obtain the user's name or email address, even when they successfully authenticate with their Apple ID. I also can't figure out how to make the web app ask the user for permission for their name or email to be discoverable. On the CloudKit container page where I created the web API token, I checked the box for "Request user discoverability at sign in", but that doesn't make any prompt appear during the login process. Anyone know how to force a prompt to the user to let their info be discoverable? Thanks!

I would like to create a database to store data that can be accessed between app users. A user creates an account through the app. Another user can then find it via the name of the user. Importantly, both devices are completely independent and not connected to the same Apple ID. Does anyone there know a solution? Greetings -Janik

#1 As a new starter, I just created a new sample app in Xcode and added iCloud capability. On the CloudKit dashboard I do see the container but selecting the specific container shows the following message in red "Error loading container details." #2 I was able to create a new RecortType via the cloud kit dashboard UI but when I try to create a record form the dashboard UI somehow it does not let me select the record type of the record (I see it in the list but its grayed out). I am not sure what the reason for #1 and #2 and if the two issues are related. Could not find any help online. I am trying to create an app directly with cloudKit and Javascript (not a companion IOS app). Any help would

I am trying to implement the Apple Sign-In feature on my web app, which is deployed on Heroku. However, I am encountering the following error in my browser console: DevTools failed to load source map: Could not parse content for https://cdn.apple-cloudkit.com/ck/2/resources/cloudkit.js.map: Unexpected token '<', "<!DOCTYPE "... is not valid JSON. I'm sure this is prob some simple thing that I am overlooking. I've searched through my code. Used ChatGPT as a tool to help me troubleshoot (actually what recommended I post here). Searched Stack Overflow. Can anyone help me troubleshoot this issue? Any suggestions would be greatly appreciated. Thanks!

Hello, I'm new to software development sorry if this is worded incorrectly. I understand that Cloudkit telemetry data is available on the cloudkit dashboard. However, my question is if there is a public endpoint or any plans in the future for one to access telemetry data such as notifications, database stats, and usage. ex: https://api.icloud.apple.com/v1/telemetry/

I am looking to sync contacts in iOS devices from our business app. The Business app might be an azure function app or a web app. Can we do it through the cloud kit js?

I am designing my first app as part of my degree program and I’m looking for information on how to store a database for my game like app in a way that all users of the game can access the info in the database. My game consists of draws that users are added to and if a user is part of a draw, they can add it to the app on their own phone to follow the progress of the draw, how many entries they have, how many entries others have, what colour they want their draw entries to be, etc. i am planning to have all of this info in a database but I’m not sure where to have the database so users can access it? Is that something game centre can do? Or if there is a totally different way I should be going about this, I’m open to suggestion. Or is that something cloudkit js does? Just saw that in the tags. Thanks

Anyone know how to load a large number of records into the CloudKit public database? I need to load 1.2million records (about 150Mb) into the public database. no binary data. basically just a bunch of exchange rates that I need to have available to all my users. I've been trying for months. have tried: loading into core data on a device or simulator individually or in batches ranging from 400 records to 2500 (more than that exceeds batch size limits). it will start to sync and then stop. can often get it to restart by restarting device or similator but will eventually corrupt the database in iCloud requiring a reset of the environment. generally can get the load to go for a few days and load maybe 500k records before it breaks. to do that have to put delays up to a minute between batches loaded into core data. have tried doing it using the CloudKit.js framework and loading from a server. this works for a small number of records. but limits are really small doing it through that interface. after a while it locks you out. don't get anywhere near the number of records I need to load. I'm stuck. has anyone found a way? same issue on all versions of iOS - 14, 15, 16b1