I have a in-house delivered app, I updated certificates and delivered the app before expiring, inviting users to update. after certificates expiration people who did not update now must remove the app loosing personal data, and download it again, but app crashes. I know that since iOS 18 in order to trust again an in-house identity, restart is required. What I need to know, is if there is some documentation where is explained the following: if I remove the only app delivered by in-house enterprise profile I have on a customer device, via home, long time tap gesture, "remove the app" then I install again the app, the profile reappears under "VPN and device management" and results already as "trusted" instead if I remove the app directly from settings > VPN and device management, when I re-install the app VPN and device management reappears and developer/app is not trusted, in it asks me to trust again the developer and during the operation, restarts the device, asks me device code and so on. so, my final question is: since it is clear to me that there is a difference between two removal methods, where is this logic described? Is it only present for in-house distribution?

Hi all, if anyone from apple Dev team is seeing this, please do consider supporting device mirroring without the need to login to icloud and with cable connection in addition to wi-fi. I am working in a corporate setting which does not allow us to login to icloud, thus I am unable to use device mirroring when my work really needs is, I am stuck with Quick time preview. I am quite sure, that this does not only apply to me.

hello developers, First priority I couldn't find a proper title for the question :( The reason why I open a topic here is not to find the answer by direct point shooting; My goal is what do Apple, Developer, Companies and Devops teams think and comments about the subject I'm going to ask here? We use Jenkins as the Devops CI/CD tool at our company, and in Macos/Apple/iOS development, we use a lot of Mac Mini devices. Since we build/compilers on a project-based, version-based basis, we cannot get 100% efficiency from our devices. (For example, because the dependencies of a project are different from other projects; we dedicate only 1 Mac Mini to that project. (As the dependecys of the projects are too many and large, the migration process is very difficult for us, the cost of moving to a lower-level Mac Mini device is high / but this is just an example)) While researching, I saw that there is no docker container image for MacOs X (enterprise or legal) and I know about the Apple EULA. (For virtualization, Apple hardware must be used as a basis. Because the MacOs system is paid for on a device-based basis.) What I want to ask here is can I find or create a MacOs docker container image legally? How is the structure of other companies in their CI processes? If I install MacOs with more than one VMware/VirtualBox on Mac Mini, What harm could it do me in Jenkins? (I'm curious about people's comments on this.)

I am helping my company to renew the Enterprise Account, this exercise had been running smoothly in previous year. However, we did submit the application almost 1 month in advance, however, no reply or status update received yet. We had raised several tickets in support but helpless, our account is going to expired on 29-Dec-2024, anyone can share what should we do?

Last week we received this e-mail from Apple, without any information about reasons. Our infrastructure builds on Apple infrastructure and contains more than 1000 iOS devices. We have paid enterprise account until April 2025. Why Apple cancelled our membership? We are reaching out to inform you that your Apple Developer Enterprise Program ("ADEP") membership will be terminated, effective February 12, 2025. Please be assured that this decision is not a result of any action or inaction on your part, and it is not subject to appeal. As of February 12, 2025, you will no longer have access to your membership and account-related services for developing and distributing in-house, internal use software. Certificates, identifiers, and provisioning profiles will be revoked, and the apps associated with your account will no longer function. In accordance with Section 11.3 of the ADEP Agreement, please immediately destroy all Apple Confidential Information that is in your possession or control and note your continuing obligations upon termination. Nothing in this letter should be construed as a waiver of any rights or remedies Apple may have, all of which are hereby reserved.

I know Apple Engineers are busy, It’s great that non-Apple Engineers offer advice and assistance, but I kind of thought there’d be at least a reply from an Apple Engineer on MDM issues? I have posted about apple watch mdm issues and have got none responses

Hey, I have Enterprise Access on the account and have added the passthrough capability and the entitlement on the main project and the "Broadcast Upload" extension, too. The broadcast works except it returns a black screen. I am attaching some screenshots below of the entitlement file. I have tried searching online to no avail, so any help would be greatly appreciated. I am also attaching the code. import Foundation import AVFoundation import ReplayKit class VideoAssetWriter { private var isRecording = false private var outputStream: OutputStream? private func setupConnection() { guard outputStream == nil else { return } print("setting up connection.") let serverIP = macIP let port = 12345 var readStream: Unmanaged<CFReadStream>? var writeStream: Unmanaged<CFWriteStream>? CFStreamCreatePairWithSocketToHost(kCFAllocatorDefault, serverIP as CFString, UInt32(port), &readStream, &writeStream) guard let writeStream = writeStream?.takeRetainedValue() else { print("Failed to create write stream") return } self.outputStream = writeStream as OutputStream self.outputStream?.open() } func startRecording() { isRecording = true } func processVideoSampleBuffer(_ sampleBuffer: CMSampleBuffer) { print("Processing Sample 1") guard isRecording else { return } print("Processing Sample 2") sendVideoChunkToServer(sampleBuffer) } private func sendVideoChunkToServer(_ sampleBuffer: CMSampleBuffer) { guard let imageBuffer = CMSampleBufferGetImageBuffer(sampleBuffer) else { return } print("Processing Sample 3") let ciImage = CIImage(cvPixelBuffer: imageBuffer) let context = CIContext() guard let cgImage = context.createCGImage(ciImage, from: ciImage.extent) else { return } print("Processing Sample 4") let image = UIImage(cgImage: cgImage) if let imageData = image.jpegData(compressionQuality: 0.5) { guard imageData.count <= 10_000_000 else { print("Frame too large: \(imageData.count) bytes") return } if outputStream == nil { setupConnection() } print("sending frame size up connection.") // Convert to network byte order (big-endian) var frameSize = UInt32(imageData.count).bigEndian let sizeData = Data(bytes: &frameSize, count: MemoryLayout<UInt32>.size) _ = sizeData.withUnsafeBytes { outputStream?.write($0.baseAddress!.assumingMemoryBound(to: UInt8.self), maxLength: sizeData.count) } print("sending image data up connection.") // Send frame data _ = imageData.withUnsafeBytes { outputStream?.write($0.baseAddress!.assumingMemoryBound(to: UInt8.self), maxLength: imageData.count) } } } func stopRecording() { isRecording = false outputStream?.close() outputStream = nil } } This is the broadcast picker view wrapper: // Broadcast Picker View wrapper struct BroadcastButtonView: UIViewRepresentable { func makeUIView(context: Context) -> RPSystemBroadcastPickerView { let broadcastPickerView = RPSystemBroadcastPickerView( frame: CGRect(x: 0, y: 0, width: 200, height: 200) ) // Make sure this matches your broadcast extension bundle identifier broadcastPickerView.preferredExtension = "my-extension-bundle-identifier" broadcastPickerView.showsMicrophoneButton = false return broadcastPickerView } func updateUIView(_ uiView: RPSystemBroadcastPickerView, context: Context) { } } The extension SampleHandler: override func broadcastPaused() { print("paused broadcast") // User has requested to pause the broadcast. Samples will stop being delivered. } override func broadcastResumed() { print("resumed broadcast") // User has requested to resume the broadcast. Samples delivery will resume. } override func processSampleBuffer(_ sampleBuffer: CMSampleBuffer, with sampleBufferType: RPSampleBufferType) { print("broadcast received") assetWriter?.processVideoSampleBuffer(sampleBuffer) } Looking forward to any and all help. Information Property list: Information property list for the extension: The capabilities:

Our company has been trying to register for the Apple Developer Enterprise Program since September 15, 2024. However, it wasn’t until early November that we received an email requesting our business information. Following that, we contacted Apple’s team on November 15, 2024, to answer their interview questions. Now, more than a month has passed since that call, and we still have no idea about the status of our approval. When I check the account, it always shows 'Your enrollment is being processed. Your enrollment ID is 8K8SXNKA89.' I’ve also emailed Apple Support but have not received any further response. How much longer will this process take? Apple’s handling of this is excessively slow and frustrating

Hello! Everybody. We receive messages from our partners and customers about Enterprise Program Cancellation at 12 of February 2025. Is it a worldwide phenomenon and the Enterprise program will no longer be available for everyone or it is an issue with our customers and partners? Thank you very much for your replies!

Hi Apple Community, If a macOS Device is FileVault Encrypted, We are using the keys FDE_HasInstitutionalRecoveryKey, FDE_HasPersonalRecoveryKey from SecurityInfo to know the Device Encryption Type. But Some times rarely we get FDE_Enabled as true but both the above mentioned keys as false Also we get SecurityInfo Response patterns like these only if FileVault is enabled in Device with iCloud as option to unlock the disk Can we confirm this pattern or is there any way to know if device is encrypted with options other than Personal / Institutional Types <plist version="1.0"> <dict> <key>CommandUUID</key> <string>SecurityInfo</string> <key>SecurityInfo</key> <dict> ...... ...... ...... <key>FDE_Enabled</key> <true/> <key>FDE_HasInstitutionalRecoveryKey</key> <false/> <key>FDE_HasPersonalRecoveryKey</key> <false/> ...... ...... ...... <key>Status</key> <string>Acknowledged</string> <key>UDID</key> <string>..............</string> </dict> </plist>

Specifically, In (https://developer.apple.com/account/resources/identifiers/): I can't find the Weatherkit option under Capabilities or App Services in the configuration of the identifier. In Xcode: Add WeatherKit capability fail. output log: The capability associated with "WEATHERKIT" could not be determined. Please file a bug report at https://feedbackassistant.apple.com and include the Update Signing report from the Report navigator. Is it related to my region and account? My account is Apple Developer Enterprise Program , the region is Mainland China.

We have a development where we are MDM managing iOS devices and attempting to enforce mutual TLS for all interactions with the MDM. We are DEP provisionng an enrolment profile that utilises an ACME hardware attested Device Identity Certificate. All interactions with the MDM endpoints are correctly utilising the ACME certificate for the client mutual TLS handshake. The certificate has Client Authentication Extended Key Usage. Behind the same API gateway and on the same SNI we are also serving paths to Enterprise application manifests and IPAs. We can see from the phone log and from packet traces the iOS device doesn't offer the Device Identity Certificate for client authentication when retrieving these URLs. We have also tried adding non ACME client certificates from the root trusted by the server to the initial profile with exactly the same outcome. If we temporarily disable the mutualTLS we can see that the request for the manifest has a userAgent of "com.apple.appstored/1.0 iOS/18.2 model/iPhone17,3 hwp/t8140 build/22C5125e (6; dt:329) AMS/1" which is not the same as the mdm interactions. Is it actually possible to achieve mutualTLS to authenticate these downloads or is a different solution required ? Any advice greatly appreciated.

We have an enterprise app for which one of the Users is facing the below error. Unable to verify app Internet connection is required to verify trust of the developer "&lt;Enterprise_distribution_Profile&gt;". This app will not be available until verified. What could be the reason behind this error as only one user is facing the issue. Is there a way to fix it.

I put in an Apple developer support email request more than a month ago and was never emailed backed. I put another email request in again and still nothing. What's going on here? Can someone from apple development support please contact me? We have an issue with renewing our dev program.

How to get developer account to use 500 devices for my internal app testing

Hello We extend the program every year, but after we sent a request for extension we do not receive a response. Our program is ending 23 november and we really need to extend it. We created 2 requests, but we did not receive a response to them either. How can we speed up the decision?

Forum friends hello, our company has an enterprise developer account, the annual fee is 299 US dollars, this account is about to expire, we choose to renew, but in accordance with the requirements of Apple to answer the questions raised, after half a month of waiting, Apple finally rejected our renewal application, the renewal has been successful in previous years, may I ask you have encountered the same problem? Is there any solution? The failure of this account renewal has a great impact on the operation of the company. Thank you for telling us the solution.

I'm trying to create an "Extensible Enterprise SSO" extension as described in the Introducing Extensible Enterprise SSO tech talk. My SSO extension works fine, but I want to be able to access the camera (via AVFoundation) from within the SSO extension. According to this thread (which I can't seem to be able to reply to) - it should be possible to access the camera from within an SSO extension, however this doesn't work for me. When I try to access the camera, I get the permission dialog, but after accepting, the camera preview is empty and no camera frames are produced. I don't get any errors/warnings in the logs, but it immediately fires AVCaptureSession.wasInterruptedNotification notification with AVCaptureSessionInterruptionReasonKey = 1 which corresponds to videoDeviceNotAvailableInBackground. However, the SSO extension view controller is clearly not in the background, so is this a bug - or are there special rules for requesting camera permission in an SSO extension? The same camera access works fine in the host app, just not inside the extension. Interestingly, accessing the camera in a WKWebView using various webcam test pages, doesn't work either. All of these tests have been on iPadOS 18.

Hi Hypothetically, my company has 300 mobile engineers and we're building an iPhone app. Optimally I'd like each mobile engineer to have a physical device which they can do their day to day development, testing etc on. What options do I have to enable this given that there is a 100 device limit for iPhones on the Apple Developer Program used by my company. (https://developer.apple.com/help/account/register-devices/devices-overview/) Thanks

We have both App Store and enterprise developer accounts under the same entity name, and we recently received communication from Apple about iOS 18 security changes. The email mentions that sharing the same team name across multiple Apple developer accounts may affect the ability to load apps. Could you please clarify whether having the same entity name for both our App Store and enterprise accounts will cause issues with app distribution? If so, what steps should we take to resolve this issue?