Hello I'm working on Live Caller ID Lookup implementation on my own pet-project, as I understood I need to create app and extension for this app. I also created test PIR-service. I did configure serviceURL, tokenIssuerURL and userTierToken. In My app I implemented following code Task { if LiveCallerIDLookupManager.shared.status(forExtensionWithIdentifier: "some-extension") == .disabled { `//` Show an alert. print("LiveCallerIDLookupManager is disabled") } do { // Open Settings. try await LiveCallerIDLookupManager.shared.openSettings() } catch { } It does open Call settings, but I don't understand what should I do next.

Hi Apple engineering team, I’m trying to integrate the new Live Caller ID Lookup (PIR) on iOS using your pir-service-example code as well as a custom mock server in Vapor, but the extension never advances past the /issue/token-key-for-user-token step. I’ve tried both: 1. Official Example Cloned https://github.com/apple/pir-service-example Ran PIRService locally Confirmed that GET /.well-known/private-token-issuer-directory → 200 GET /issue/token-key-for-user-token → 200 (DER bytes, correct SPKI) No POST /issue ever fires 2. Mock Server (Vapor) Implemented all five endpoints (/config, /.well-known/private-token-issuer-directory, /issue/token-key-for-user-token, /issue, /queries) Verified with curl and openssl asn1parse that: GET /.well-known/private-token-issuer-directory Content-Type: application/private-token-issuer-directory { "issuer-request-uri":"https://…/issue", "token-keys":[…] } GET /issue/token-key-for-user-token Content-Type: application/octet-stream <DER bytes> Added Cache-Control: public, max-age=3600 on directory and SPKI Stubbed POST /issue to always return { "token": "" } Still no POST /issue request from the extension Reproduction Steps Install and enable a Live Lookup extension pointing to my server. Trigger an incoming call on device. Watch server logs—only see the two GETs, never /issue or /queries. Expected Behavior After fetching the SPKI DER, the framework should issue a POST /issue call (Privacy Pass flow) and then POST /queries. Observed Behavior Stuck in an infinite loop of: GET /.well-known/private-token-issuer-directory GET /issue/token-key-for-user-token (repeat…) No progression to the /issue or /queries endpoints. What I’ve Tried Verified JSON kebab-case and headers exactly match examples Confirmed SPKI DER is valid via openssl asn1parse Added Cache-Control headers Tested on real device, localhost url, and ngrok public URL Mocked a valid-looking token response Could you advise what additional requirement or format detail I’m missing that prevents from advancing past /issue/token-key-for-user-token? These are the main files: LiveLookupExtension.swift routes.swift service-config.json Thanks in advance!

Hello, After submitting onboarding form for Live Caller ID Lookup feature, we received rejection response that our OHTTP gateway doesn't support HTTP/2. We have run provided command openssl s_client -alpn h2 -connect with our domain several times from different machines and environments, and our results consistently confirm that HTTP/2 is indeed supported by our OHTTP gateway. The output clearly shows ALPN protocol: h2, indicating successful HTTP/2 negotiation. Here is the log chunk from the command-line response: No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 4393 bytes and written 406 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256 Server public key is 2048 bit This TLS version forbids renegotiation. Compression: NONE Expansion: NONE ALPN protocol: h2 Early data was not sent Verify return code: 0 (ok) --- DONE We have also tried different 3rd-party services to check the HTTP/2 support and they also confirmed that HTTP/2 is supported. Is it possible to provide additional details on the specific criteria or test conditions that led to its non-approval? I'm happy to provide any further diagnostic information or engage in more detailed technical discussion.

A message filter extension is only forwarded SMSs by the OS for filtering, iMessages aren't. But what is the situation with RCS messages? Will they be filterable by a message filtering extension?

My iOS app uses a Message Filter extension (via ILMessageFilterQueryHandling) and works only when run directly as the extension target. When installed normally (via TestFlight), the filter does not trigger at all — which I now believe is because iOS enforces the com.apple.developer.identitylookup entitlement at runtime. Anyone know anything about this? I put in a request for the entitlement last week but heard nothing back. Called Apple "technical" support and they had no idea what I was talking about. The documentation around this is EXTREMELY lacking in my opinion...

Hi Apple Developer, I’m working on a message-filtering application and reviewing Apple's documentation on message filtering. The documentation clearly states that MMS messages can be filtered. (https://developer.apple.com/documentation/identitylookup/sms-and-mms-message-filtering) When we refer to MMS, it includes images, short videos, and other supported multimedia formats. However, the ILMessageFilterQueryRequest only provides the message body as a String, meaning we can access text and links but not images or other media files. Could you please confirm whether Apple allows third-party applications to access multimedia content sent from unknown numbers? Looking forward to your quick response. Thanks, Rijul Singhal

In order to create a Message Filter Extension it is necessary to set up Shared Web Credentials. I'd like to form an understanding of what role SWC plays when the OS is making request to the associated network service (when the extension has called deferQueryRequestToNetwork()) and how this differs from when an app directly uses Shared Web Credentials itself. When an app is making direct use of SWC, it makes a request to obtain the user's credentials from the web site. However in the case of a Message Filter Extension, there aren't any individual user credentials, so what is happening behind the scenes when the OS makes a server request on behalf of a Message Filtering Extension? A more general question - the documentation for Shared Web Credentials says "Associated domains establish a secure association between domains and your app.". Thank you

Hi Team, We’re encountering a device-specific issue with our SMS Message Filter extension. The extension works as expected on an iPhone 11 running iOS 16.6, but it does not trigger on an iPhone 12 Pro running iOS 16.7. Key Observations: The extension is implemented using ILMessageFilterExtension and calls messageFilterOffline(appGroupIdentifier:for:) from our shared library. The App Group is properly configured and accessible across the app and extension. The extension is enabled under Settings > Messages > Unknown & Spam. There are no crashes or error logs reported on the affected device. The issue is consistently reproducible — it works on one device but not the other. We’re wondering if this could be a regression or a device-specific behavior change introduced in iOS 16.7. Has anyone encountered similar inconsistencies in Message Filter extensions across different iOS versions or device models? Any guidance or suggestions would be greatly appreciated. Thanks in advance!