Hi everyone, I have a question regarding the intended privacy limits of the DeviceActivityReportExtension. According to the documentation and the WWDC21 session "Meet the Screen Time API", this extension was created specifically to prevent the host application from accessing the user's underlying activity data (websites visited, app usage, screen time, etc). But I have found that my host app is actually able to reconstruct this raw activity data from the activity report. I am able to extract specific visited websites and app usage durations back into the main app. I reported this to Apple Security (Case ID: OE1100504480881 ), assuming it was a sandbox bypass. However, they closed the ticket stating that this is "expected behavior" and requires no fix. My question for Screen Time Engineers: Is the documentation incorrect? If my host app is expected to be able to read this data, is there a formal API we should be using instead of extracting it from the report extension? The current behavior contradicts the privacy limits described in the documentation, so I am confused if I should rely on this data access for my app features or if it will be patched later. Thanks.

Description: I am developing a digital well-being application using the Screen Time API (FamilyControls, ManagedSettings, and DeviceActivity). I am encountering a critical issue where the ApplicationToken provided by the system to my app extensions suddenly changes, causing a mismatch with the tokens originally stored by the main application. The Problem: When a user selects applications via FamilyActivityPicker, we persist the FamilyActivitySelection (and the underlying ApplicationToken objects) in a shared App Group container. However, we are seeing frequent cases where the token passed into: ShieldConfigurationDataSource.configuration(shielding:in:) ShieldActionDelegate.handle(action:for:completionHandler:) ...does not match (using ==) any of the tokens previously selected and stored. IOS version: 26.2.1

Hi there, Starting with iOS 26.2 RC, all my DeviceActivityMonitor.eventDidReachThreshold get activated immediately as I pick up my iPhone for the first time, two nights in a row. Feedback: FB21267341 There's always a chance something odd is happening to my device in particular (although I can't recall making any changes here and the debug logs point to the issue), but just getting this out there ASAP in case others are seeing this (or haven't tried!), and it's critical as this is the RC. DeviceActivityMonitor.eventDidReachThreshold issues also mentioned here: https://developer.apple.com/forums/thread/793747; but I believe they are different and were potentially fixed in iOS 26.1, but it points to this part of the technology having issues and maybe someone from Apple has been tweaking it.

Hi DTS / Apple engineers, We’re attempting to extending our screen time app target to Mac Catalyst. On iOS, FamilyControls works as expected (AuthorizationCenter + FamilyActivityPicker, then ManagedSettings shields + DeviceActivity monitoring/reporting). On Mac Catalyst: The project builds with FamilyControls/DeviceActivity/ManagedSettings capabilities enabled. But attempting to request FamilyControls authorization (or present FamilyActivityPicker) fails at runtime. We see errors similar to: Failed to get service proxy: The connection to service named com.apple.FamilyControlsAgent was invalidated: failed at lookup with error 159 - Sandbox restriction. And our app stays authorizationStatus == .notDetermined, with the request failing. We saw an Apple engineer suggestion to “disable App Sandbox”, but Mac Catalyst apps appear to always be sandboxed, so we can’t disable it. Questions: Is FamilyControls authorization supported on Mac Catalyst today? If so, what entitlement/capability is required specifically for Catalyst/macOS? If FamilyControls auth cannot succeed on Catalyst, does that mean ManagedSettings shields and DeviceActivity monitoring/reporting are effectively unusable on Catalyst (since they depend on that authorization)? Is there an Apple‑recommended approach for a Catalyst “portal” app that mirrors an iOS child device’s restrictions, or is local enforcement on Catalyst intentionally unsupported? Any guidance (and any official docs that clarify current platform support) would be hugely appreciated.

There is an inconsistent issue when views are rendered from the Device Activity Report Extension. This issue is noticeable only on release versions and it works fine in debug mode. Around 80% of the times, the Report Views return blank screen and this is only the case when a weekly/monthly filter is used. Although, it works as expected for daily report views. My questions are: How are all the Report Activity Views working fine in debug mode but not in release mode? How the daily activity filter works fine in the release mode but the weekly/monthly filters don't work? Is this because of a memory limit issue in the extension? As of now, I have the family-controls(distribution) entitlement only for the app and for the extensions I only have family-controls(development) entitlement. Do I need to request for family-controls(Distribution) entitlement even for the extensions? I have seen threads on the forum mentioning the blank screen issue associated with the DeviceActivityReport but haven't found a solution to it. Any suggestions/feedback would be of great help, thanks.

DeviceActivityReportExtension issues Hi, I am currently working on a project and hoping to use DeviceActivityReportExtension. I have already successfully set up the DeviceActivityMonitorExtension and that is working correctly, but can't get this to reproduce. I initially had a complex capacitor project which displayed a native UI screen which (tried to) display the screen time report though it was failing silently. I tried a much simpler setup with a pure swift project (not an iOS dev so forgive my poor code quality) and still having an issue getting this to render on my computer. Here is a reproduction: https://github.com/ethanmichel0/screen-time-report-bug-recreation/tree/main Does this code work for others? and if not do you know how I can set this up? idk if my Xcode or iOS versions are incompatible (see versions in that link). Would be super grateful for some help, thanks so much.

On iOS 26.2 (23C55), DeviceActivityMonitor.eventDidReachThreshold fires intermittently for a daily schedule (00:00–23:59) even when iOS Screen Time shows 0 minutes for the selected apps that day. This causes premature shielding via ManagedSettings. Environment: iPhone 13 Pro Max, iOS 26.2 (23C55). Event selection: 2 apps. Threshold: 30 minutes. Multiple TestFlight users report the same behavior across various app selections and thresholds. Intermittent (~50% of days); sometimes multiple days in a row. Not observed in testing prior to iOS 26.2. Evidence: sysdiagnose + Screen Time screenshots (with 0 screen time on selected apps) + unified logs show UsageTrackingAgent notifying the extension that “unproductive from activity daily reached its threshold,” followed immediately by ManagedSettings shield being applied (extension reacting to the callback). Filed Feedback Assistant: FB21450954. Questions: Are others seeing this on 26.2? Does it correlate with restarting monitoring at interval boundaries or includesPastActivity settings?

Hi, I got family controls (distribution) approved for my main app and assumed this would carry over to my extensions but it did not. Do I need to re-request for other the deviceactivitymonitorextension and deviceactivityreportextension?

I am getting this error when I try to show device activity report view by this DeviceActivityReport(appsContext, filter: filter) Attempt to map database failed: permission was denied. This attempt will not be retried. I have taken access by this way. AuthorizationCenter.shared.requestAuthorization(for: .individual) Detailed errors: LaunchServices: store (null) or url (null) was nil: Error Domain=NSOSStatusErrorDomain Code=-54 "process may not map database" UserInfo={NSDebugDescription=process may not map database, _LSLine=72, _LSFunction=_LSServer_GetServerStoreForConnectionWithCompletionHandler} Attempt to map database failed: permission was denied. This attempt will not be retried.

I am getting this error when I try to show device activity report view by this DeviceActivityReport(appsContext, filter: filter) Attempt to map database failed: permission was denied. This attempt will not be retried. I have taken access by this way. AuthorizationCenter.shared.requestAuthorization(for: .individual)

I am getting this error when I try to show device activity report view by this DeviceActivityReport(appsContext, filter: filter) Attempt to map database failed: permission was denied. This attempt will not be retried. I have taken access by this way. AuthorizationCenter.shared.requestAuthorization(for: .individual)

On pressing the secondary button on my ShieldConfigurationExtension, I remove the shields by setting shields in the named ManagedStore to nil in my ShieldActionExtension. // ShieldActionExtension.swift let store = ManagedSettingsStore() store.shield.applications = nil store.shield.applicationCategories = nil Now after some duration I want to re-apply the shields again for which I do the following: // ShieldActionExtension.swift DispatchQueue.main.asyncAfter(deadline: .now() + unlockDuration) { [weak self] in self?.reapplyShields(for: sessionId, application: application) } private func reapplyShields(for sessionId: String, application: ApplicationToken) { store.shield.applications = Set([application]) } Followed by the completionHandler: // ShieldActionExtension.swift completionHandler(.defer) Now the expectation is ShieldConfigurationExtension should be re-triggered with store.shield.applications = Set([application]), however I see the default iOS screen time shield. This behavior is experience when the blocked app is running in the foreground. However, if I close and re-open the blocked app - the ShieldConfigurationExtension is trigerred again correctly. If I do a completionHandler(.none) instead, the overriden configuration method in ShieldConfigurationExtension is not triggered. How do I make sure ShieldConfigurationExtension is triggered if the blocked app is running in the foreground when the shields are re-applied again?

I'm stuck in an impossible situation with DeviceActivityReportExtension on iOS 18. THE ISSUE: Configuration that works on device (iOS 18.2): Info.plist has only NSExtensionPointIdentifier Swift code uses u/main attribute App installs and runs perfectly Extension works correctly App Store validation FAILS: "Missing NSExtensionPrincipalClass" Adding NSExtensionPrincipalClass (as validation requests): Device installation FAILS with Error 3002 Error says: "NSExtensionPrincipalClass key is not allowed for this extension point" Cannot test on device Validation would likely pass ENVIRONMENT: Xcode 16.2 iOS 18.2 Extension point: com.apple.deviceactivityui.report-extension EVIDENCE IT'S WIDESPREAD: Apple Forums (3 days ago): https://developer.apple.com/forums/thread/812380 Stack Overflow (1+ year): https://stackoverflow.com/questions/77866230/ ROOT CAUSE: iOS 18 changed this extension to use u/main pattern (no NSExtensionPrincipalClass needed). App Store validation hasn't been updated and still expects iOS 17 configuration. WHAT I'VE TRIED: ✅ All deployment targets set to iOS 18.3 ✅ Code follows Apple's WWDC 2022 guidance ✅ All entitlements correct ✅ Info.plist validated ✅ Clean builds ✅ Works perfectly on device No configuration satisfies both device runtime AND App Store validation. Has anyone successfully uploaded an app with DeviceActivityReportExtension to TestFlight on iOS 18? Any workarounds? This is blocking TestFlight deployment completely.

A screen time app I'm making has started telling users that their limit was reached even when they're far below their limit for the day (sometimes even at 0 minutes for the day). This issue only started happening after upgrading my software to iOS 26.2. Is this happening to anyone else? If so how have you found any solutions or does anyone know of any changes that could be causing this? Any help would be appreciated.

Hi everyone, I'm hoping someone can share their experience or offer advice on entitlement request timelines. I previously had two bundle IDs approved for an app I'm testing via TestFlight - both were approved within a few days. I recently submitted a request for a third bundle ID (JMSHRM8W5J), and after realizing I may not have included enough detail, I submitted a follow-up request (XS2QYC59UU) with more context. It's now been almost three weeks, which is significantly longer than my earlier approvals - though I recognize some of that time included the holidays. A few questions for the community: Has anyone experienced longer wait times for additional entitlements on an existing project (with approved entitlements)? Did submitting a second request help or potentially slow things down? Is there anything I should include in a request to improve chances of quick approval? Any insight would be appreciated. Thanks!

We're building a parental control app using FamilyControls (.child authorization). Our architecture: Parent sends pause command → Firestore + FCM Child receives push → NotificationService Extension triggers main app Main app sets ManagedSettings Shields Problem: If child disables Notifications in Settings and force-quits the app, we cannot enforce Shields. What we've tried: Firestore Realtime Listener (works only when app is running) DeviceActivityMonitor (intervalDidStart/End only triggers at schedule boundaries, eventDidReachThreshold requires explicit app selection via FamilyActivityPicker) Question: Is there a recommended approach for parental control apps to reliably enforce Shields when the child has disabled notifications? Or is this a known limitation?

I'm running into a contradictory requirement involving the DeviceActivity Report extension (com.apple.deviceactivityui.report-extension) that makes it impossible to both: upload the app to App Store Connect, and install the app on a physical device. This creates a complete catch-22. 📌 Overview My extension: Path: Runner.app/PlugIns/LoADeviceActivityReport.appex Extension point: com.apple.deviceactivityui.report-extension Implementation (SwiftUI): import SwiftUI import DeviceActivity @main struct LoADeviceActivityReport: DeviceActivityReportExtension { var body: some DeviceActivityReportScene { // ... } } This is the standard SwiftUI @main DeviceActivityReportExtension template. 🟥 Side A — iOS runtime behavior (device installer) If I add either of these keys to the extension's Info.plist: NSExtensionPrincipalClass NSExtensionMainStoryboard then the app cannot be installed on a real iPhone/iPad. The device installer fails with: Error 3002 AppexBundleContainsClassOrStoryboard NSExtensionPrincipalClass and NSExtensionMainStoryboard are not allowed for extension point com.apple.deviceactivityui.report-extension. To make the app install and run, I must remove both keys completely. This leaves the extension Info.plist like: NSExtension NSExtensionPointIdentifier com.apple.deviceactivityui.report-extension With this, the app installs and runs correctly. 🟥 Side B — App Store Connect upload validator However, when I upload the IPA with the runtime-correct Info.plist, App Store Connect rejects it: State: STATE_ERROR.VALIDATION_ERROR (HTTP 409) Missing Info.plist values. No values for NSExtensionMainStoryboard or NSExtensionPrincipalClass found in extension Info.plist for Runner.app/PlugIns/LoADeviceActivityReport.appex. So ASC requires that at least one of those keys be present. 💥 The catch-22 If I add PrincipalClass / MainStoryboard: ✔ App Store Connect validation passes ❌ But the app can NOT be installed on any device (Error 3002) If I remove PrincipalClass / MainStoryboard: ✔ The app installs and runs correctly ❌ ASC rejects the upload with “Missing Info.plist values” There is currently NO Info.plist configuration that satisfies both: Runtime: "NSExtensionPrincipalClass and NSExtensionMainStoryboard are not allowed." App Store Connect: "You must include NSExtensionPrincipalClass or NSExtensionMainStoryboard." 📌 Expected behavior For SwiftUI @main DeviceActivityReportExtension, the documentation and examples suggest the correct configuration is: NSExtensionPointIdentifier com.apple.deviceactivityui.report-extension with no principal class or storyboard at all. If that is correct for runtime, ASC seems to need updated validation rules for this extension type. ❓My Questions What is the officially correct Info.plist configuration for a SwiftUI DeviceActivityReportExtension? Should principal class / storyboard not be required for this extension type? Is this a known issue with App Store Connect validation? Is there currently a workaround that allows: installation on device and successful App Store Connect upload, without violating runtime restrictions?

Hello! I am experiencing some strange bugs around DeviceActivityEvents: When creating a DeviceActivityEvent we can assign a threshold and applicationTokens. The idea is, that after the user has spent said threshold on said apps, eventDidReachThreshold is called. includesPastActivity is set to false. On iOS 26 however, it happens (quite reliably after updating to a new beta seed) quite often that eventDidReachThreshold is called immediately (after a couple of seconds) instead of waiting for the threshold to be met. Is anyone else seeing similar issues on iOS 26? Only workaround I have found is to ask users to re-grant Screen Time permissions. This only holds for about two weeks though or at most until the next iOS 26 beta update is installed. Feedback filed under: FB18061981 FB18927456

Hello, I'm currently experiencing an issue with the DeviceActivityMonitor extension in my code, specifically with the eventDidReachThreshold callback. I'm hoping to get some insights into why this problem occurs and how to resolve it. Problem: Issue 1: The eventDidReachThreshold callback is not triggering as expected. It appears that the callback is not being invoked when the threshold is reached. Issue 2: After a few seconds, the eventDidReachThreshold callback starts to trigger multiple times. This unexpected behavior is causing problems in my code, as it results in incorrect actions being taken. iOS version: iOS16.7.2 and iOS17.1 Xcode version: 15.0.1 Swift version: 5.9 Here is my code to start the monitoring: func startMonitoring() { var startTime : DateComponents = DateComponents(hour: 0, minute: 0) let endTime : DateComponents = DateComponents(hour: 23, minute: 59) /// Creates the schedule for the activity, specifying the start and end times, and setting it to repeat. let schedule = DeviceActivitySchedule(intervalStart: startTime, intervalEnd: endTime, repeats: true, warningTime: nil) /// Defines the event that should trigger the encouragement. let event = DeviceActivityEvent(applications: socialActivitySelection.applicationTokens, categories: socialActivitySelection.categoryTokens, webDomains: socialActivitySelection.webDomainTokens, threshold: DateComponents(minute: 2)) let events: [DeviceActivityEvent.Name: DeviceActivityEvent] = [.socialScreenTimeEvent : event] do { activityCenter.stopMonitoring([.socialScreenTime]) /// Tries to start monitoring the activity using the specified schedule and events. try activityCenter.startMonitoring(.socialScreenTime, during: schedule, events: events) } catch { /// Prints an error message if the activity could not be started. print("Could not start monitoring: \(error)") } } If there are any known workarounds or potential solutions, please share them. Thank you for your help in resolving this problem.

When I tap on one of the buttons in the ShieldAction extension I want to close the shield and open the parent app instead of the shielded app. Is there any way of doing this using the Screen Time API? class ShieldActionExtension: ShieldActionDelegate {      override func handle(action: ShieldAction, for application: ApplicationToken, completionHandler: @escaping (ShieldActionResponse) -> Void) {     // Handle the action as needed.           let store = ManagedSettingsStore()               switch action {     case .primaryButtonPressed:       //TODO - open parent app       completionHandler(.defer)     case .secondaryButtonPressed:       //remove shield       store.shield.applications?.remove(application)       completionHandler(.defer)         @unknown default:       fatalError()     }   }   }