We've put in a feedback assistant request, but not sure if we will get feedback in that channel or not and also want to highlight for others. When replacing a basic passcode profile on a macOS device with a passcode declaration, the user is required to change the password after logging out and back in. Explicitly including the "ChangeAtNextAuth" key set equal to false, set required a password change after logging out and back in. Once the declaration is active and the password has been changed, future updates to the passcode declaration do not require a password change unless the existing password is not compliant. Steps to reproduce: Install a basic passcode profile on a macOS device Ensure the existing password matches the requirements specified in the profile Install a passcode declaration with the same settings as the passcode profile currently installed Remove the traditional passcode profile from the device After the passcode declaration is installed, check the local pwpolicy with the command pwpolicy getaccountpolicies and look for the key policyAttributePasswordRequiredTime Log out of the macOS device Log back into the macOS device and you are presented with a change password prompt Expected result: Simply replacing an existing passcode profile with the exact same settings in a passcode declaration should not require a password change if the existing password is compliant. Actual results: After replacing the passcode profile with a passcode declaration, a password change was required even though the existing password was compliant. Initial testing was done with a macOS VM running 15.5. Additional testing has now been done with a macOS VM running 26.4.1 and the same behavior was observed.

Is system_profiler the recommended approach for retrieving installed application data on macOS? If not, what is the preferred and reliable alternative to fetch a consistent and complete list of installed applications?

Requesting com.apple.managed-keychain Entitlement for Enterprise S/MIME Cert Visibility Platform: iOS | Distribution: MDM (Microsoft Intune) | Not App Store We are developing an internal enterprise iOS app (EMS Assist, com.company.supportcompanion) for Company deployed exclusively to Intune-managed devices. Our requirement: Read S/MIME certificates pushed to the device via Intune SCEP profiles to: Confirm cert presence in the MDM-managed keychain Read expiry date (kSecAttrNotValidAfter) to warn users before expiry Distinguish between missing, expired, and valid cert states What we have tried: Standard SecItemCopyMatching query — returns only app-installed certs, not MDM-pushed certs Graph API (deviceConfigurationStates) — confirms profile compliance but does not expose actual cert expiry or keychain presence Our understanding: com.apple.managed-keychain is required for an app to access MDM-managed keychain items on supervised devices, combined with a matching keychain-access-groups entitlement and the cert profile configured as "always available" in MDM. Questions: Is com.apple.managed-keychain the correct entitlement for this use case? Does it apply to SCEP/PKCS-issued certificates specifically, or only other MDM keychain items? Has anyone successfully accessed Intune-pushed S/MIME certs from an iOS app using this entitlement? Any guidance from the community or Apple engineers would be appreciated.

Hi, I’m looking for clarification on TN3134: Network Extension provider deployment, specifically iOS deployment requirements for: packet tunnel provider DNS proxy provider From the documentation: Packet Tunnel Provider App extension (min iOS 9.0): per-app mode requires a managed device DNS Proxy Provider App extension (min iOS 11.0): supervised devices only App extension (min iOS 11.0): per-app mode requires managed devices Issue I implemented a DNS proxy using NEDNSProxyManager. Works as expected in debug builds on a local device Fails to configure when distributed via TestFlight Console Output (TestFlight build) error 10:05:39.872258-0500 nehelper The production version of *** is not allowed to create DNS proxy configurations. Use MDM to create DNS Proxy configurations for the production version of ***. Question Is it possible to distribute a DNS proxy provider for use on non-MDM / non-supervised devices? If not: Is the limitation strictly enforced at distribution/runtime? Is a packet tunnel provider the only viable alternative for App Store distribution? There is a lot of different VPN apps on the App Store that appear to work out of the box without MDM or supervision, which suggests they are using a different deployment model. Thank you for any clarification or guidance!

Issue - Falcon application is intermittently not detected using system_profiler command Use case - We are trying to fetch the list of installed applications on macOS using the system_profiler command. While this works for most applications, we are observing inconsistent behavior with the Falcon application — it is sometimes detected as installed and sometimes missing from the results, even though it is present on the system. This inconsistency is causing issues in reliably tracking installed security software. Command used - /usr/sbin/system_profiler SPApplicationsDataType

Hello everyone, My app has been stuck in "Waiting for Review" for a long time, and I would like to know whether this is normal or whether I should take any additional action. App name: ختمة يومية Submission date: March 7, 2026 at 3:34 AM Current status: Waiting for Review I have already completed the required app information, including the TestFlight/App Review details, and there are no visible missing items in App Store Connect. I would like to ask: Is this review delay normal at the moment? Has anyone experienced a similar delay recently? Is there anything else I should check in App Store Connect? Would contacting App Review again help in this case? I would appreciate any advice or shared experience. Thank you.

We are facing a critical issue with our Apple Developer account that is currently blocking app releases. Context: Organization account (Apple Developer Program) Account Holder: Ben Kunkel Apple Business Manager integrated with Okta (SCIM) Issue: The original Account Holder was deleted from Apple Business Manager and re-created via SCIM The recreated account now shows as “Staff” (Source: Custom Sync) and cannot be modified In Apple Developer, Ben is still listed as Account Holder but does not see any options to accept agreements or manage the account A transfer request was initiated to me before he left the company, but I am unable to complete identity verification (“Invalid Submission” error) Result: No active Account Holder can take action Unable to accept the updated Apple Developer Program License Agreement App submissions and updates are blocked (production impact) This appears to be a cross-system identity mismatch between Apple Business Manager and Apple Developer due to SCIM provisioning. Has anyone faced a similar issue? Any guidance on resolving this or getting it escalated internally would be greatly appreciated. We already have open cases with Apple Support, but progress has been slow. Thanks in advance.

I enrolled in the Apple Developer Program about 7 days ago, but my account is still showing as “Pending,” and I haven’t received any updates yet. I’ve already contacted Apple Developer Support via email, but I haven’t heard back so far. I wanted to check if this waiting period is typical, or if I should take any additional steps to complete the enrollment process. Has anyone experienced a similar delay recently? Any guidance on the usual approval timeline would be appreciated.

Hello, I'm working in the team with 70 i(Pad)OS test devices running 24/7, and 40 of them are iOS 18 or 26. The problem is: for enterprise apps to be tested (signed with ADEP inhouse profile) the devices over iOS 18 require Enterprise App developers to be allowed at least once with physical control on-device after reboot, which is quite burdensome because we put all the devices in the restricted area, supposed to be used from the remote. Devices are logged into Apple ID for the prevention of Activation Lock but no preparation nor management via MDM over Apple Configurator 2. Is there any binary, tool, app that can check (letting us allow devices for those developers would be even better) if the Enterprise App developer(s) are allowed for the device via terminal or VNC?

Hello everyone, I’m posting here to see if someone from the Apple team or the community could help or provide guidance regarding my Apple Developer Program enrollment. My name is Bruno, and I represent 2B Digital LLC. I submitted my enrollment on February 15, under Application ID: 946JTL58KD, with the intention of developing and distributing iOS applications. Since then, my application has remained under review, and unfortunately I have not received any response so far. I also opened a support ticket but have not received any reply there either. At this point, I would really appreciate any update regarding the status of my enrollment or guidance on what steps I should take next. Thank you in advance for any help.

Hey everyone, I applied for the App Store Small Business Program on February 18th and I still haven't heard anything back, that's almost 20 days now. Is this normal? How long did it take for those of you who got approved? I'm starting to wonder if my application even went through correctly. Would really appreciate hearing your experiences — especially if you applied recently. Did anyone else wait this long? Thanks

I’m looking for advice from anyone who has gone through the process of converting an Apple Developer account to an Organization / Company account. I’ve been trying to convert my account for organization and the process has been taking much longer than expected. Apple initially requested documentation to verify both the business and my authority to act on behalf of the company. So far, I have already provided or prepared everything they ask for. At this point, I’ve been waiting for 9 days without much clarity on whether my documents are sufficient

We are experiencing an issue with ADCertificate auto-renewal on macOS devices enrolled via MDM. Platform: macOS CA: Microsoft AD CS Payload Type: com.apple.ADCertificate.managed Initial certificate enrollment works correctly EnableAutoRenewal is set to true Certificate does not renew automatically as it approaches expiry We would like to confirm: Are there any known issues with macOS ADCertificate managed payload auto-renewal, particularly with Microsoft AD CS environments? Below is the exact payload configuration in use: Thank you.

Hi everyone, I’m seeking some advice on a recurring rejection for our app, tassie., regarding Guideline 3.1.1 (In-App Purchase). The Situation: Our app offers walking tours. While we sell public tours via In-App Purchases (which works perfectly), we also create bespoke, private tours for corporate clients (e.g., a specific company teambuilding event or a private anniversary tour). These tours contain company-specific info and are not available for sale to the general public. The Issue: We use "Partner Codes" (Access Codes) to allow employees of these companies to unlock their private tours. Apple keeps rejecting us under 3.1.1, claiming we are bypassing the IAP system. Our Argument: We believe this falls under Guideline 3.1.3(c) (Enterprise Users). The content is bespoke and created for a specific organization. The end-user (the employee) does not pay for this content; it is a B2B transaction between us and the corporation. The content is not relevant to the general public and therefore not suitable for the public IAP storefront. The Question: Has anyone successfully navigated this? We’ve tried explaining the B2B nature in the App Review notes, but the reviewers seem to hit a wall as soon as they see an "input field" for a code. Should we move the "Partner Code" field deeper into the Profile/Settings to distance it from the Shop? Is there a specific way to document the "Bespoke" nature of the content to satisfy the reviewers? Would an Appeal be the best route, or should we request a phone call (which we are currently scheduled for)? Any insights or experiences with Guideline 3.1.3(c) would be greatly appreciated! Thanks in advance, Danique | tassie.

Hello everyone, I enrolled in the Apple Developer Program on February 19th through the Apple Developer App. I completed my payment using mobile carrier billing and successfully uploaded my ID documents for identity verification. However, my account status is still showing as "Pending". I opened a support ticket regarding this issue on February 21st, but I haven't received any response yet. Since it has been 5 days and I am eager to proceed with my work, I wanted to ask if this delay is normal for carrier billing enrollments? Is there any additional step I need to take, or a way to expedite this manual review process? Any advice or help from the community or Apple staff would be greatly appreciated. Thanks!

I want to know about the time it takes to transition from an individual to an organization with Apple's Developer Program. I received an email notifying me that the transition process would begin on February 2nd, 2026, and today, February 19th, 2026, everything still shows as being in progress without any changes. So I want to know the maximum timeframe or how to know if they are actually completing this process. I have sent two support emails, but received no response.

Hi Apple Team, My enrollment ID is 78BT4GJN7C, enrolled at 5th Jan, till today is still "IN PROGRESS". Could you please give me some feedback when the enrollment would be completed?? Or, what should I do to accelerating the progress? Sincerely, Jim

Hi Team, Its been 4 weeks and still my enrollment is reflecting in pending status. I want to set up my application and to do it we have to enroll for the development to give access to the the tech team to configure the application. I am not able to find the contact us info to raise the issue.

Hi, I tried to sign up for the Developer Program 7 times, starting on January 5th. It's now been a month. I contacted customer support, they said to try enrolling through the Apple Developer App. I tried that, it asked me to do an identity verification, which I did, successfully. Then the "enroll" button on the app got grayed out and it says: "Enrollment through the Apple Developer app is not available for this Apple Account. Visit http:// developer.apple.com/programs/enroll/." I go to that link, I click "continue with your enrollment", I pay the $99, it goes through, I don't get charged anything, just a $0.00 authorization transaction, then get the "Order Acknowledgment" email, then nothing happens, it just goes nowhere. Please help. If there is anything I can do, or any more information I should supply for this to go through. I contacted support multiple times, but I don't get any response. My enrollment ID is DPTB3R8T2Z.