Good afternoon, I am developing an app integrating "sign in with apple". But I can't find how to get the user's profile photo. Apart from the first name, last name and Email, can I obtain the image or its URL?

I would like to make a suggestion: Please include an option to “lock the phone” after a call completes. This way you can hand your phone to a person To continue a phone conversation, and not have to worry about your privacy being compromised once the call ends (or better yet, during the call as well). Thanks,

Install and launch a macOS app. At that time, if the app requires permission to record the screen, the following dialog will be displayed from the OS. Grant access to this application in Privacy & Security settings, located in System Settings. 　 Follow the instructions in this dialog and select "Allow" in the system settings screen. Normally, after "Allow", the following dialog should be displayed from the OS. "AppName" mac may not be able to record the contents of your screen until it is quit. You can choose to quit "AppName" now, or do it on your own later. 　 But, it does not appear. Why? Is there some setting that needs to be done on the app side?

The list of common 3rd party SDKs that require a privacy list here: https://developer.apple.com/support/third-party-SDK-requirements/ References a "hermes" SDK. There is some ambiguity about whether this references Facebook/meta's hermes JS engine: https://github.com/facebook/hermes Or Imgur's Hermes notification system: https://github.com/Imgur/Hermes A representative from Meta claims that Apple is referring to Imgur's library, despite the branding using a capital H and Apple's list using a lowercase h (see here: https://github.com/react-native-community/discussions-and-proposals/discussions/776). Can someone from Apple please confirm which SDK is concerned ? We wish to avoid app rejections. Thank you

We have a pair of apps that are used to monitor the location of a person and allow them to reach out for help when needed. The apps are designed to be used with persons with special needs. A large portion of our target audience is people that have cognitive disabilities. One app is used by people that monitor and help the person with needs, and the other is used by the person with needs who is not with them all the time. The issue we have is that our users have trouble understanding what to do when this verification popup appears. This popup continues to appear over and over and over. This is a severe health and safety issue for us. We find that the user is often times confused by the popup and is disabling the background location tracking preventing the needs provider from being able to track the location of the user. It would be great if there was a special Entitlement that could be granted that would prevent this 'feature' of iOS. Or possibly simply a setting that the user's provider can setup on their phone to stop the annoying and dangerous constant popups. If anybody knows of a way to prevent this popup, please let us know. Otherwise, if someone at Apple could suggest how we can make this happen in the future.

I am developing a watchOS-only app, and whenever I attempt to make a network request, it always fails and throws the following error: Error Domain=NSURLErrorDomain Code=-1009 "The Internet connection appears to be offline." I noticed that when I turn off Wi-Fi and Bluetooth in the settings of the iPhone paired with the Apple Watch (thus disconnecting the Apple Watch from the iPhone), my app can successfully connect to the network. Additionally, when the app contains both an iOS app and a watchOS app, after granting network permissions on the iOS app, the watchOS app can access the network normally when connected to the iPhone. When opening some system apps on the Apple Watch (such as the "Workout" app), the app will display a network permission request similar to that on iOS, but this request does not automatically pop up when my watchOS app attempts to access the network. Is there a way to request network permissions in a watchOS-only app so that it can access the network while connected to the iPhone?

ITMS-91055: Invalid API reason declaration - The PrivacyInfo.xcprivacy for the “Frameworks/MoEngageSDK.framework/MoEngageSDK” file contains “C617.1” as the value for a NSPrivacyAccessedAPITypeReasons key instead of a valid reason code for using an API in the NSPrivacyAccessedAPICategoryUserDefaults category. Values for NSPrivacyAccessedAPITypeReasons keys in any privacy manifest must be valid reason codes for the corresponding API category. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api. ITMS-91055: Invalid API reason declaration - The PrivacyInfo.xcprivacy for the “Frameworks/MoEngageInbox.framework/MoEngageInbox” file contains “1C8F.1 1C8F.1 1C8F.1 1C8F.1 1C8F.1 1C8F.1 1C8F.1” as the value for a NSPrivacyAccessedAPITypeReasons key instead of a valid reason code for using an API in the NSPrivacyAccessedAPICategoryUserDefaults category. Values for NSPrivacyAccessedAPITypeReasons keys in any privacy manifest must be valid reason codes for the corresponding API category. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

Dear Experts, In "limited access" photos mode, I present a PHPickerViewController. It shows the entire photo library, with a note at the top saying that the app can only access the items that I select. I select a photo. In the delegate method, I get a PHPickerResult containing a plausible-looking string for the assetIdentifier. It's the same string that I get for that photo in "full access" mode. Should this photo now be accessible, or do I need to do something else at this point? When I call fetchAssetsWithLocalIdentifiers using this assetIdentifier, I get no results. When I call cloudIdentifierMappingsForLocalIdentifiers, I get error PHPhotosErrorIdentifierNotFound. In "full access" mode, both work OK. What am I missing? Thanks.

hey guyss…. Im currently using ios18 developer beta 2 on my iphoen 12…Idk if u guys noticed it or not.. but when i turn off the toggle for “Help improve apple search” (settings->search->help improve apple search) it again turns on without my knowledge seconds aftr i close the page. Ive tried restarting my iphone & many more.. nothing seems to work.. im kindoff a more private guy i usually turn off apple analytics.. usage diagnostics and i always make sure data is stored only on my local storage.. and this bug kinda piss me off 😕. i’ve given u the link below to check it out. Peace. https://youtube.com/shorts/YfVDCA-Dfrs?si=qLcl0mWL-Jm9iJFz

We need to scan newly created or modified files for malware. To achieve this, we added a plist file in the /Library/LaunchDaemons directory and intended to use a daemon process to perform the scans. However, we have encountered an issue where the daemon process cannot access files within Home subfolders such as ~/Downloads/ and ~/Documents/. When running the process as a user, it fails to scan some files due to lack of read permissions. Conversely, when running the process as root, it cannot scan files in the Home subfolders due to privacy restrictions. Could you please advise on the best approach to achieve this configuration?

I'm trying to get the ASK Sample to discover and connect to a device using a 16-bit uuid. In my case, I have a few fitness sensors laying around like heart rate monitors and cycling sensors. Specifically, I've configured the following descriptor to be shown in the picker: private static let heartRateMonitor: ASPickerDisplayItem = { let descriptor = ASDiscoveryDescriptor() descriptor.bluetoothServiceUUID = CBUUID(string: "180D") return ASPickerDisplayItem(name: "Heart Rate Monitor", productImage: UIImage(named: "PolarH10")!, descriptor: descriptor) }() 100% another app on the device using an unfiltered scan can find this device, so I know the phone can see it. Also, the settings app Bluetooth screen sees it too. When the picker is active for this descriptor, in console I see the device is being discovered and it is matching the underlying filter. However the picker doesn't show the device. Received 'start active Unspecified scan' request , without duplicates, duration:unlimited, UUIDs [ E56A082E-C49B-47CA-A2AB-389127B8ABE3 E56A082E-C49B-47CA-A2AB-389127B8ABE4 0x180D ] on 1M PHY from session "com.apple.deviceaccessd-central-727-198" Matched UUID 0x180D for device "D3030A85-BBB9-6C0D-53C4-6697898B2E4B" This is an apparent bug: FB14078940 - AccessorySetupKit: ASDiscoveryDescriptor does not appear to identify 16-bit UUIDs like the Heart Rate Service/Profile UUID After more tinkering, I did discover that if I connect the device in the settings app, and keep it connected, the picker will find the device immediately. I assume it is under the hood it is calling this function or the internal implementation: https://developer.apple.com/documentation/corebluetooth/cbcentralmanager/retrieveconnectedperipherals(withservices:) This is still not expected, a developer should be able to discover and connect an accessory directly in their app. Noteworthy, I also found that ALL apps in the Settings app list the accessory once paired, which is totally not expected: FB14170263 - Settings: Viewing accessories in settings app for all apps show the accessory paired with another application P.S. forum moderators, there is no tag for 'AccessorySetupKit' which is the technology I'd like to tag this with. Last tested with iOS 18 developer beta 2.

I'm seeking insight on why the new VisionOS Barcode Scanning API is categorized as an Enterprise API and restricted only for proprietary and in-house apps. I understand Apple's focus on privacy and I can see how this restriction could make sense for other Enterprise APIs like main camera access and passthrough screen capture. Why is barcode scanning restricted from open apps? What makes barcode scanning more of a risk to privacy versus the unrestricted APIs for object tracking, image tracking, or hand tracking?

Below is the GitHub link for the FMDB.framework contains privacyinfo.xcprivacy file provided as per the apple documentation were used in our App https://github.com/ccgus/fmdb I have reviewed the feedback, but I need additional clarification to fully understand the issue. Could you please provide more specific details or examples regarding the following points: We are using FMDB framework version 2.7.11 in our app available at https://github.com/ccgus/fmdb/ The version 4.0.0 submitted had the privacy file packaged as part of SQLCipher.bundle which resides under the FMDB framework. This was rejection with the same reason mentioned above. As a result, as part of Version 5.0.0 we have copied the privacy from the said bundle and placed it directly under the FMDB framework folder. This is rejected as well with the same reason again. Is there a concern because of empty values for the privacy keys? The GitHub source at https://github.com/ccgus/fmdb/ with the said version 2.7.11 does not use any APIs of concern listed at https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api. As a result, the provider may not have provided the values for the keys.

Hello - I am trying to add a more descriptive Location Purpose String for submitting my app to the store. I previously had a placeholder, generic string for testing. I have updated my info.plist file, but the old string is still appearing. I have 1) deleted the app from simulator device and rebuilt 2) tried pushing the version to TestFlight 3) Deleted and replaced the values in the info.plist, none of which have resolved this issue. What am I missing here?

How do I delete or edit codes in the iOS Beta Passwords app?

If "send and receive" on imessages has my Microsoft work email address, can my imessage content be synched with Microsoft ? Because I recently logged into our big data system through SSH client using my work email address, on a Console I saw one of my imessage thread printed. I reached Microsoft and their reply was to get advise reaching out to Apple support as their knowledge of iMessage is limited. Based on general knowledge about data protection the messages are most likely not synced unless there is a setting that you can allow from my side. PLEASE HELP ! This is a Mystery !!

On macOS 15, if a program installed in /Applications is allowed to connect to a PostgreSQL server on another machine on the local network, a program launched in debug mode from Xcode is not allowed to connect to the local network, and no prompt appears. Although it is possible to turn off registered programs in Local Network Privacy in Beta 2, permissions for programs launched from Xcode cannot be obtained at all. Does anyone know how to solve this problem?

$ tccutil reset All This command resets the other permissions (i.e. camera, microphone) but doesn't reset the Local Network permission. OS: macOS 15.0

The presenter in this WWDC session from 2019 (https://asciiwwdc.com/2019/sessions/701) states: "So, now in macOS Catalina, executables that are denied access to files due to a lack of Full Disk Access approval are now prepopulated unchecked." I'm unable to make this work. Included is a minimal test app that tries to access a resource that would require Full Disk Access (FDA) and then opens Privacy & Security ... FDA in settings. When I run this from Xcode or manually run the app from Finder the test app does not appear in the list of apps in FDA. If I manually drag and drop the app from the build folder into the FDA window and enable it then the app is granted FDA access successfully. To be clear I understand that even the app is automatically populated in the FDA list the user will still need to toggle the switch to enable it. But I'd like to avoid making the user hunt down the app manually add it. Testing on macOS Sonoma 14.5. Xcode 15.4. Link to project file: https://akiairzavu3i3x4dmaya-public.s3.amazonaws.com/FDA+test.zip

I have an application that uses Bonjour to communicate with other instances of the app on other devices. If I start an NWBrowser and the user has "Local Network" turned off for my app, the stateUpdateHandler for the browser gets .waiting with an error containing the string "PolicyDenied." This lets me show an alert to the user explaining what's happening, with a link to the app's Settings screen. But if I use NWListener (the counterpart of NWBrowser) and have "Local Network" turned off, there's no indication of any problem. After I start the listener, stateUpdateHandler is called with .ready as the state - even though it's not really ready to listen at all. The FAQ for Local Network Privacy suggests that any Bonjour operation will raise kDNSServiceErr_PolicyDenied if Local Network is off. However, in my application, that only seems to be true for browsing, not listening. Is there a way to detect a missing Local Network entitlement for NWListener? I know there are solutions involving sending a message to localhost, etc, but ideally there would be something simpler.