Hello everyone,
I'm facing a critical, blocking issue where my developer account (Team ID: K655PX7A46) is unable to generate a valid provisioning profile with the App Attest entitlement. I have confirmed this is a server-side issue and am hoping to get visibility from an Apple engineer who can investigate.
The Problem: When I generate a provisioning profile for an App ID with the "App Attest" capability enabled, the resulting profile is defective. It is missing the required com.apple.developer.app-attest.environment key in its entitlements dictionary, causing Xcode to fail the build.
What I Have Proven:
The issue is not a misconfiguration. The App Attest capability is correctly enabled and saved on the App ID configuration page. The issue is not isolated to one App ID. I created a brand new App ID from scratch, enabled the capability during creation, and the server still generates a defective profile with the same missing entitlement. I have definitive proof by inspecting the downloaded .mobileprovision file. The contents confirm the required key is missing. Steps to Reproduce on My Account:
Create a new App ID on the Developer Portal. Enable the "App Attest" capability and save. Generate a new "iOS App Development" provisioning profile for this App ID. Download the profile and inspect its contents via security cms -D -i [profile]. Observe that the com.apple.developer.app-attest.environment key is missing. The Evidence (Contents of the Defective Profile): Here is the output from inspecting the profile for a brand new App ID (com.technology519.linksi.app2). As you can see, the correct entitlement is missing, and an incorrect devicecheck entitlement is present instead.
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>AppIDName</key> <string>linksi app id2</string> <key>ApplicationIdentifierPrefix</key> <array> <string>K655PX7A46</string> </array> <key>CreationDate</key> <date>2025-10-13T00:27:32Z</date> <key>Platform</key> <array> <string>iOS</string> <string>xrOS</string> <string>visionOS</string> </array> <key>IsXcodeManaged</key> <false/> <key>Entitlements</key> <dict> <key>aps-environment</key> <string>development</string> <key>com.apple.developer.associated-domains</key> <string></string> <key>com.apple.developer.devicecheck.app-attest-opt-in</key> <array> <string>CDhash</string> </array> <key>application-identifier</key> <string>K655PX7A46.com.technology519.linksi.app2</string> <key>keychain-access-groups</key> <array> <string>K655PX7A46.</string> <string>com.apple.token</string> </array> <key>get-task-allow</key> <true/> <key>com.apple.developer.team-identifier</key> <string>K655PX7A46</string> <key>com.apple.developer.devicecheck.appattest-environment</key> <array> <string>development</string> <string>production</string> </array> <key>com.apple.developer.applesignin</key> <array> <string>Default</string> </array> </dict> <key>ExpirationDate</key> <date>2026-10-13T00:27:32Z</date> <key>Name</key> <string>K655PX7A46.com.technology519.linksi.app2 Prov2</string> <key>TeamIdentifier</key> <array> <string>K655PX7A46</string> </array> <key>TeamName</key> <string>giuseppe pellegrino</string> <key>TimeToLive</key> <integer>365</integer> <key>UUID</key> <string>5ee25291-6526-444b-b690-fc503c0e7824</string> <key>Version</key> <integer>1</integer> </dict> </plist>
This is a critical bug in the provisioning profile generation service for my account that is blocking all development. I have already filed a support ticket (Case #102721408444) but have so far only received generic, unhelpful responses.
Can an Apple engineer please investigate this server-side issue with my account?
Thank you.
