We are currently working on a SCEP server implementation that operates in FIPS-approved mode. In this mode, RSA PKCS#1 v1.5 encryption is disallowed due to compliance requirements, and only FIPS-approved padding schemes such as RSA-OAEP are permitted. However, we have observed that the SCEP client functionality on Apple devices currently does not support RSA-OAEP for CMS EnvelopedData decryption. This creates a challenge for us in ensuring FIPS compliance while maintaining compatibility with Apple devices during certificate enrollment through SCEP. We would appreciate your guidance on the following: Are there any alternative FIPS-approved encryption algorithms or configurations supported by Apple devices for SCEP CMS EnvelopedData decryption? Is there any plan or timeline for future support of RSA-OAEP on Apple platforms for this use case? Feedback raised along with sysdiagnose logs as well : FB17655410

Hello, In a new app I am working on I noticed the FamilyActivityTitleView that displays "ApplicationToken" has wrong (black) color when phone is set to light mode but app is using dark mode via override. We display user's selected apps and the labels are rendered correctly at first, but then when user updates selection with FamilyActivityPicker, then those newly added apps are rendered with black titles. The problem goes away when I close the screen and open it again. It also doesn't happen when phone is set to dark theme. I am currently noticing the issue on iOS 18.4.1. I have tried various workarounds like forcing white text in the custom label style, forcing re-render with custom .id value but nothing helped. Is there any way how to fix this?

I'm encountering what appears to be a specific precedence behavior with ManagedSettingsStore.shield and would appreciate some further clarification. My current understanding is that category-level shields take precedence over individual app allowances. My test involved... Using FamilyActivityPicker to select a single target application (e.g., "Calculator," which falls under the "Utilities" category). Using FamilyActivityPicker again to select the category of that target application. I applied shields using ManagedSettingsStore (named .individual): store.shield.applicationCategories = .specific(Set([utilitiesCategoryToken])) store.shield.applications = Set([calculatorApplicationToken]) Result: The calculator app remains shielded, suggesting that the category-level shield on Utilities overrides the attempt to allow the individual app. I also tried this using a single picker, but received only the category token instead of all application tokens in that category. Is this observed precedence (where store.shield.applicationCategories effectively overrides store.shield.applications for apps within the shielded category) the intended behavior? If so, are there any mechanisms available within the main app's capabilities (potentially using a Device Activity Report Extension or Shield Extension) to allow a specific ApplicationToken if its corresponding ActivityCategoryToken is part of the store.shield.applicationCategories set? Essentially, can store.shield.applications be used to create "allow exceptions" for individual apps that fall into an otherwise shielded category? Additionally, I mentioned that selecting an entire category in the picker only returns the opaque category token, not any application tokens. Is there any way in which I could return both the category and all application tokens by just selecting the category? Any insights or pointers would be greatly appreciated!

An error was reported when requesting permissions on devices with iOS 16.2 16.3. It is not an emulator. Through the log records, the following Error message appears Error Domain=FamilyControls.FamilyControlsError Code=3 "(null)" Error Domain=FamilyControls.FamilyControlsError Code=4 "(null)" Error Domain=FamilyControls.FamilyControlsError Code=5 "(null)" func requestScreenTime() async -> Bool { do { try await AuthorizationCenter.shared.requestAuthorization(for: .individual) return AuthorizationCenter.shared.authorizationStatus == .approved } catch { print("\(error)") return false } }

Issue with Universal Links and App Extension (ShieldAction Handler) I'm currently working on a POC app using the FamilyControls framework and facing an issue when trying to open a Universal Link from an app extension, specifically from a ShieldAction handler. When I try to open a Universal Link, I encounter the following error: Failed to open URL https://sixteen-server-c008110f8759.herokuapp.com/.well-known/apple-app-site-association: Error Domain=FBSOpenApplicationServiceErrorDomain Code=1 "The request to open 'com.apple.mobilesafari' failed." UserInfo={BSErrorCodeDescription=RequestDenied, NSUnderlyingError=0x14f2d90b0 {Error Domain=FBSOpenApplicationErrorDomain Code=3 "Application com.sixteen.life is neither visible nor entitled, so may not perform un-trusted user actions." UserInfo={BSErrorCodeDescription=Security, NSLocalizedFailureReason=Application com.sixteen.life is neither visible nor entitled, so may not perform un-trusted user actions.}} Context: I’m using a ShieldAction handler as part of an App Extension to trigger the action (e.g., "Break in Shield") in my app. The app extension (ShieldAction handler) is responsible for trying to open the Universal Link. I’m encountering the error because the app is not visible or entitled to perform this action, which seems to be related to security restrictions when using App Extensions. Questions: App Extension and Universal Link Interaction: Is it possible for an App Extension (like ShieldAction handler) to open a Universal Link or trigger an external app, such as Safari, even though it is not the foreground app? Entitlements for App Extensions: Are there any specific entitlements or permissions required to allow an app extension (ShieldAction handler) to open Universal Links or perform actions like opening Safari from the background? App Visibility and State: How can I ensure that my app is in the right state (visible/active) and has the necessary entitlements to trigger these actions when running in the context of an app extension? Workaround: If this behavior is restricted due to app extension limitations, what would be the recommended workaround to handle launching external apps (like Safari) or Universal Links from within an app extension?

Hi everyone, I’m working with the ManagedSettingsStore API for managing Screen Time restrictions and I have a specific question: Is it possible for an app to block itself using ManagedSettingsStore() — for example, by applying an application category restriction or setting a specific block on its own bundle ID? If so, what strategies or best practices are recommended to avoid accidentally blocking the app itself while applying restrictions to other apps or categories? I haven’t found any official documentation confirming whether the system prevents self-blocking automatically or if this is something developers need to manage explicitly. Thanks for any clarification or advice you can provide!

So I have been working with the screen time api. however I still cant get it to work to reshield certain apps after a certain time because for example Dispatch Queue just gets terminated after a certain time. This is my code right now but the reshielding doesn't get called. Please help I have been working on this since weeks and weeks. import ManagedSettings import DeviceActivity import Foundation class ShieldActionExtension: ShieldActionDelegate { let store = ManagedSettingsStore() let center = DeviceActivityCenter() override func handle(action: ShieldAction, for application: ApplicationToken, completionHandler: @escaping (ShieldActionResponse) -> Void) { switch action { case .primaryButtonPressed: // Unshield the app store.shield.applications?.remove(application) // Encode and persist ApplicationToken if let encoded = try? PropertyListEncoder().encode([application]) { UserDefaults(suiteName: "group.Organization.BrainRipe.cmonnow")?.set(encoded, forKey: "StoredApplicationTokens") } let unshieldDurationMinutes = 2 let now = Date() guard let endDate = Calendar.current.date(byAdding: .minute, value: unshieldDurationMinutes, to: now) else { completionHandler(.close) return } let activityName = DeviceActivityName("com.myapp.shield.reapply") let schedule = DeviceActivitySchedule( intervalStart: Calendar.current.dateComponents([.hour, .minute], from: now), intervalEnd: Calendar.current.dateComponents([.hour, .minute], from: endDate), repeats: false ) do { try center.startMonitoring(activityName, during: schedule) } catch { print("Error starting monitoring: \(error)") } completionHandler(.close) case .secondaryButtonPressed: completionHandler(.defer) @unknown default: fatalError("Unhandled ShieldAction case.") } } } import DeviceActivity import ManagedSettings import Foundation // Optionally override any of the functions below. // Make sure that your class name matches the NSExtensionPrincipalClass in your Info.plist. class DeviceActivityMonitorExtension: DeviceActivityMonitor { let store = ManagedSettingsStore() override func intervalDidStart(for activity: DeviceActivityName) { super.intervalDidStart(for: activity) // Handle the start of the interval. } override func intervalDidEnd(for activity: DeviceActivityName) { guard let data = UserDefaults(suiteName: "group.Organization.BrainRipe.cmonnow")?.data(forKey: "StoredApplicationTokens"), let tokens = try? PropertyListDecoder().decode([ApplicationToken].self, from: data) else { return } let tokenSet = Set(tokens) if store.shield.applications == nil { store.shield.applications = tokenSet } else { store.shield.applications?.formUnion(tokenSet) } // Clear tokens after use UserDefaults(suiteName: "group.Organization.BrainRipe.cmonnow")?.removeObject(forKey: "StoredApplicationTokens") } }

All After about 20 hours straight of working on this and having scrapped it twice I am realizing I should have asked everyone here for help. I am just trying to get device activity report extension to work inside an existing app. I have been heavily using family controls, managedsettings and deviceactivity and decided it would be nice to output some of the app usage so the User (parent) can see their children's app usage. I installed the target via xcode, confirmed group names match, and think I have it embedded correctly but when I run the app and call the view within the extension to show minutes used by any apps it just shows no time has been used. In addition, when I put print statements into the extension they do not show up in console. I have confirmed the main app target->Build phases->Link binary with Libraries has: ManagedSettings.framework FamilyControls.Framework DeviceActivity.framework I have confirmed in xcode that the main app target->Build phases -> Embed Foundation Extensions has: ShieldConfiguration.appex ShieldActionExtension.appex DeviceActivityMonitor.appex I have confirmed in xcode that the main app target->Build phases-> Embed ExtensionKit Extensions has: UsageReportExtension.appex I have used the apps I am trying to show data for extensively in the last 36 hours. Here is my UsageReportExtension info.plist EXAppExtensionAttributes EXExtensionPointIdentifier com.apple.deviceactivityui.report-extension .entitlement com.apple.developer.family-controls com.apple.security.application-groups group.com.jrp.EarnYourTurnMVP2.data Here is the file in the app (timebankview.swift) calling the extension/showing the extension view(AppUsageReportView.swift) import DeviceActivity import ManagedSettings struct TimeBankView: View { @EnvironmentObject private var appState: AppState @State private var reportInterval: DateInterval = { let calendar = Calendar.current let now = Date() let yesterdayDate = calendar.date(byAdding: .day, value: -1, to: now) ?? now return DateInterval(start: yesterdayDate, end: now) }() private var reportFilter: DeviceActivityFilter { let selection = appState.screenTimeController.currentSelection return DeviceActivityFilter( segment: .daily(during: reportInterval), users: .children, devices: .all, applications: selection.applicationTokens, categories: selection.categoryTokens // webDomains: selection.webDomains // Add if needed ) } var body: some View { ZStack { Color.appTheme.background(for: appState.isParentMode) .edgesIgnoringSafeArea(.all) ScrollView { VStack(spacing: 20) { Text("Time Bank") DeviceActivityReport(.childUsageSummary, filter: reportFilter) Here is AppUsageReportView.swift import SwiftUI struct AppUsageReportView: View { let config: DetailedAppUsageConfiguration // Use the detailed config var body: some View { VStack { Text("App Usage Details") Text("Total Screen Time: \(config.totalDurationFormatted)") if config.applicationsUsed.isEmpty { Text("No specific app usage data available for the selected period/filter.") } else { Text("Apps Used:") List { ForEach(config.applicationsUsed) { appInfo in HStack { Image(systemName: "app.dashed") Text(appInfo.appName) .lineLimit(1) Text(appInfo.durationFormatted) Here is AppUsageReportScene.swift: import SwiftUI import ManagedSettings struct AppInfo: Identifiable, Hashable { let id = UUID() let appName: String let durationFormatted: String } struct DetailedAppUsageConfiguration { var totalDurationFormatted: String = "Calculating..." var applicationsUsed: [AppInfo] = [] } struct AppUsageReportScene: DeviceActivityReportScene { let context: DeviceActivityReport.Context = .childUsageSummary let content: (DetailedAppUsageConfiguration) -> AppUsageReportView func makeConfiguration(representing data: DeviceActivityResults<DeviceActivityData>) async -> DetailedAppUsageConfiguration { var config = DetailedAppUsageConfiguration() var appDurations: [String: TimeInterval] = [:] var totalAggregatedDuration: TimeInterval = 0 let formatter = DateComponentsFormatter() formatter.allowedUnits = [.hour, .minute, .second] formatter.unitsStyle = .abbreviated formatter.zeroFormattingBehavior = .pad var segmentCount = 0 var categoryCount = 0 var appCount = 0 for await activityData in data { // Check segments var tempSegmentCount = 0 for await segment in activityData.activitySegments { segmentCount += 1 tempSegmentCount += 1 totalAggregatedDuration += segment.totalActivityDuration var tempCategoryCount = 0 for await categoryActivity in segment.categories { categoryCount += 1 tempCategoryCount += 1 var tempAppCount = 0 for await appActivity in categoryActivity.applications { appCount += 1 tempAppCount += 1 let appName = appActivity.application.localizedDisplayName ?? "Unknown App" let duration = appActivity.totalActivityDuration appDurations[appName, default: 0] += duration }}} } config.totalDurationFormatted = formatter.string(from: totalAggregatedDuration) ?? "N/A" config.applicationsUsed = appDurations .filter { $0.value >= 1 .map { AppInfo(appName: $0.key, durationFormatted: formatter.string(from: $0.value) ?? "-") } .sorted { lhs, rhs in let durationLHS = appDurations[lhs.appName] ?? 0 let durationRHS = appDurations[rhs.appName] ?? 0 return durationLHS > durationRHS } if !config.applicationsUsed.isEmpty { for (index, app) in config.applicationsUsed.enumerated() { } } else { } return config }} UsageReportExtension.swift struct UsageReportExtension: DeviceActivityReportExtension { init() { print("🚀 [UsageReportExtension] Extension initialized at \(Date())") print("🔍 [UsageReportExtension] Process info: \(ProcessInfo.processInfo.processName) PID: \(ProcessInfo.processInfo.processIdentifier)") } var body: some DeviceActivityReportScene { let _ = print("📊 [UsageReportExtension] Building report scenes at \(Date())") TotalActivityReport { totalActivity in print("🕰️ [TotalActivityReport] Creating view with data: \(totalActivity)") return TotalActivityView(totalActivity: totalActivity) }}}

Hello i need help to update my developer account to enterprice account how change o how update the my account ?

In the latest submission, we encountered a problem that the seller name and company name of our app are not compliant. However, changing the company name is too troublesome because the company has other businesses. We want to apply for a new company for the app. Does anyone know how to change the seller name and company name of the current app to the name of the new company?

Hi, Is there a method to hide individual items in System Settings that is not Deprecated? It needs some of the settings set and hidden for the end user. I found the DisabledSystemSettings key however it is marked as Deprecated and does not include all the new items, especially those related to Apple Intelligence. Is there any method other than “Restrictions” that does not hide and only set individual settings ? It needs to hide items in system settings :)

We'd like to give account holder role to another person in our team and when I tried to verify my account and post id photos in Developer app, I always got the next answer: 'Unable to Send Information, Your information could not be sent due to a connection error' with 2 buttons (try, cancel). I tried it many times with same result. I don't know what is wrong.

If I present "SFSafariViewController" when a "FamilyActivityPicker" is visible, it will automatically dismiss the "SFSafariViewController" and crash the "FamilyActivityPicker." I'm assuming the cause of the bug is that each is in a separate process (aside from the app), and there's some hacks to try to stop "FamilyActivityPicker" from crashing, and this is causing the new bug because "SFSafariViewController" is also in a separate process. (I'm not 100% if its just in 18.4 or iOS 18 overall...) (I'll try to file a feedback soon, but its 100% reproducible for me across multiple devices on iOS 18.4)

We are developing a parental control application in SwiftUI with features like app blocking and screen time management. We are using the Family Control API along with Apple Family Sharing, allowing parents to add multiple children to the family group. We have followed the apple documentation still we are facing following issues: App Blocking Issue: The family picker does not display each child's name separately or their apps individually. Instead, it shows all children's apps together, making it difficult to block apps for a specific child. Screen Time Data Issue: We receive the total screen time usage for all children combined rather than separate screen time data for each child. Syncing Delay: When a new child is added to the Family Sharing group, we are unsure how long it takes for their apps to sync and appear on the parent’s device.

Apple Feedback Ticket: FB16804936 Background We develop a parental control application called Adora Kids (https://apps.apple.com/us/app/adora-kids/id6443787669) that requires "Location Always" permission to function properly. Our app has Screen Time authorization and provides monitoring services for parents. Issue We are experiencing a recurring problem where child users receive the system notification "Adora accessed your location in the background" every few days. This frequently results in children disabling location permissions, which prevents our app from functioning as intended. Current Approach and Limitations We have explored using Content & Privacy Restrictions for Location Services as a potential solution, but have encountered two significant limitations: These restrictions cannot be accessed programmatically via the ManagedSettings framework (unlike AppStoreSettings and other restrictions). The current implementation is "all-or-nothing" - enabling location restrictions blocks permission changes for ALL apps on the device, preventing children from granting legitimate location access to other applications. Questions Is there a way to programmatically access and manage Content & Privacy Restrictions for Location Services through the ManagedSettings framework that we might have overlooked? Are there any recommended approaches for apps with Screen Time authorization to prevent users from changing specific permissions (particularly location) while still allowing them to manage permissions for other apps? Does Apple have plans to implement app-specific permission locking for apps with Screen Time authorization in future iOS releases? Are there any alternative approaches or workarounds that other developers have successfully implemented for this use case? Any guidance from the developer community or Apple engineers would be greatly appreciated. This is a critical functionality issue affecting the reliability of our parental control service. Thank you in advance for your assistance.

I'm currently running into an issue during the App Store review process where my reviewer isn't liking how the Screen Time API is being used to hide apps. For some context, my app uses the Managed Settings and Device Activity frameworks in the Screen Time API to allow users to set restrictions on their personal devices and save those restrictions into a preference object that they can switch between. This was detailed as my app's primary purpose in my Family Controls & Personal Device Usage Entitlement Request, which was approved last year. After around a year of working on this app, it's finally done and ready for submission to the App Store. However, my App Reviewer recently rejected the app with this single complaint: Guideline 2.5.1 - Performance - Software Requirements The app uses public APIs in an unapproved manner, which does not comply with guideline 2.5.1. Specifically, your app uses ScreenTime API to hide apps. Since there is no accurate way of predicting how an API may be modified and what effects those modifications may have, unapproved uses of public APIs in apps is not allowed. Next Steps Please revise the app to ensure that documented APIs are used in the manner prescribed in the documentation. All I'm doing is passing a set of Application objects to ManagedSettings.ApplicationSettings.blockedApplications, I'm not doing anything special. The documentation for this API itself states: The system hides blocked applications and prevents the user from launching them. In my reply, I let the reviewer know Regarding Guideline 2.5.1, I believe my use of the Screen Time API appears to align with Apple's documented intended functionality. The specific API I'm using, ManagedSettings.ApplicationSettings.blockedApplications, is explicitly documented by Apple as: "The system hides blocked applications and prevents the user from launching them." This is why I used the term "hide" in my app's marketing and functionality descriptions - I was directly referencing Apple's own terminology for this feature. The documentation clearly indicates this is an approved capability of this API. The source for this documentation can be found here: https://developer.apple.com/documentation/managedsettings/applicationsettings/blockedapplications-swift.property. I've also provided a screenshot of this documentation below. Despite providing a link to the documentation and a screenshot that shows the text from Apple explicitly stating "The system hides blocked applications", the App Reviewer just copy-and-pasted the same text in their reply and rejected the app. I should also note that we don't have control over how the system handles the Application set we pass into ManagedSettings.ApplicationSettings.blockedApplications, the system will always try to "hide" these apps as specified in the documentation. We can't change this behavior. Has anyone else faced this sort of rejection before? Is using ManagedSettings.ApplicationSettings.blockedApplications now considered an illegal use of the API? Or are we not allowed to use the words noted in the documentation of this API? The app rejection suggested I "consult with fellow developers and Apple engineers on the Apple Developer Forums." Any guidance here would be much appreciated as I continue to appeal this. For any Apple staff members reading this post, I can provide the Submission ID of the App Review privately if needed to help resolve this issue.

Hi I keep adding my development team member and he is not getting the invite email. Path Users and Access -> add team member

Questions I am developing a social screen time application that enables users to create “sprints” and set sprint goals—essentially time limits on usage for selected applications. For this functionality, users select the apps they wish to manage using the FamilyActivitySelection interface (from the FamilyControls framework). However, our backend needs to distinguish each application uniquely (for example, via the app’s bundle identifier) in order to correctly map and enforce user-defined sprint goals. Unfortunately, we are encountering an issue where retrieving the bundle identifier directly from the FamilyActivitySelection is returning nil. As a result, we are unable to globally identify the selected apps. Could you please advise if there is an alternative method or property available in the FamilyControls API that would allow us to uniquely identify the apps? Alternatively, is there another approach recommended by Apple for obtaining a global identifier for applications selected via FamilyActivitySelection? Thank you for your time and assistance. I look forward to your guidance on how to resolve this issue. Code The following is the print statement I used to check if bundleIdentifier is nil after I stored user's selections to the variable selection using familyActivityPicker: for app in selection!.applications { let bundleId = app.bundleIdentifier ?? "Unknown Bundle ID" let token = app.token let localizedDisplayName = app.localizedDisplayName ?? "Unknown Localized Display Name" print("Selected app bundle identifier: \(bundleId)") print("localizedDisplayName: \(localizedDisplayName)") } Console log result I received from the print statement above: Selected app bundle identifier: Unknown Bundle ID localizedDisplayName: Unknown Localized Display Name

When the iCloud Passwords Chrome extension is on, there is a 400-500ms lag between clicking on a non-password field and the UI reflecting any changes made by a .on("focus") jQuery listener. When the extension is disabled, there is no lag. See below the performance profiles for the same 4 click events. Extension ON: Extension OFF:

We developing a app called Parentgeenee. It's a Parental control app having any limitations on app block from child mobile. Trying to block more than 500 apps but not blocking if any particular method to block a bulk apps.