I am building a macOS utility using SwiftUI and Swift that records and displays keyboard shortcuts (like Cmd+C, Cmd+V) in the UI. To achieve this, I am using NSEvent.addGlobalMonitorForEvents(matching: [.keyDown]). I am aware that global monitoring usually requires the app to be non-sandboxed. However, I am seeing some behavior I don't quite understand during development: I started with a fresh SwiftUI project and disabled the App Sandbox. I requested Accessibility permissions using AXIsProcessTrustedWithOptions, manually enabled it in System Settings, and the global monitor worked perfectly. I then re-enabled the App Sandbox in "Signing & Capabilities." To my surprise, the app still records global events from other applications, even though the Sandbox is now active. Is this expected behavior? Does macOS "remember" the trust because the Bundle ID was previously authorized while non-sandboxed, or is there a specific reason a Sandboxed app can still use addGlobalMonitor if the user has manually granted Accessibility access? My app's core feature is displaying these shortcuts for the user's own reference (productivity tracking). If the user is the one explicitly granting permission via the Accessibility privacy pane, will Apple still reject the app for using global event monitors within a Sandboxed environment? Code snippet of my monitor: // This is still firing even after re-enabling Sandbox eventMonitor = NSEvent.addGlobalMonitorForEvents(matching: [.keyDown]) { event in print("Captured: \(event.charactersIgnoringModifiers ?? "")") } I've tried cleaning the build folder and restarting the app, removing the app from accessibility permission, but the events keep coming through. I want to make sure I'm not relying on a "development glitch" before I commit to the App Store path. Here is the full code anyone can use to try this :- import SwiftUI import Cocoa import Combine struct ShortcutEvent: Identifiable { let id = UUID() let displayString: String let timestamp: Date } class KeyboardManager: ObservableObject { @Published var isCapturing = false @Published var capturedShortcuts: [ShortcutEvent] = [] private var eventMonitor: Any? // 1. Check & Request Permissions func checkAccessibilityPermissions() -> Bool { let options: NSDictionary = [kAXTrustedCheckOptionPrompt.takeUnretainedValue() as String: true] let accessEnabled = AXIsProcessTrustedWithOptions(options) return accessEnabled } // 2. Start Capture func startCapture() { guard checkAccessibilityPermissions() else { print("Permission denied") return } isCapturing = true let mask: NSEvent.EventTypeMask = [.keyDown, .keyUp] eventMonitor = NSEvent.addGlobalMonitorForEvents(matching: mask) { [weak self] event in self?.processEvent(event) } } // 3. Stop Capture func stopCapture() { if let monitor = eventMonitor { NSEvent.removeMonitor(monitor) eventMonitor = nil } isCapturing = false } private func processEvent(_ event: NSEvent) { // Only log keyDown to avoid double-counting the UI display guard event.type == .keyDown else { return } var modifiers: [String] = [] var symbols: [String] = [] // Map symbols for the UI if event.modifierFlags.contains(.command) { modifiers.append("command") symbols.append("⌘") } if event.modifierFlags.contains(.shift) { modifiers.append("shift") symbols.append("⇧") } if event.modifierFlags.contains(.option) { modifiers.append("option") symbols.append("⌥") } if event.modifierFlags.contains(.control) { modifiers.append("control") symbols.append("⌃") } let key = event.charactersIgnoringModifiers?.uppercased() ?? "" // Only display if a modifier is active (to capture "shortcuts" vs regular typing) if !symbols.isEmpty && !key.isEmpty { let shortcutString = "\(symbols.joined(separator: " ")) + \(key)" DispatchQueue.main.async { // Insert at the top so the newest shortcut is visible self.capturedShortcuts.insert(ShortcutEvent(displayString: shortcutString, timestamp: Date()), at: 0) } } } } PS :- I just did another test by creating a fresh new project with the default App Sandbox enabled, and tried and there also it worked!! Can I consider this a go to for MacOs app store than?

For Local network access, Chrome prompts the user to allow access and adds it to Settings --> Privacy & Security --> Local Network. However, for Safari, no prompt appears. How do I force Safari to authorise these local network access requests if it won't trigger the permission dialogue? Is there a specific WKWebView configuration or Safari-specific header required to satisfy this security check?

We have a very strange issue that I am trying to solve or find the best practice for. We have a SwiftUI View that uses the Camera to preview. So as suggested in Apples Docs we check authorisation status and then if it's not determined we request authorisation. We also have the privacy entry in the info.plist case .notDetermined: AVCaptureDevice.requestAccess(for: .video) { accessStatusAuthorised in if !accessStatusAuthorised { self.cameraStatus = .notAuthorised } else { self.isAuthorized = true self.cameraStatus = .authorised self.startCameraSession(cameraPosition: cameraPosition) } } case .restricted: cameraStatus = .notAuthorised isAuthorized = false case .denied: cameraStatus = .notAuthorised isAuthorized = false case .authorized: cameraStatus = .authorised isAuthorized = true startCameraSession(cameraPosition: cameraPosition) break @unknown default: isAuthorized = true cameraStatus = .notAuthorised } However when we call this code it freezes the Camera feed, even when allow has been tapped. However and this is the confusing part. If we do not call the code above, we still get the permission for camera access pop up and the camera works fine after allowing. What im concerned about is changing the code to do this and its a possible apple bug that gets fixed and hey then none of the Apps allow the camera function. I cannot see any where that the process has changed for iOS 26 / Xcode 26. Can anyone shed any light on this or had similar experience ?

Hello App Review Team, I am writing to seek clarification regarding repeated review feedback received via App Store Connect (Resolution Center) for my app: App Name: Animal Sounds & Insects 90+ App ID: 6741077718 Team ID: 24MTF8NJ6Q Over the past two weeks, this app update has remained in review with multiple rejections referencing similar concerns, despite detailed responses and clarifications already provided in the Resolution Center. Unfortunately, I have not received follow-up responses or specific guidance there, which has prevented me from releasing even a minor update. To ensure clarity and avoid further delays, I am summarizing the key points below. Parental Gate (Guideline 1.3 – Kids Category) The review feedback indicates that the app may include links, commerce, or ad interactions without parental permission. I would like to clarify that the app implements a mandatory, non-dismissible parental gate, which is required before: Opening any external links Engaging in any form of commerce, including in-app purchases Interacting with any advertisements This parental gate cannot be bypassed or disabled and is triggered consistently across all applicable user flows. No child user can access links, purchases, or ad interactions without successfully completing the parental gate. If there is a specific screen, flow, or scenario where this behavior was interpreted differently during review, I would greatly appreciate precise details so I can verify and address it immediately. Advertising Experience (Guideline 4.0 – Design) The review also notes that users are required to view advertisements prior to using the app. I would like to clarify that the app does not require users to view advertisements before accessing its core functionality. Specifically: There are no forced ads No launch or entry interstitials No ads that block or gate access to the app’s main features Advertising within the app is passive and non-intrusive. This setup has been live for over one year, and no recent changes were introduced that would alter this behavior. Request for Guidance I fully respect and support the App Review Guidelines and am committed to complying with them. Given the repeated rejections and lack of actionable feedback so far, I kindly request: Clear and specific guidance on the exact screen, flow, or behavior being flagged Confirmation on whether the current parental gate implementation is being detected correctly during review My goal is to resolve any remaining concerns as quickly and accurately as possible so the review process can move forward. Thank you very much for your time and support. I appreciate the work of the App Review team and look forward to your guidance. Kind regards, Jiyan Aslan Developer, Animal Sounds & Insects 90+

I just spend the morning debugging LocationButton and the associated CLLocationManagerDelegate only to realise that it works perfectly in iOS 18.5 but no longer works for me in iOS 26.0, 26.2 or 26.2.1 (the latter on-device). It does work when I run my app on macOS 26.2 (Designed for iPad). Is there a change in behaviour or requirements on iOS I am missing? On iOS 18.5 I observe that the authorisation status changes from .notDetermined to .authorizedWhenInUse after the LocationButton has been tapped and my delegate is able to obtain the location through locationManager(_ , didUpdateLocations:). On iOS 26.x the authorisation status remains .notDetermined and my delegate receives locationManager(_:didFailWithError:) with error code .denied. Setting NSLocationWhenInUseUsageDescription in my Info.plistdid not help. Just in case ;) FB21798098 (SwiftUI LocationButton fails to acquire authorization on iOS 26)

We are having an issue with the Local Network permission pop-up not getting triggered for our apps that need to communicate with devices via local network interfaces/addresses. As we understand, apps using UDP should trigger this, causing macOS to prompt for access, or, if denied, fail to connect. However, we are facing issues with macOS not prompting this popup at all. Here are important and related points: Our application is packaged as a .app package and distributed independently (not on the App Store). The application controls hardware that we manufacture. In order to find the hardware on the network, we send a UDP broadcast with a message for our hardware on the local network, and the hardware responds with a message back. However, the popup (to ask for permission) never shows up. The application is not able to find the hardware device. It is interesting to note that data is still sent out to the network (without the popup) but we receive back the wrong data. The behaviour is consistent macOS Sequoia (and above) with both Apple And Intel silicon. Workarounds that have been tried: Manual Authorization: One solution suggested in various blogs was to go to "Settings → Privacy and Security-> Local network", find your application and grant access. However, the application never shows up in the list here. Firewall: No difference is seen in behaviour with firewall being ON OR OFF. Setting NSLocalNetworkUsageDescription: We have also tried setting the Info.plist adding the NSLocalNetworkUsageDescription with a meaningful string and updating the NSBonjourServices. Running Via terminal (WORKS): Running the application via terminal sees no issues. The application runs correctly and is able to send UDP and receive correct data (and find the devices on the network). But this is not an appropriate solution. How can we get this bug/issue fixed in macOS Sequoia (and above)? Are there any other solutions/workarounds that we can try on our end?

We're trying to implement Cross-domain session check for SSO by making CORS request. is Intelligent Tracking Prevention blocks all cookies in CORS requests? I saw all cookies are blocked in CORS requests. We are not able to check the auth session in source domain. Are there anyway to bypass this without user interaction? benefitier.com -> source.com

I have a desktop application that shows some real estate properties chosen by the user. The application shows those GPP locations on the map. The SwiftUI code is something like the following. import SwiftUI import MapKit struct ContentView: View { var body: some View ZStack { mapView } } private var mapView: some View { Map(position: $propertyViewModel.mapPosition) { ForEach(propertyViewModel.properties) { property in Annotation("", coordinate: CLLocationCoordinate2D(latitude: property.lat, longitude: property.lon)) { Button { } label: { VStack { Image(systemName: "house.circle.fill") .resizable() .scaledToFit() .frame(width: 48) .foregroundStyle(colorScheme == .light ? .white : .black) ... } } .buttonStyle(.borderless) } } UserAnnotation() } .mapControls { MapUserLocationButton() } .mapControlVisibility(.visible) .onAppear { CLLocationManager().requestWhenInUseAuthorization() } } } The application only wants to use the CLLocationManager class so that it can show those locations on the map relative to your current GPS position. And I'm hit with two review rejections. Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage Issue Description One or more purpose strings in the app do not sufficiently explain the use of protected resources. Purpose strings must clearly and completely describe the app's use of data and, in most cases, provide an example of how the data will be used. Guideline 5.1.5 - Legal - Privacy - Location Services The app uses location data for features that are not relevant to a user's location. Specifically, the app is not functional when Location Services are disabled. So I wonder if the application is even required to have 'NSLocationWhenInUseUsageDescription' and/or 'NSLocationUsageDescription'? just in order to show user's current location so that they can see property locations relative to it? The exact location privacy statement is the following. The application needs your permission in accessing your current location so that it will appear on the map

Hi, Our app (Tenkobo) received a rejection notice after review due to the fact that we use Gemini AI since 3 builds ago. Since then, we have been improving the disclosure of the data we collect, explicitly stating all the data, introducing a new feature that checks granular consent and syncs consent state for the user to the backend, and controls for whether to send to the Gemini API service for that feature depending on consent state for the user. Moreover, this feature is a premium add-on to a module that already does most things locally on the device and sends to our cloud infrastructure to allow storage and sync when users use multiple devices. It is a multi-platform app. However, despite every improvement, we keep getting the same Rejection reason that "The issues we identified still need your attention. I have asked for help or even that the rejection reason be more specific, but nothing. I have send pictures, and in this last rejection about 8 hours ago, I had to reply with a video showing that what they are asking for is already there. Why does the system work like this? It is frustrating, especially if a development team needs to be guessing how much is too much. We feel we are now close to removing the feature completely out of frustration, and it is very useful feature for our users based on the feedback we received from the android users (the android app has been live since about 6 weeks ago.) Please, what else can we do? We have requested a review meeting with App Review, the entire product plans are now on the verge of being irredeemably disrupted, and the company could go bankrupt just because our reviewer does not deem it fit to tell us exactly what they are expecting to see. Anyone with experience in this area should kindly provide some advise on what to do now. Thank you.

Our app (Tenkobo) received a rejection notice after review due to the fact that we use Gemini AI since 3 builds ago. Since then, we have been improving the disclosure of the data we collect, explicitly stating all the data, introducing a new feature that checks granular consent and syncs consent state for the user to the backend, and controls for whether to send to the Gemini API service for that feature depending on consent state for the user. Moreover, this feature is a premium add-on to a module that already does most things locally on the device and sends to our cloud infrastructure to allow storage and sync when users use multiple devices. It is a multi-platform app. However, despite every improvement, we keep getting the same Rejection reason that " ... Review Device: iPad Air 11-inch (M3) ... The issues we previously identified still need your attention. Guidelines 5.1.1(i) - Legal - Privacy - Data Collection and 5.1.2(i) - Legal - Privacy - Data Use The app appears to share the user’s personal data with a third-party AI service but the app does not clearly explain what data is sent, identify who the data is sent to, and ask the user’s permission before sharing the data. Apps may only use, transmit, or share personal data after they meet all of the following requirements: Disclose what data will be sent Specify who the data is sent to Obtain the user’s permission before sending data Identify in the privacy policy what data the app collects, how it collects that data, all uses of that data, and confirm any third party the app shares data with provides the same or equal protection Next Steps Revise the app to explain what data is sent, identify who the data is sent to, and ask the user’s permission before sharing personal data with a third-party AI service. If it does not already, the app’s privacy policy must also identify what data the app collects, how it collects that data, and all uses of that data, including if it is shared with a third-party AI service. " I have asked for help or even that the rejection reason be more specific, but nothing. I have send pictures, and in this last rejection about 8 hours ago, I had to reply with a video showing that what they are asking for is already there. Please, what else can we do? We have requested a review meeting with App Review, the entire product plans are now on the verge of being irredeemably disrupted, and the company could go bankrupt just because our reviewer does not deem it fit to tell us exactly what they are expecting to see. Anyone with experience in this area should kindly provide some advise on what to do now. Thank you.

I have a desktop application developed in SwiftUI that shows property locations on the map. That's NOT the main feature. IF you give the application permission to access your location, the blue dot will appear on the map. If you don't, the blue user dot won't appear. That's the only difference with location services. In other words, the application has no use of user's current position beyond showing it on the map. Since it's just the matter of showing or not showing the blue dot on the map, the application doesn't really need to use the location service. Anyway, the reviewer is talking about something else by rejecting the application in two aspects. Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage Guideline 5.1.5 - Legal - Privacy - Location Services As I said earlier, the application only wants to show the blue dot on the map so that you can see your property locations relative to your current location. In code, it's something like the following. Map(position: $propertyViewModel.mapPosition) { ForEach(propertyViewModel.properties) { property in Annotation("", coordinate: CLLocationCoordinate2D(latitude: property.lat, longitude: property.lon)) { ... } } UserAnnotation() } So I'm hit with two rejection reasons with this one line. UserAnnotation() And the reviewer is talking about something like the app is not functional when Location Services are disabled. To resolve this issue, please revise the app so that the app is fully functional without requiring the user to enable Location Services. Well, I can remove the UserAnnotation() line if I want to put this application through the review process. Nothing will become dysfunctional, though, if you decide to reject permission request. So would you remove it or would you play along with this reviewer if you were me? It's been three or four days since rejection. As you can imagine, the reviewer doesn't bother to answer as to What are the exact coordinates that the application has allegedly collected What won't work as a result of location permission request refusal. This isn't the first time I get my app rejected. I've probably had 150 to 200 of them rejected in the past 15 years. And just because a reviewer rejects your app for a bizarre reason, would you give in? Remove this feature and that feature because the reviewer is incompetent such that he or she makes his or her decision based on imagination? What do you think?

I'm building a macOS app that registers itself for HTTP(S) url handling and would like it to participate in the ASWebAuthenticationSession fow. I did: update the plist to register as a handler for URL shemes (http, https, file) use NSWorkspace setDefaultApplication API to set this app as a default handler for urls in question wrote custom ASWebAuthenticationSessionWebBrowserSessionHandling implementation and set it as SessionManager's sessionHandler I launched this app from Xcode, then I triggered authentication flow from a third-party app. When the sign in flow is initiated, I can see that my app is activeated (willBecomeActive and didBecomeActive callbacks are both called), but there is no call for sessionHandler's begin() method. With some additional debugging I see that my app receives an apple event when the flow is started: {sfri,auth target=SafariLaunchAgent {qntp=90/$627......},aapd=TRUE If I switch system default browser back to Safari and then start the login flow, it correctly displays a sign in web page. What do I miss? PS. I'm on Tahoe 26.2

How to legally and compliantly upload users' fitness and health data to our own server—while adhering to Apple's strict privacy policies—for analysis by our AI large model to provide personalized feedback and recommendations to users.

Hi everyone, I’m building a messaging app because I’ve seen firsthand how much support and safety is overlooked for this generation online. My goal is to give teens a foundation of security, privacy, and mental health support, while still letting them connect freely. I want to leverage Apple’s platform to help this mission reach the right audience and have real impact. The app already includes: Community chat with message blurring for sensitive or harmful words. Anti-shoulder surfing tools to protect private conversations. Shake dashboard for quick access to emergency services. In-chat locks with ML detection for grooming patterns, offering resources while respecting privacy. Full user control: messages can be deleted anytime, blocking is permanent, and accounts can’t bypass restrictions on the same device. User consent-first design: every feature is opt-in and controlled by the user. At this point, I’m looking for guidance on how to position and prepare the app to reach Apple editorial or headline attention — what steps or best practices help mission-driven apps get noticed for features, WWDC spotlights, or App Store promotion? My focus isn’t just on improving the app, but on launch strategy and visibility in a way that amplifies the mission responsibly. If it’s helpful, I can share a TestFlight build or walkthrough to illustrate the app in action. Thank you for any insights or advice — I want to make sure this mission has the best chance to reach and support the generation it’s built for.

Hi All, We are facing App Rejection from Apple due to this - Guidelines 5.1.1(i) - Legal - Privacy - Data Collection and 5.1.2(i) - Legal - Privacy - Data Use Issue Description The app appears to share the user’s personal data with a third-party AI service but the app does not clearly explain what data is sent and identify who the data is sent to before sharing the data. Apps may only use, transmit, or share personal data after they meet all of the following requirements: Disclose what data will be sent Specify who the data is sent to Obtain the user’s permission before sending data Identify in the privacy policy what data the app collects, how it collects that data, all uses of that data, and confirm any third party the app shares data with provides the same or equal protection Next Steps If the app sends user data to a third-party AI service, revise the app to explain what data is sent and identify who the data is sent to before sharing personal data with a third-party AI service. If it does not already, the app’s privacy policy must also identify what data the app collects, how it collects that data, and all uses of that data, including if it is shared with a third-party AI service. If the app does not send user data to a third-party AI service or does not include a third-party AI service, reply to this rejection to confirm and add this information to the App Review Information section of App Store Connect. We have updated on privacy policy and ATT as well as Nutrition Labels and we have added a consent screen for explicitly taking the user consent for AI Services. However we are still seeing the rejection. Has some else faced a similar issue and what are the steps they followed for this.

Hi! We are facing App Rejection from Apple due to this <> Guidelines 5.1.1(i) - Legal - Privacy - Data Collection and 5.1.2(i) - Legal - Privacy - Data Use Issue Description Issue Description The app appears to share the user’s personal data with a third-party AI service but the app does not clearly explain what data is sent, identify who the data is sent to, and ask the user’s permission before sharing the data. Apps may only use, transmit, or share personal data after they meet all of the following requirements: Obtain the user’s permission before sending data Next Steps If the app sends user data to a third-party AI service, revise the app to ask the user’s permission before sharing personal data with a third-party AI service. If it does not already, the app’s privacy policy must also identify what data the app collects, how it collects that data, and all uses of that data, including if it is shared with a third-party AI service. If the app does not send user data to a third-party AI service or does not include a third-party AI service, reply to this rejection to confirm and add this information to the App Review Information section of App Store Connect. <> We already updated our privacy policy. The ATT implementation was done. We even added a consent screen emphasizing that we need the user's consent to share some information with third-party AI services. And after all that, we are still seeing the rejection. Has someone else faced a similar issue? I saw someone here in the forum having almost the same problem, but there wasn't a solution. What are the next steps?

I am reporting what appears to be a serious integrity flaw in Safari under iPadOS 26.3 (and lower) that materially undermines the reliability of Screen Time parental controls. This is not merely a UX inconsistency but a functional contradiction within a system explicitly marketed and positioned as secure parental control infrastructure. Device / Environment Device: iPad Air M3 13" (2025) OS: iPadOS 26.3 Safari (system version) Screen Time enabled with active restrictions Child account (10 years old) Background We deliberately chose an Apple device for school use based on the expectation that Apple’s system-level parental control mechanisms — especially Screen Time — are robust, tamper-resistant, and technically consistent. Screen Time is configured with: App limits Downtime Parental controls enabled with limited web content restrictions (school requirements prevent strict blocking) Safari enabled (mandatory for educational use) further parental control restrictions Because aggressive website blocking would interfere with legitimate school activities, monitoring Safari browsing history is a central supervisory mechanism. When Screen Time is active: Clearing the entire browsing history via Safari is correctly blocked. Clearing history via system settings is correctly blocked. The system explicitly communicates that deletion is not permitted due to Screen Time restrictions. This behavior establishes a clear user expectation: Browsing history is protected against manipulation. The Issue Despite the above safeguards, individual browsing history entries can be deleted easily and silently through the address bar suggestion interface. This creates a structural contradiction: Full deletion is blocked. Selective deletion — which is arguably more problematic — remains possible. Steps to Reproduce Enable Screen Time with restrictions that prevent deletion of browsing history (for example on a student device with a child account). Open Safari and visit any website. Confirm it appears in Safari history. Tap the Safari address bar. Type part of the URL or page title. Safari suggests the previously visited page below the address bar. Swipe left on that suggestion. A red “Delete from History” button appears. Tap it. Actual Result The entry disappears immediately: No Screen Time PIN required No authentication request No warning No restriction triggered No parental notification No audit trace visible Deletion occurs silently and irreversibly. Expected Result When Screen Time is configured to prevent browsing history deletion: Individual entries must not be deletable Deletion must require Screen Time authentication Anything else defeats the protective purpose of the restriction. Real-World Impact In practical use, this allows minors to selectively sanitize browsing history while preserving a seemingly intact record. In our case, this method is widely known among classmates and routinely used to conceal visits to gaming or social media platforms during school hours. The technical barrier to exploitation is negligible. This results in: A false sense of security for parents A discrepancy between advertised functionality and actual system behavior A material weakening of parental control integrity When a system explicitly blocks full history deletion but permits silent selective deletion, the protection mechanism becomes functionally inconsistent and unreliable. Given that Screen Time is publicly positioned as a dependable parental control framework, this issue raises concerns not only about implementation quality but also about user trust and reasonable reliance on advertised safeguards. Request Please classify this as a parental control integrity and trust issue. Specifically: Disable individual history deletion while Screen Time restrictions are active OR Require Screen Time passcode authentication for deleting single entries Screen Time is presented as a secure supervisory environment for minors. In its current implementation under iPadOS 26.3 and before, that expectation is technically not met. This issue warrants prioritization.

Hi, We’re building an iOS app that uses the Screen Time APIs (FamilyControls and DeviceActivity) to display a user’s own usage metrics inside the app. With the appropriate permissions granted, we are successfully reading and presenting metrics such as: Total screen time Device pickups These metrics are already visible to the user inside our app. We would now like to introduce a user-initiated “Share” feature. The idea is to: Render selected Screen Time metrics into a shareable image card generated locally on device. Present the standard iOS share sheet (UIActivityViewController). Allow the user to share that image to Messages, social apps, etc., if they choose. Important clarifications: This is fully user-initiated. The app does not automatically transmit Screen Time data. The metrics are already displayed in-app with user permission. The share asset would be generated locally. No background export or server-side posting would occur unless explicitly triggered by the user via the share sheet. We are seeking clarification on whether there are any policy or API restrictions around: Rendering Screen Time-derived metrics into a user-facing share card Allowing user-initiated export of those metrics via the standard iOS share flow Are there any additional privacy requirements, entitlement constraints, or App Review considerations we should be aware of when implementing this? Thanks in advance for any guidance.

I am developing a macOS application that depends on noticing when the user's computer switches WiFi association, and the SSID determines specific actions. I am currently testing on Tahoe and found that using CoreWLAN can even get notifications and discover the actual SSID inside an app, as long as the app is signed with a real certificate and a corresponding profile is installed on my development machine. The app, however, installs and launches a launchctl agent, which will always be running and hence the component to discover changes and act upon them. Although app and agent both have their own bundle identifier, both configured in the portal, the agent always received a redacted SSID (nil), while the app does not. The only app entitlement currently is "com.apple.security.get-task-allow = true", which I don't think has anything to do with this. The agent has: com.apple.application-identifier com.apple.developer.team-identifier com.apple.security.get-task-allow com.apple.security.personal-information.location Both have asked for permission, and both have location services enabled in system settings. The agent runs as an LSUIElement=1, headless/background configuration. So, am I missing something, a step, or is there a fundamental restriction on an agent that makes this an impossible task? (Right now, it runs a shortcut to discover the name, but requires the user to create it, and it has side effects I'd rather not see, like the flashing indicator in the menu bar)

Our company has a micro service which sends a notification email to an iCloud account/email and the email is going to the junk folder. As we tested, the email generated from user-field.company.com goes to the Inbox, while the email from user-dev.company.com goes to the Junk folder. Is there a way to avoid sending the emails to client's Junk folder when the email is sent from a specific company domain?