We seem to be dealing with a weird issue where the clinical health records entitlement keeps on getting added into our final embedded.mobileprovision when we prepare a build for distribution. We seem to get this in the final package. <key>com.apple.developer.healthkit.access</key> <array> <string>health-records</string> </array> But in our projects entitlement file there is no reference to health records. Below is the raw values inside of this file. <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>aps-environment</key> <string>development</string> <key>com.apple.developer.healthkit</key> <true/> <key>com.apple.developer.healthkit.access</key> <array/> <key>com.apple.security.application-groups</key> <array> <string>group.xxxxx</string> </array> </dict> </plist> And also in the project this isn't selected in the capabilities section either. Has anyone come across this issue before where Xcode automatically adds clinical records even though you haven't selected the checkbox.

All identifiers updated in summer 2020 has new value for keychain-access-groups - com.apple.token. What is its purpose? What can happen if this value will not be added to entitlements?

Hi everyone, My app was rejected for containing Game Center entitlement, here is what review team respond: Your app contains the Game Center entitlement, but it does not link against the GameKit framework. And they suggest a solution: If you do not intend to use Game Center, please remove the Game Center entitlement. My app does not have Game Center entitlement enabled, but App Identifier do have it enabled by default. The App Identifier was created years ago, and by then the Game Center was enabled mandatory, I can't deselect it since the disable button was grayed out. I thought Apple may has changed this behavior when received rejection, so I tried to disable Game Center again, but after I deselect Game Center for macOS and try to save it on developer portal, it warns me: There is a problem with the request entity Please select at least one configuration for Game Center. Is there anything I missed? Thank you in advance for any possible help. Regards,

test

Whenever I fresh install my app onto my device, it is not showing up in the Settings app. Even after trying to search it, nothing appears. I use location services and local network within my application so I need to be able to change those authorizations as it does not reliably prompt for those authorizations (I need always for location and that was removed, local network never prompts correctly). I have however seen my app appear in the settings app under privacy -> Location Services but not local network. Is this an issue with Apple or with my application? Should also be known that it does appear in settings on some devices.

I have been trying for about two weeks to get Universal links to work in my app VineCrawl. For some reason it always tells me that it cannot parse the association file. However, other tools for testing the association file have no problem. I didn’t sign it since I am targeting iOS 11 and later. A long time ago, I read somewhere that it could be the https cipher that I use, but now I can’t find anything on that. My file is vinecrawl.com/.well-known/apple-app-site-association

Trying to validate an app for upload to mac app store. Using Big Sur, and Xcode 12.2 App will not validate. This is for an existing app I'm trying to update. It updated peffectly week just 2 weeks ago with Xocode 11.xx and Catalina. It was rejected a week ago for metadata concerns. I've corrected metadata concerns, and am trying to submit a new binary. I've tried validating the same bundle with a diffreent app id, and everything goes prefectly and is validated. Here is what the non-validation looks like: SUMMARY Team: XXXXXXX Certificate: Apple Distribution (Expires 10/31/21) Profile: Mac Team Store Provisioning Profile: com.XXXX.XXXX Symbols: Included Architectures: Intel 64-bit ENTITLEMENTS com.apple.security.files.user-selected.read-write true com.apple.application-identifier XXXX.com.XXXX.XXXX com.apple.developer.team-identifier XXXXXXXX com.apple.security.app-sandbox true ****** The result = Not Validated * Error message Xcode displayed. Unable to process application at this time due to the following error: Invalid Provisioning Profile. The provisioning profile included in the bundle com.XXXX.XXXX [com.XXXX.XXXX.pkg/Payload/XXXXYYYY.app] is invalid. [Invalid 'com.apple.application-identifier' entitlement value.] For more information, visit the macOS Developer Portal.. * end error message******** Any thoughts or suggestions??? Thanks in advance.

We had push notifications and associated domains capabilities to our app but something happened either with my certificates or Xcode and they disappeared and can't add any capabilities anymore. https://imgur.com/peRXNO6 Our App ID, certificate and provisioning profile are all correct and contain the correct capabilities.

Invalid Provisioning Profile. The provisioning profile included in the bundle ***.***.XX [Payload/Runner.app/PlugIns/OneSignalNotificationServiceExtension.appex] is invalid. [Missing code-signing certificate]. A Distribution Provisioning profile should be used when submitting apps to the App Store. For more information, visit the iOS Developer Portal. With error code STATE_ERROR.VALIDATION_ERROR.90161 for id 81c3cef4-fefe-468d-910c-cf7a4b5377a8 Any help? I have tried to create new provisioning profile and identifiers but still get this error when uploading app to the App Store.

When I try to add HealthKit capabilities to my app, I get the following signing errors: Communication with Apple failed. Your account does not have sufficient permissions to modify containers. Provisioning profile "iOS Team Provisioning Profile: com.domain.app" doesn't support the HealthKit capability. Provisioning profile "iOS Team Provisioning Profile: com.domain.app" doesn't include the com.apple.developer.healthkit and com.apple.developer.healthkit.access entitlements. In my developer account, the HK capability is enabled. And the entitlements needed are automatically generated by Xcode when I add HK capability, if I try to add them, it says they're already there. I have automatically managed signing selected. Clinical health records are not enabled for Health Kit. Common solutions like cleaning, derived data, and restarts don't help. Does anybody know what this is?

We have been searching for almost one year for answers as to why wkWebView using an Entitled Domain will allow Autofill with KeyChain to fill credentials, but will not trigger Autofill to store/save them. In other words, if users have previously stored credentials in Safari while visiting domain X, subsequent visited to wkWebView with entitled domain X will allow use of those credentials in wkWebView through the Autofill/Keychain dialogue. However, users cannot save/store credentials within wkWebView in Trusted domain X because the save dialogue is never triggered.

When I download my provisioning profile I can't find the com.apple.developer.carplay-audio entitlement in it. Here's what I did: For our app identifier on Apple Developer Portal in "Additional Capabilities" I enabled "CarPlay Audio App (CarPlay framework)". After that I generated a provisioning profile and downloaded it. In the provisional profile info on Apple Developer Portal I can see "CarPlay Audio App (CarPlay framework)" in "Enabled Capabilities". When I import the downloaded profile in Xcode, I can't see the CarPlay entitlement there. After I added the "com.apple.developer.carplay-audio" entitlement to my .entitlements file, I'm getting the "Provisioning profile ... doesn't include the com.apple.developer.carplay-audio entitlement.". When I'm opening the profile in my text editor, I also can't find "carplay-audio" there. Is there a way to solve this problem?

Hello, I am creating an app which includes an AppClip. I added the Clip in the build phases (as an Embed AppClip), I use everywhere the good BundleID (either the parent app, or the clip) but when I'm archiving the app, and then I distribute it, i'm still getting this error: IDEFoundation.AssociatedAppClipIdentifiersFilterErrors error 1 I can't figure why this happen, it's the first Clip I do and deploy so it's all new to me.

General: DevForums tags: Code Signing, Signing Certificates, Provisioning Profiles, Entitlements Developer Account Help — This document is good in general but, in particular, the Reference section is chock-full of useful information, including the names and purposes of all certificate types issued by Apple Developer web site, tables of which capabilities are supported by which distribution models on iOS and macOS, and information on how to use managed capabilities. Developer > Support > Certificates covers some important policy issues Entitlements documentation TN3125 Inside Code Signing: Provisioning Profiles — This includes links to other technotes in the Inside Code Signing series. WWDC 2021 Session 10204 Distribute apps in Xcode with cloud signing Certificate Signing Requests Explained DevForums post --deep Considered Harmful DevForums post Don’t Run App Store Distribution-Signed Code DevForums post Resolving errSecInternalComponent errors during code signing DevForums post Finding a Capability’s Distribution Restrictions DevForums post Signing code with a hardware-based code-signing identity DevForums post Mac code signing: DevForums tag: Developer ID Creating distribution-signed code for macOS documentation Packaging Mac software for distribution documentation Placing Content in a Bundle documentation Embedding Nonstandard Code Structures in a Bundle documentation Embedding a Command-Line Tool in a Sandboxed App documentation Signing a Daemon with a Restricted Entitlement documentation Defining launch environment and library constraints documentation WWDC 2023 Session 10266 Protect your Mac app with environment constraints TN2206 macOS Code Signing In Depth archived technote — This doc has mostly been replaced by the other resources linked to here but it still contains a few unique tidbits and it’s a great historical reference. Manual Code Signing Example DevForums post The Care and Feeding of Developer ID DevForums post TestFlight, Provisioning Profiles, and the Mac App Store DevForums post For problems with notarisation, see Notarisation Resources. For problems with the trusted execution system, including Gatekeeper, see Trusted Execution Resources. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

In iOS 16, UIDevice.name has changed to only return the model of the device, not the user specified name. There is an entitlement, com.apple.developer.device-information.user-assigned-device-name that can be requested to keep the old behaviour, but I can't find any info on how to request that entitlement. Anyone able to help?