We're building a parental control app using FamilyControls (.child authorization). Our architecture: Parent sends pause command → Firestore + FCM Child receives push → NotificationService Extension triggers main app Main app sets ManagedSettings Shields Problem: If child disables Notifications in Settings and force-quits the app, we cannot enforce Shields. What we've tried: Firestore Realtime Listener (works only when app is running) DeviceActivityMonitor (intervalDidStart/End only triggers at schedule boundaries, eventDidReachThreshold requires explicit app selection via FamilyActivityPicker) Question: Is there a recommended approach for parental control apps to reliably enforce Shields when the child has disabled notifications? Or is this a known limitation?

On iOS 26.2 (23C55), DeviceActivityMonitor.eventDidReachThreshold fires intermittently for a daily schedule (00:00–23:59) even when iOS Screen Time shows 0 minutes for the selected apps that day. This causes premature shielding via ManagedSettings. Environment: iPhone 13 Pro Max, iOS 26.2 (23C55). Event selection: 2 apps. Threshold: 30 minutes. Multiple TestFlight users report the same behavior across various app selections and thresholds. Intermittent (~50% of days); sometimes multiple days in a row. Not observed in testing prior to iOS 26.2. Evidence: sysdiagnose + Screen Time screenshots (with 0 screen time on selected apps) + unified logs show UsageTrackingAgent notifying the extension that “unproductive from activity daily reached its threshold,” followed immediately by ManagedSettings shield being applied (extension reacting to the callback). Filed Feedback Assistant: FB21450954. Questions: Are others seeing this on 26.2? Does it correlate with restarting monitoring at interval boundaries or includesPastActivity settings?

I've spent the last few days researching the upcoming laws in Texas and other US states, and how these laws will impact on developers around the world. I want to share what I've learned so far with the community and get feedback on my current understanding. This post is not so much focused on a single API, but more of the bigger picture. Background The law essentially mandates that: (1) app store platforms implement age categorization and verification mechanisms, and (2) developers implement logic to listen to age categorization signals provided by the platform and respond accordingly. You can read the law itself here: https://capitol.texas.gov/tlodocs/89R/billtext/html/SB02420S.HTM Most people seem to be interpreting the law as follows: All developers who distribute apps in the USA are effectively required to implement the new APIs (required by Texas, not by Apple). The penalties are heavy, but it's unclear whether developers would actually be pursued and by whom (e.g. would someone seriously pursue an alarm clock app because it could be accessed by a minor?). Putting aside the ethical, privacy, and legal issues (and the damaging precedents this law sets), most people seem to agree that, from a technical perspective, this is a very silly way to implement age blocking (app store collects the info and passes it to dev, dev is responsible for blocking access). It would make way more sense for the platform to block the app directly for affected users (with optional API support for developers who wish to use it). However, I believe the law has specifically mandated that this is how they expect the system to work, so Apple's hands have been tied. Apple has basically complied with their obligations by providing the relevant APIs to developers. Because the law is vague and open-ended, there are a lot of legal and technical uncertainties about what developers actually need to do to be compliant. Understandably, Apple seems reticent to provide any guidance to developers that could be interpreted as legal advice. Apple's docs simply describe what the APIs do with no guidance on what the overall flow is meant to look like or how and when the APIs should actually be used in practice. Americans familiar with the political situation seem to think there's the possibility of an injunction before this law goes into effect, but that looks increasingly unlikely given that it's two weeks away. Developer solutions Many devs seem to be exploring two main workarounds, at least as temporary solutions: (1) Raise your app's rating to 18+. Putting aside the fact that Texas law would effectively be forcing developers to raise their global age rating (resulting in lost revenue that extends far beyond Texas), it remains unclear whether this solution is actually legally compliant, since the law specifically mandates that apps must implement logic to respond to signals from the platform. (2) Geo-block Texas. Again, it remains unclear if this is compliant because geo-blocking is not 100% accurate and it doesn't actually do what the law says you have to do. It also creates issues if you already have users in Texas, and it means performing additional privacy-hostile checks (i.e., detecting the user's location, even users who are not subject to the law). The DeclaredAgeRange API is actually pretty straight-forward to use – although there is still a lack of documentation on certain edge cases and it's difficult to test. In addition, the new APIs are only available in iOS 26.2, so it's unclear what you need to do if you're still supporting < iOS 26.2. Some people are of the opinion that developers can only reasonably respond to the signals that are available, thus pushing responsibility back to the platforms in regards to earlier OS versions. The API provides a bool (AgeRangeService.shared.isEligibleForAgeFeatures), which allows you to determine if the user is someone to whom age checks need to be applied. https://developer.apple.com/documentation/declaredagerange/agerangeservice/iseligibleforagefeatures I'm not 100% sure, but perhaps the simplest action you can take is to check this bool on launch and block access if it's true. In any case, it looks like this API will be very useful because it means we can avoid applying the checks in other jurisdictions and for grandfathered-in users without needing to implement custom geo-tracking code (albeit only in iOS 26.2+). To implement the API, my current thinking is that, on every launch, I should first check the above bool and, if it's true, do the following: (1) get the App Store age rating with let appStoreAgeRating = await AppStore.ageRatingCode ?? 18, (2) request the user's age with let ageRangeResponse = try await AgeRangeService.shared.requestAgeRange(ageGates: appStoreAgeRating), (3) check that the user has agreed to share their age, (4) check that lowerBound >= appStoreAgeRating, and (5) check that the verification method is not one of the self-declared methods. If this procedure fails, I should block access to the app and provide a link to Apple's support page: https://support.apple.com/en-us/122770 I stress, however, that this is just my current idea and there are some edge cases I'm unsure about. Other issues It is possible to do some basic testing of the API, but only using a sandbox App Store account on a physical device. From the Developer section in iOS Settings, you can select from a few different scenarios, like "Texas user aged 14 without parental consent", etc. There's also a whole separate aspect to this law relating to "significant updates". Everyone seems kinda confused about this, but it seems like the general idea is that, if your app's age classification changes in the future, the app should be responsive to that change. My current interpretation is that if I use the AppStore.ageRatingCode as the age gate (as described above) then that should allow me to comply, but I haven't really looked into this aspect of the law yet. There's also another aspect to this law requiring developers to revoke access to the app when requested by the parent. I have not looked into this yet, but as noted above, it doesn't make sense to me why this is the developer's responsibility given that the platforms already provide solid parental controls. Do I need to something else in addition to what I've sketched out above? It goes without saying, of course, that everything above is not legal advice, and I still have some gaps in my understanding. I would really appreciate any feedback on the above, perhaps with recommendations about better ways to approach this.

Issue: The search functionality in FamilyActivityPicker has disappeared on iPadOS 26.0+. This feature was working in previous versions but is now missing. Framework: FamilyControls Expected: Search bar should be available in FamilyActivityPicker to help users find apps quickly. Actual: Search functionality is completely missing. Impact: Makes app selection difficult for users with many installed apps. Is this a known issue? If it's a bug, please address it in an upcoming update. If intentional, guidance on alternatives would be appreciated. Thank you.

Hi everyone, I have a question regarding the intended privacy limits of the DeviceActivityReportExtension. According to the documentation and the WWDC21 session "Meet the Screen Time API", this extension was created specifically to prevent the host application from accessing the user's underlying activity data (websites visited, app usage, screen time, etc). But I have found that my host app is actually able to reconstruct this raw activity data from the activity report. I am able to extract specific visited websites and app usage durations back into the main app. I reported this to Apple Security (Case ID: OE1100504480881 ), assuming it was a sandbox bypass. However, they closed the ticket stating that this is "expected behavior" and requires no fix. My question for Screen Time Engineers: Is the documentation incorrect? If my host app is expected to be able to read this data, is there a formal API we should be using instead of extracting it from the report extension? The current behavior contradicts the privacy limits described in the documentation, so I am confused if I should rely on this data access for my app features or if it will be patched later. Thanks.

Hi there, Starting with iOS 26.2 RC, all my DeviceActivityMonitor.eventDidReachThreshold get activated immediately as I pick up my iPhone for the first time, two nights in a row. Feedback: FB21267341 There's always a chance something odd is happening to my device in particular (although I can't recall making any changes here and the debug logs point to the issue), but just getting this out there ASAP in case others are seeing this (or haven't tried!), and it's critical as this is the RC. DeviceActivityMonitor.eventDidReachThreshold issues also mentioned here: https://developer.apple.com/forums/thread/793747; but I believe they are different and were potentially fixed in iOS 26.1, but it points to this part of the technology having issues and maybe someone from Apple has been tweaking it.

Hi everyone, I submitted this feature request through Apple’s Feedback Assistant and wanted to share it here, because many families run into the same issue and Apple prioritizes features based on the number of reports they receive. Current limitation: Screen Time only allows one single Downtime period per day for child accounts. For families with separate school hours and bedtime, this is very impractical. My real-world use case: • Downtime 1: 08:00–13:00 (school) • Downtime 2: 20:00–06:00 (bedtime) Both serve completely different purposes, but are not possible to combine with the current system. My suggestions to Apple: Support multiple Downtime periods per day for child accounts. Allow custom exceptions per Downtime block (e.g., allow Phone app). Provide more flexibility overall for families using Screen Time. If you would benefit from this too, it would be great if you could submit the same request via the Feedback app – the more reports Apple receives, the higher the chance for implementation. My Feedback ID: FB21265678 Thank you! 🙏 Hallo zusammen, ich habe über die Feedback-App einen Vorschlag an Apple eingereicht und wollte ihn hier teilen, weil viele Familien dasselbe Problem haben und Apple mehr Rückmeldungen braucht, um das Thema zu priorisieren. Aktuelles Problem: In Bildschirmzeit kann für Kinder aktuell nur eine einzige Auszeit pro Tag eingerichtet werden. Für Familien mit getrennten Schul- und Schlafenszeiten ist das extrem unpraktisch. Mein Anwendungsfall: • Auszeit 1: 08:00–13:00 (Schule) • Auszeit 2: 20:00–06:00 (Schlafenszeit) Beides erfüllt unterschiedliche Zwecke, ist aber nicht kombinierbar. Mein Vorschlag an Apple: Mehrere Auszeiten pro Tag für Kinderaccounts. Pro Auszeit eigene Ausnahmen festlegen (z. B. Telefon erlauben). Allgemein mehr Flexibilität im Screen-Time-System für Familien. Wenn ihr das ebenfalls hilfreich findet, wäre es super, wenn ihr es auch über die Feedback-App meldet – je mehr, desto besser. Feedback-ID meines Vorschlags: FB21265678 Danke euch! 🙏

Hello, I'm experiencing a significant delay getting the Family Controls entitlement approved for my Shield Configuration Extension, and I'm hoping someone here can help or has experienced something similar. Background: I'm developing an app that uses the Screen Time API with Family Controls. My main app bundle (lukedev.Bloka) was approved for Family Controls (Distribution) and works perfectly. The Problem My Shield Configuration Extension (lukedev.Bloka.Shield) has been stuck waiting for approval for over 2 weeks: Request ID: 6C8LD22UVM Submitted: November 20, 2025 Status: Still "Submitted" Current State: Only shows "Family Controls (Development)" in capabilities What I've Tried ✅ Submitted entitlement request via the proper channels ✅ Contacted Apple Developer Support (case #102762028251) ✅ Verified the main app has full Family Controls approval ✅ Deleted and regenerated all provisioning profiles multiple times ✅ Confirmed the App ID configuration is correct in the Developer Portal The Issue Without Family Controls (Distribution) approval for the Shield extension, I cannot: Test the complete app functionality on physical devices Submit the app to App Store Connect Move forward with development The error I'm getting during provisioning: Provisioning profile failed qualification Profile doesn't include the com.apple.developer.family-controls entitlement Questions Has anyone experienced multi-week delays for Shield extension entitlements? Is this normal? Should Shield extensions automatically inherit entitlements from the main app, or do they really require separate approval? The documentation isn't clear on this. Are there any known workarounds to test Shield Configuration Extensions during development while waiting for distribution approval? How can I escalate this request? Developer Support initially told me I already had approval (for the main app) but didn't address the extension's separate bundle ID. Technical Details Xcode: 16.2 Target: iOS 18+ Main App: Family Controls (Distribution) ✅ Approved Shield Extension: Family Controls (Development only) ❌ Stuck Why This Matters The Shield Configuration Extension is a core component of Screen Time API apps - it's not optional. Without it, the app cannot properly display blocking interfaces. The fact that it requires a separate 2+ week approval process (after the main app was already approved) seems like a significant oversight in Apple's review process. Has anyone successfully navigated this situation or found a way to expedite the review? Any help or insights would be greatly appreciated! Thanks, Luca

Hello! I recently submitted a request for the Family Controls (Distribution) entitlement for my app, and I’m trying to understand what kind of timeline to expect. I’ve seen posts suggesting anywhere from a few days to over a month for approval. Is there a typical review window for this entitlement? And is there anything I can do on my end to help the process move more smoothly? Thanks in advance!

General: Forums topic: Family Controls Forums tag: Family Controls Configuring Family Controls documentation Requesting the Family Controls entitlement documentation Screen Time Technology Frameworks documentation FamilyControls documentation What's new in Screen Time API video Meet the Screen Time API video

Hello, I’m running into an issue with the Family Controls (Distribution) entitlement not being included in my App Store Connect provisioning profiles. Here’s the situation: •Both my main app and its Screen Time extension have been approved for Family Controls (Distribution) In Certificates, Identifiers & Profiles → Identifiers, I can clearly see that the capability Family Controls (Distribution) is enabled for both App IDs. However, when I generate a new provisioning profile (either manually or via Xcode), the resulting .mobileprovision file’s Entitlements section does not include the Family Controls (Distribution) entitlement. As a result, building for distribution or archiving fails to recognize that entitlement, even though everything looks correct in the Developer Portal. But the missing entitlement persists. How can I successfully generate a distribution provisioning profile that includes Family Controls (Distribution)? Thanks in advance for any guidance — this seems like a subtle configuration issue, and I’d love to hear how to get over it. I can provide the Team ID and bundle ID upon request. STEPS TO REPRODUCE I’ve tried: •Regenerating both App IDs and provisioning profiles •Revoking and re-creating distribution certificates •Cleaning derived data and re-downloading profiles from Xcode Every time, creating a profile for App Store Connect will fail to include the capabilities the app has been approved for.

Hi everyone, solo iOS dev here. I’ve built a small focus app (“Modo”) that uses Apple’s Screen Time APIs to help curb social-media overuse. In development everything works: FamilyActivityPicker for selection, a DeviceActivityMonitor extension for schedules, and ManagedSettings shields (plus uninstall guard only while “Blocked” is active). I requested the Family Controls distribution entitlement so I can ship, but my capability request has been pending for a while and I’m not sure what the usual path forward is. What I’ve already done • Submitted the capability request (Account Holder), describing the use case (self-control / digital well-being), user consent flow,. • Implemented app + DeviceActivityMonitor + ManagedSettingsUI extensions; verified the debug build has the right entitlements and behavior. • Regenerated profiles after the request; checked codesign entitlements on the built targets. • Filed a Developer Support ticket referencing the capability request. I really appreciate any timelines, examples, or advice you can share. If an Apple engineer needs specifics (Team ID, request number), I can provide them as well. Thanks in advance!

I’m developing an app that uses Family Controls to block other apps. I’ve already received approval from Apple for the entitlement, and everything works perfectly when I run the app from Xcode on a physical device. However, when I upload the same build to TestFlight, the app installs and runs, but the Family Controls functionality doesn’t work — it seems like the entitlement isn’t being applied in the TestFlight version. So I’d like to ask: 👉 Do Family Controls entitlements work automatically on TestFlight builds, or is there any additional step required to enable them?

In my app I want to integrate a personilized Lock Screen. Does anybody know how that works?

I'm developing a parental control app that needs to block adult/18+ websites using the Screen Time API. I've run into scaling issues with 'ManagedSettings.webContent.blockedByFilter`. Environment: iOS 18.x, real device (iPhone) ManagedSettings framework Screen Time permissions granted Current Behavior: The Question: Commercial parental control apps successfully block tens of thousands of domains. What API or architecture should I be using to scale beyond 30-50 domains? Approaches I'm considering: Safari Content Blockers (limited to Safari only) Multiple ManagedSettingsStore instances Network Extension / DNS filtering A different Screen Time API approach What's the recommended way to block large domain lists (1000-60000+) across all apps and browsers? Any guidance appreciated! //33 domains - Works perfectly let blockedSites: Set<WebDomain> = [ WebDomain(domain: "example1.com"), WebDomain(domain: "example2.com"), // ... 31 more domains ] store.webContent.blockedByFilter = .specific(blockedSites) // All 33 domains blocked successfully // 101 domains - Complete failure (no domains blocked at all) let blockedSites: Set<WebDomain> = [ WebDomain(domain: "example1.com"), // ... 100 more domains ] store.webContent.blockedByFilter = .specific(blockedSites) // No errors thrown, but ZERO domains are blocked

I am building a screen time management app. It has the main app target, and then three extensions - those are the four targets in Xcode. The three extensions are: Shield Device Activity Monitor Device Activity Report Extension I requested "Family Controls (Distribution)" capability from Apple for the main app target / bundle ID, and it got approved. Do I need it for the extensions too? Because previously I had "Family Controls (Development)" for the extensions...

Situation: I previously had Family Controls (Distribution) approved for a different bundle ID during initial development (for the same app I'm currently working on). I have since migrated to a new bundle ID to align with my app's branding and have already configured multiple third-party integrations (RevenueCat, backend services, etc.) with this new bundle ID. Request: In this scenario, can Apple please expedite the review process for Family Controls (Distribution) on the new bundle ID? The migration is necessary to maintain existing service integrations and avoid significant reconfiguration work for my app. Current Status: Submitted request for approval on new bundle ID over a week ago, still pending review.

class ShieldActionExtension: ShieldActionDelegate { override func handle(action: ShieldAction, for application: ApplicationToken, completionHandler: @escaping (ShieldActionResponse) -> Void) { // Handle the action as needed. switch action { case .primaryButtonPressed: if let url = URL(string: "blockfocusapp://") { let extensionContext = NSExtensionContext() extensionContext.open(url, completionHandler: nil) } // completionHandler(.defer) case .secondaryButtonPressed: let userDefaults = UserDefaults(suiteName: "group.in.appsquare.FocusApp.shieldExt") userDefaults?.set(false, forKey: "shouldOpenMainApp") completionHandler(.defer) @unknown default: fatalError() } } override func handle(action: ShieldAction, for webDomain: WebDomainToken, completionHandler: @escaping (ShieldActionResponse) -> Void) { // Handle the action as needed. completionHandler(.close) } override func handle(action: ShieldAction, for category: ActivityCategoryToken, completionHandler: @escaping (ShieldActionResponse) -> Void) { // Handle the action as needed. completionHandler(.close) } } I want to be able to open my app from ShieldActionExtension

I work at a school in NYC and have a software idea that could better support the new NYC phone ban law than current market options (i.e. Yondr pouches). Right now at my school, students and staff scan a QR code upon entering the building to indicate that they are in the building. They scan again on the way out to indicate they've left the building. This is super helpful for attendance, particularly in emergency situations (fire drills, etc). Imagine if when students scanned their QR code, it also activated an app similar to Opal or ScreenZen, but with an admin preset whitelisted apps. The idea is that this app would default deny access to all apps on students' phones except the admin preset whitelisted ones such as Phone, Calculator, etc. Depending on the age/needs of the student, other apps like Spotify, or medical apps could also be whitelisted. My question is -- is this idea possible to create? We would need admin preset controls to create the preset whitelist. We can't have students picking their own restrictions, as we know most would opt to not restrict at all. We would need an admin dashboard so teachers/admin can see which students have activated the app in the building, and which may be trying to sneakily avoid it. We would ideally need to be able to whitelist both system apps like Phone and Calculator, as well as non-system apps such as Spotify (and medical apps -- we have some students who manage/monitor their Diabetes with an app). I don't have a background in software. I'm a math and health teacher. I've experimented with trying to have friends who majored in CS to create this app for me, but they've all either struggled/lost interest. So I'm also looking for a business partner in this venture. If anyone has any guidance here, it would be so helpful! My boss (Head of School) is super interested in this idea and significantly prefers it to every other alternative that he has encountered. The problem is this idea does not exist yet! Note: I know this is a super similar idea to the app and product "Brick". Notably, though, Brick does not have the ability for admin preset controls, or the admin dashboard. We reached out to the company to see if they're create this for us and they said it's a back burner idea that they're aware of, but it's not a priority for them right now. Thank you for any guidance!

Hi! For some reason my DeviceActivityReport sometimes fails to load. I've tried setting up a very simple mock views and displaying a report with a simple "Hello world" but even that won't work. It prints the following error message in the terminal but doesn't show anything else or any context as to what has gone wrong. Failed to update the client's configuration: Error Domain=DeviceActivityReportService.ReportViewController.ClientError Code=2 "(null)" It seems like the "makeConfiguration" method for the report isn't even being invoked. That may though just be an issue with printing messages in the extension. Any help on what could be the issue, or even just a message that you're being the same thing would be greatly appreciated!