I have added an in-app purchase function into my app, and have enabled in-app purchase profile in developer portal(it's on by default and is marked gray in developer portal, I don't know if that's how it supposed to look like). I have issued the agreements and tried signing the app both manually and automatically, but neither of that worked. App can be built successfully in simulator but does not show the simulation window, but cannot build on real device or archive. Errors: Missing com.apple.developer.in-app-purchase, com.apple.developer.in-app-purchase.non-consumable, and com.apple.developer.in-app-purchase.subscription entitlements. Automatic signing failed Xcode failed to provision this target.

Hi, I am developing a iOS app with Packet Tunnel Provider Network Extension. I manage signing manually. I created a distribution provisioning profile. Then when I archive and click "validate" I get this error: Your application bundle's signature contains code signing entitlements that are not supported on iOS. Specifically, value 'url-filter-provider' for key 'com.apple.developer.networking.networkextension' So I run security cms -D -i profiles/vpn_distribution.mobileprovision and I see there <key>Entitlements</key> <dict> <key>com.apple.developer.networking.networkextension</key> <array> <string>app-proxy-provider</string> <string>content-filter-provider</string> <string>packet-tunnel-provider</string> <string>dns-proxy</string> <string>dns-settings</string> <string>relay</string> <string>url-filter-provider</string> <string>hotspot-provider</string> </array> Where are those coming from. My entitlement file has <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.developer.networking.networkextension</key> <array> <string>packet-tunnel-provider</string> </array> <key>com.apple.security.application-groups</key> <array> <string>group.my-app-group</string> </array> </dict> </plist> What is happening here. How can I get a provisioning profile that only has the entitlements that I actually need?

I need to post an app so how do you do it

Hello, I would like to clarify how link association and app-opening preferences work in iOS, specifically when a user opens a URL in a browser that can be handled by an installed application. I have noticed the following behavior: When a user taps a URL that can be opened by an app, iOS sometimes asks whether to open the link in the app or continue in the browser. After choosing an option once (for example, "Open in App" or "Stay in Browser"), it seems that this preference becomes persistent. Even after deleting the application and reinstalling it, the browser (Safari or third-party browsers) sometimes continues to open the link directly in the browser without asking the user again. In some cases, it appears impossible to reset or clear this association, and the user is not prompted again to choose how the link should be opened. My questions are: How exactly does iOS store link-handling preferences between apps and browsers? Are these preferences saved on the system level, inside Safari, or associated with the app installation itself? Is there a way for a user to manually reset or clear these link-opening associations? Should deleting and reinstalling the app reset these preferences, or is the behavior expected to persist? Is this behavior different for Universal Links, App Clips, or for regular URL scheme associations? This situation is important for us because it affects user experience, and at the moment it is difficult to understand or reproduce the internal logic behind these link associations. Thank you in advance for your clarification.

I am encountering a cloud signing permission error when archiving and uploading an iOS app using Xcode with Automatically manage signing enabled. Xcode reports that it cannot access or create cloud-managed distribution certificates, and therefore cannot find any App Store provisioning profiles for either the main app target or an associated Notification Service Extension. The error message returned by Apple’s certificate API indicates that access to cloud-managed distribution certificates is forbidden. Error messages Cloud signing permission error You haven't been given access to cloud-managed distribution certificates. Please contact your team's Account Holder or an Admin to give you access. No profiles were found Xcode couldn't find any iOS App Store provisioning profiles matching the app or extension targets. Environment Xcode: 16.x Signing method: Automatic signing (App Store distribution) Apple Developer Program team with existing distribution certificates Apple ID role: Admin (recently upgraded from a lower role) What I have verified Automatic signing is enabled for all targets The correct team is selected Bundle identifiers are valid and already registered The app and extension exist in App Store Connect Distribution certificates already exist in the team (previously created manually) Observed behavior Xcode attempts to access cloud-managed distribution certificates Apple certificate service responds with a permission-denied error As a result, provisioning profiles cannot be generated automatically Question After being upgraded to an Admin role, is there a known delay or additional requirement before an account can access cloud-managed distribution certificates, especially for teams that previously used manually managed distribution certificates? Is there any recommended action (besides waiting or having the Account Holder perform an initial signing operation) to unblock automatic signing in this situation?

The profile expiration date is approaching, and no amount of inquiries will solve it. Create a new profile Download a new profile from Xcode Press archive, press Distribute App, press Enterprise, and distribute Invalid expiration date in profile of summary of review app.ipa content I've tried everything that comes out by Googleing profiles, such as regenerating profiles, erasing caches, updating Xcode, updating macOS, deleting existing profile information, etc. Expiration date different from the expiration date of the profile created in that menu is displayed. The expiration date of the profile I created is December 8, 2026, and the previous certificate is January 22, 2026. However, the profile information of the generated ipa is February 12, 2026. So I can't distribute this app because I'm scared, and the expiration date is coming up. Users should have a period of time to update. Get me a novice developer who's choking up.

Provisioning profile doesn't match the entitlements file's value for the com.apple.developer.nfc.hce.iso7816.select-identifier-prefixes entitlement. Although when we created the request, we added a list of AIDs which is the same as the list registered in Inof.plist <key>com.apple.developer.nfc.hce.iso7816.select-identifier-prefixes</key> <array> <string>XXXXXX</string> <string>XXXXXX</string> <string>XXXXXX</string> </array> How can we get a better message of diffs between them?

I've upgraded to a new Macbook recently, just when I was setting up my Xcode, I realized I there is a this red "X" showing up next to my development team as I was signing in to my account I have checked my permission on App Store Connect, everything seemed fine. I have also deleted my old Apple development certificate and requested for another one. Nothing worked.

Hi, I do have a strange behavior in my development environment on a Mac mini (M4) running 26.2 and Xcode 26.3. Everything was working as expected. My project had a stable state and I wanted to enable iCloud support. As result I could not run the app any more because code signing failed with the message that my profile does not include the above entitlement. On my notebook (M2) with XCode 26.3 everything is working. Im am using GIT and both computers have identical code. The code compiling and running on my notebook will not run any more on my Max mini. Any help to find what might have broken the code signing and how it could be fixed? Thanks in advance.

Hello, I'm working in the team with 70 i(Pad)OS test devices running 24/7, and 40 of them are iOS 18 or 26. The problem is: for enterprise apps to be tested (signed with ADEP inhouse profile) the devices over iOS 18 require Enterprise App developers to be allowed at least once with physical control on-device after reboot, which is quite burdensome because we put all the devices in the restricted area, supposed to be used from the remote. Devices are logged into Apple ID for the prevention of Activation Lock but no preparation nor management via MDM over Apple Configurator 2. Is there any binary, tool, app that can check (letting us allow devices for those developers would be even better) if the Enterprise App developer(s) are allowed for the device via terminal or VNC?